v1.0: Backport of #8939 (#8957 )

automerge
CLI: Add multi-session signing support (#8927 ) (#8953 )
2020-03-19 02:08:36 -07:00 · 2020-03-18 23:39:44 -07:00 · 2020-03-18 22:33:05 -07:00 · 2020-03-18 19:15:34 -07:00 · 2020-03-18 18:20:36 -07:00 · 2020-03-18 14:11:41 -07:00
283 changed files with 10501 additions and 5320 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -45,7 +45,7 @@ $ git pull --rebase upstream master

 If there are no functional changes, PRs can be very large and that's no
 problem. If, however, your changes are making meaningful changes or additions,
-then about 1.0.1 lines of changes is about the most you should ask a Solana
+then about 1000 lines of changes is about the most you should ask a Solana
 maintainer to review.

 ### Should I send small PRs as I develop large, new components?
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/README.md
+++ b/README.md
@ -9,20 +9,6 @@ Blockchain Rebuilt for Scale
 Solana&trade; is a new blockchain architecture built from the ground up for scale. The architecture supports
 up to 710 thousand transactions per second on a gigabit network.

-Disclaimer
-===
-
-All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the author's best effort.  It is up to the reader to check and validate their accuracy and truthfulness.  Furthermore nothing in this project constitutes a solicitation for investment.
-
-Introduction
-===
-
-It's possible for a centralized database to process 710,000 transactions per second on a standard gigabit network if the transactions are, on average, no more than 176 bytes. A centralized database can also replicate itself and maintain high availability without significantly compromising that transaction rate using the distributed system technique known as Optimistic Concurrency Control [\[H.T.Kung, J.T.Robinson (1981)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.4735). At Solana, we're demonstrating that these same theoretical limits apply just as well to blockchain on an adversarial network. The key ingredient? Finding a way to share time when nodes can't trust one-another. Once nodes can trust time, suddenly ~40 years of distributed systems research becomes applicable to blockchain!
-
-> Perhaps the most striking difference between algorithms obtained by our method and ones based upon timeout is that using timeout produces a traditional distributed algorithm in which the processes operate asynchronously, while our method produces a globally synchronous one in which every process does the same thing at (approximately) the same time. Our method seems to contradict the whole purpose of distributed processing, which is to permit different processes to operate independently and perform different functions. However, if a distributed system is really a single system, then the processes must be synchronized in some way. Conceptually, the easiest way to synchronize processes is to get them all to do the same thing at the same time. Therefore, our method is used to implement a kernel that performs the necessary synchronization--for example, making sure that two different processes do not try to modify a file at the same time. Processes might spend only a small fraction of their time executing the synchronizing kernel; the rest of the time, they can operate independently--e.g., accessing different files. This is an approach we have advocated even when fault-tolerance is not required. The method's basic simplicity makes it easier to understand the precise properties of a system, which is crucial if one is to know just how fault-tolerant the system is. [\[L.Lamport (1984)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.71.1078)
-
-Furthermore, and much to our surprise, it can be implemented using a mechanism that has existed in Bitcoin since day one. The Bitcoin feature is called nLocktime and it can be used to postdate transactions using block height instead of a timestamp. As a Bitcoin client, you'd use block height instead of a timestamp if you don't trust the network. Block height turns out to be an instance of what's being called a Verifiable Delay Function in cryptography circles. It's a cryptographically secure way to say time has passed. In Solana, we use a far more granular verifiable delay function, a SHA 256 hash chain, to checkpoint the ledger and coordinate consensus. With it, we implement Optimistic Concurrency Control and are now well en route towards that theoretical limit of 710,000 transactions per second.
-
 Documentation
 ===

@ -238,3 +224,8 @@ problem is solved by this code?" On the other hand, if a test does fail and you
 better way to solve the same problem, a Pull Request with your solution would most certainly be
 welcome! Likewise, if rewriting a test can better communicate what code it's protecting, please
 send us that patch!
+
+Disclaimer
+===
+
+All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the author's best effort.  It is up to the reader to check and validate their accuracy and truthfulness.  Furthermore nothing in this project constitutes a solicitation for investment.
--- a/archiver-lib/Cargo.toml
+++ b/archiver-lib/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-archiver-lib"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Archiver Library"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -15,22 +15,22 @@ ed25519-dalek = "=1.0.0-pre.1"
 log = "0.4.8"
 rand = "0.6.5"
 rand_chacha = "0.1.1"
-solana-client = { path = "../client", version = "1.0.1" }
-solana-storage-program = { path = "../programs/storage", version = "1.0.1" }
+solana-client = { path = "../client", version = "1.0.8" }
+solana-storage-program = { path = "../programs/storage", version = "1.0.8" }
 thiserror = "1.0"
 serde = "1.0.104"
 serde_json = "1.0.46"
 serde_derive = "1.0.103"
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-chacha = { path = "../chacha", version = "1.0.1" }
-solana-chacha-sys = { path = "../chacha-sys", version = "1.0.1" }
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-perf = { path = "../perf", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
-solana-core = { path = "../core", version = "1.0.1" }
-solana-archiver-utils = { path = "../archiver-utils", version = "1.0.1" }
-solana-metrics = { path = "../metrics", version = "1.0.1" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-chacha = { path = "../chacha", version = "1.0.8" }
+solana-chacha-sys = { path = "../chacha-sys", version = "1.0.8" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-perf = { path = "../perf", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-archiver-utils = { path = "../archiver-utils", version = "1.0.8" }
+solana-metrics = { path = "../metrics", version = "1.0.8" }

 [dev-dependencies]
 hex = "0.4.0"
--- a/archiver-lib/src/archiver.rs
+++ b/archiver-lib/src/archiver.rs
@ -47,7 +47,7 @@ use solana_storage_program::{
 };
 use std::{
    io::{self, ErrorKind},
-    net::{SocketAddr, UdpSocket},
+    net::{IpAddr, Ipv4Addr, SocketAddr, UdpSocket},
    path::{Path, PathBuf},
    result,
    sync::atomic::{AtomicBool, Ordering},
@ -211,12 +211,9 @@ impl Archiver {
        let client = solana_core::gossip_service::get_client(&nodes);

        info!("Setting up mining account...");
-        if let Err(e) = Self::setup_mining_account(
-            &client,
-            &keypair,
-            &storage_keypair,
-            client_commitment.clone(),
-        ) {
+        if let Err(e) =
+            Self::setup_mining_account(&client, &keypair, &storage_keypair, client_commitment)
+        {
            //shutdown services before exiting
            exit.store(true, Ordering::Relaxed);
            gossip_service.join()?;
@ -358,7 +355,7 @@ impl Archiver {
                &cluster_info,
                archiver_keypair,
                storage_keypair,
-                meta.client_commitment.clone(),
+                meta.client_commitment,
            );
        }
        exit.store(true, Ordering::Relaxed);
@ -374,7 +371,7 @@ impl Archiver {
        let client = solana_core::gossip_service::get_client(&nodes);

        if let Ok(Some(account)) =
-            client.get_account_with_commitment(&storage_keypair.pubkey(), client_commitment.clone())
+            client.get_account_with_commitment(&storage_keypair.pubkey(), client_commitment)
        {
            if let Ok(StorageContract::ArchiverStorage { validations, .. }) = account.state() {
                if !validations.is_empty() {
@ -382,8 +379,7 @@ impl Archiver {
                        &archiver_keypair.pubkey(),
                        &storage_keypair.pubkey(),
                    );
-                    let message =
-                        Message::new_with_payer(vec![ix], Some(&archiver_keypair.pubkey()));
+                    let message = Message::new_with_payer(&[ix], Some(&archiver_keypair.pubkey()));
                    if let Err(e) = client.send_message(&[archiver_keypair.as_ref()], message) {
                        error!("unable to redeem reward, tx failed: {:?}", e);
                    } else {
@ -415,7 +411,7 @@ impl Archiver {
        slot_sender: Sender<u64>,
    ) -> Result<WindowService> {
        let slots_per_segment =
-            match Self::get_segment_config(&cluster_info, meta.client_commitment.clone()) {
+            match Self::get_segment_config(&cluster_info, meta.client_commitment) {
                Ok(slots_per_segment) => slots_per_segment,
                Err(e) => {
                    error!("unable to get segment size configuration, exiting...");
@ -581,7 +577,7 @@ impl Archiver {
            &keypair.pubkey(),
            &Duration::from_millis(100),
            &Duration::from_secs(5),
-            client_commitment.clone(),
+            client_commitment,
        )? == 0
        {
            return Err(ArchiverError::EmptyStorageAccountBalance);
@ -589,16 +585,15 @@ impl Archiver {

        info!("checking storage account keypair...");
        // check if the storage account exists
-        let balance = client
-            .poll_get_balance_with_commitment(&storage_keypair.pubkey(), client_commitment.clone());
+        let balance =
+            client.poll_get_balance_with_commitment(&storage_keypair.pubkey(), client_commitment);
        if balance.is_err() || balance.unwrap() == 0 {
-            let blockhash =
-                match client.get_recent_blockhash_with_commitment(client_commitment.clone()) {
-                    Ok((blockhash, _)) => blockhash,
-                    Err(e) => {
-                        return Err(ArchiverError::TransportError(e));
-                    }
-                };
+            let blockhash = match client.get_recent_blockhash_with_commitment(client_commitment) {
+                Ok((blockhash, _)) => blockhash,
+                Err(e) => {
+                    return Err(ArchiverError::TransportError(e));
+                }
+            };

            let ix = storage_instruction::create_storage_account(
                &keypair.pubkey(),
@ -617,6 +612,7 @@ impl Archiver {
                        ErrorKind::Other,
                        "setup_mining_account: signature not found",
                    ),
+                    TransportError::Custom(e) => io::Error::new(ErrorKind::Other, e),
                })?;
        }
        Ok(())
@ -631,32 +627,27 @@ impl Archiver {
        // No point if we've got no storage account...
        let nodes = cluster_info.read().unwrap().tvu_peers();
        let client = solana_core::gossip_service::get_client(&nodes);
-        let storage_balance = client.poll_get_balance_with_commitment(
-            &storage_keypair.pubkey(),
-            meta.client_commitment.clone(),
-        );
+        let storage_balance = client
+            .poll_get_balance_with_commitment(&storage_keypair.pubkey(), meta.client_commitment);
        if storage_balance.is_err() || storage_balance.unwrap() == 0 {
            error!("Unable to submit mining proof, no storage account");
            return;
        }
        // ...or no lamports for fees
-        let balance = client.poll_get_balance_with_commitment(
-            &archiver_keypair.pubkey(),
-            meta.client_commitment.clone(),
-        );
+        let balance = client
+            .poll_get_balance_with_commitment(&archiver_keypair.pubkey(), meta.client_commitment);
        if balance.is_err() || balance.unwrap() == 0 {
            error!("Unable to submit mining proof, insufficient Archiver Account balance");
            return;
        }

-        let blockhash =
-            match client.get_recent_blockhash_with_commitment(meta.client_commitment.clone()) {
-                Ok((blockhash, _)) => blockhash,
-                Err(_) => {
-                    error!("unable to get recent blockhash, can't submit proof");
-                    return;
-                }
-            };
+        let blockhash = match client.get_recent_blockhash_with_commitment(meta.client_commitment) {
+            Ok((blockhash, _)) => blockhash,
+            Err(_) => {
+                error!("unable to get recent blockhash, can't submit proof");
+                return;
+            }
+        };
        let instruction = storage_instruction::mining_proof(
            &storage_keypair.pubkey(),
            meta.sha_state,
@ -664,7 +655,7 @@ impl Archiver {
            Signature::new(&meta.signature.as_ref()),
            meta.blockhash,
        );
-        let message = Message::new_with_payer(vec![instruction], Some(&archiver_keypair.pubkey()));
+        let message = Message::new_with_payer(&[instruction], Some(&archiver_keypair.pubkey()));
        let mut transaction = Transaction::new(
            &[archiver_keypair.as_ref(), storage_keypair.as_ref()],
            message,
@ -813,14 +804,15 @@ impl Archiver {
        blockstore: &Arc<Blockstore>,
        slots_per_segment: u64,
    ) -> Result<u64> {
+        let ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
        // Create a client which downloads from the archiver and see that it
        // can respond with shreds.
-        let start_slot = Self::get_archiver_segment_slot(archiver_info.storage_addr);
+        let start_slot = Self::get_archiver_segment_slot(ip_addr, archiver_info.storage_addr);
        info!("Archiver download: start at {}", start_slot);

        let exit = Arc::new(AtomicBool::new(false));
        let (s_reader, r_reader) = channel();
-        let repair_socket = Arc::new(bind_in_range(VALIDATOR_PORT_RANGE).unwrap().1);
+        let repair_socket = Arc::new(bind_in_range(ip_addr, VALIDATOR_PORT_RANGE).unwrap().1);
        let t_receiver = receiver(
            repair_socket.clone(),
            &exit,
@ -917,8 +909,8 @@ impl Archiver {
        true
    }

-    fn get_archiver_segment_slot(to: SocketAddr) -> u64 {
-        let (_port, socket) = bind_in_range(VALIDATOR_PORT_RANGE).unwrap();
+    fn get_archiver_segment_slot(bind_ip_addr: IpAddr, to: SocketAddr) -> u64 {
+        let (_port, socket) = bind_in_range(bind_ip_addr, VALIDATOR_PORT_RANGE).unwrap();
        socket
            .set_read_timeout(Some(Duration::from_secs(5)))
            .unwrap();
--- a/archiver-utils/Cargo.toml
+++ b/archiver-utils/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-archiver-utils"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Archiver Utils"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -11,12 +11,12 @@ edition = "2018"
 [dependencies]
 log = "0.4.8"
 rand = "0.6.5"
-solana-chacha = { path = "../chacha", version = "1.0.1" }
-solana-chacha-sys = { path = "../chacha-sys", version = "1.0.1" }
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-perf = { path = "../perf", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-chacha = { path = "../chacha", version = "1.0.8" }
+solana-chacha-sys = { path = "../chacha-sys", version = "1.0.8" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-perf = { path = "../perf", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }

 [dev-dependencies]
 hex = "0.4.0"
--- a/archiver/Cargo.toml
+++ b/archiver/Cargo.toml
@ -2,7 +2,7 @@
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-archiver"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -10,11 +10,11 @@ homepage = "https://solana.com/"
 [dependencies]
 clap = "2.33.0"
 console = "0.9.2"
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-core = { path = "../core", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-metrics = { path = "../metrics", version = "1.0.1" }
-solana-archiver-lib = { path = "../archiver-lib", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-metrics = { path = "../metrics", version = "1.0.8" }
+solana-archiver-lib = { path = "../archiver-lib", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }

--- a/archiver/src/main.rs
+++ b/archiver/src/main.rs
@ -2,18 +2,22 @@ use clap::{crate_description, crate_name, App, Arg};
 use console::style;
 use solana_archiver_lib::archiver::Archiver;
 use solana_clap_utils::{
-    input_validators::is_keypair,
-    keypair::{
-        self, keypair_input, KeypairWithSource, ASK_SEED_PHRASE_ARG,
-        SKIP_SEED_PHRASE_VALIDATION_ARG,
-    },
+    input_parsers::keypair_of, input_validators::is_keypair_or_ask_keyword,
+    keypair::SKIP_SEED_PHRASE_VALIDATION_ARG,
 };
 use solana_core::{
    cluster_info::{Node, VALIDATOR_PORT_RANGE},
    contact_info::ContactInfo,
 };
-use solana_sdk::{commitment_config::CommitmentConfig, signature::Signer};
-use std::{net::SocketAddr, path::PathBuf, process::exit, sync::Arc};
+use solana_sdk::{
+    commitment_config::CommitmentConfig,
+    signature::{Keypair, Signer},
+};
+use std::{
+    net::{IpAddr, Ipv4Addr, SocketAddr},
+    path::PathBuf,
+    sync::Arc,
+};

 fn main() {
    solana_logger::setup();
@ -24,10 +28,10 @@ fn main() {
        .arg(
            Arg::with_name("identity_keypair")
                .short("i")
-                .long("identity-keypair")
+                .long("identity")
                .value_name("PATH")
                .takes_value(true)
-                .validator(is_keypair)
+                .validator(is_keypair_or_ask_keyword)
                .help("File containing an identity (keypair)"),
        )
        .arg(
@ -55,48 +59,27 @@ fn main() {
                .long("storage-keypair")
                .value_name("PATH")
                .takes_value(true)
-                .validator(is_keypair)
+                .validator(is_keypair_or_ask_keyword)
                .help("File containing the storage account keypair"),
        )
-        .arg(
-            Arg::with_name(ASK_SEED_PHRASE_ARG.name)
-                .long(ASK_SEED_PHRASE_ARG.long)
-                .value_name("KEYPAIR NAME")
-                .multiple(true)
-                .takes_value(true)
-                .possible_values(&["identity-keypair", "storage-keypair"])
-                .help(ASK_SEED_PHRASE_ARG.help),
-        )
        .arg(
            Arg::with_name(SKIP_SEED_PHRASE_VALIDATION_ARG.name)
                .long(SKIP_SEED_PHRASE_VALIDATION_ARG.long)
-                .requires(ASK_SEED_PHRASE_ARG.name)
                .help(SKIP_SEED_PHRASE_VALIDATION_ARG.help),
        )
        .get_matches();

    let ledger_path = PathBuf::from(matches.value_of("ledger").unwrap());

-    let identity_keypair = keypair_input(&matches, "identity_keypair")
-        .unwrap_or_else(|err| {
-            eprintln!("Identity keypair input failed: {}", err);
-            exit(1);
-        })
-        .keypair;
-    let KeypairWithSource {
-        keypair: storage_keypair,
-        source: storage_keypair_source,
-    } = keypair_input(&matches, "storage_keypair").unwrap_or_else(|err| {
-        eprintln!("Storage keypair input failed: {}", err);
-        exit(1);
-    });
-    if storage_keypair_source == keypair::Source::Generated {
+    let identity_keypair = keypair_of(&matches, "identity_keypair").unwrap_or_else(Keypair::new);
+
+    let storage_keypair = keypair_of(&matches, "storage_keypair").unwrap_or_else(|| {
        clap::Error::with_description(
            "The `storage-keypair` argument was not found",
            clap::ErrorKind::ArgumentNotFound,
        )
        .exit();
-    }
+    });

    let entrypoint_addr = matches
        .value_of("entrypoint")
@ -116,6 +99,7 @@ fn main() {
        &identity_keypair.pubkey(),
        &gossip_addr,
        VALIDATOR_PORT_RANGE,
+        IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)),
    );

    println!(
--- a/banking-bench/Cargo.toml
+++ b/banking-bench/Cargo.toml
@ -2,7 +2,7 @@
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-banking-bench"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -10,11 +10,11 @@ homepage = "https://solana.com/"
 [dependencies]
 log = "0.4.6"
 rayon = "1.2.0"
-solana-core = { path = "../core", version = "1.0.1" }
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-runtime = { path = "../runtime", version = "1.0.1" }
-solana-measure = { path = "../measure", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-runtime = { path = "../runtime", version = "1.0.8" }
+solana-measure = { path = "../measure", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
 rand = "0.6.5"
 crossbeam-channel = "0.3"
--- a/bench-exchange/Cargo.toml
+++ b/bench-exchange/Cargo.toml
@ -2,7 +2,7 @@
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-bench-exchange"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -18,17 +18,17 @@ rand = "0.6.5"
 rayon = "1.2.0"
 serde_json = "1.0.46"
 serde_yaml = "0.8.11"
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-core = { path = "../core", version = "1.0.1" }
-solana-genesis = { path = "../genesis", version = "1.0.1" }
-solana-client = { path = "../client", version = "1.0.1" }
-solana-faucet = { path = "../faucet", version = "1.0.1" }
-solana-exchange-program = { path = "../programs/exchange", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-metrics = { path = "../metrics", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-runtime = { path = "../runtime", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-genesis = { path = "../genesis", version = "1.0.8" }
+solana-client = { path = "../client", version = "1.0.8" }
+solana-faucet = { path = "../faucet", version = "1.0.8" }
+solana-exchange-program = { path = "../programs/exchange", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-metrics = { path = "../metrics", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-runtime = { path = "../runtime", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }

 [dev-dependencies]
-solana-local-cluster = { path = "../local-cluster", version = "1.0.1" }
+solana-local-cluster = { path = "../local-cluster", version = "1.0.8" }
--- a/bench-streamer/Cargo.toml
+++ b/bench-streamer/Cargo.toml
@ -2,14 +2,14 @@
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-bench-streamer"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"

 [dependencies]
 clap = "2.33.0"
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-core = { path = "../core", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
--- a/bench-streamer/src/main.rs
+++ b/bench-streamer/src/main.rs
@ -67,7 +67,8 @@ fn main() -> Result<()> {
    }

    let mut port = 0;
-    let mut addr = SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 0);
+    let ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
+    let mut addr = SocketAddr::new(ip_addr, 0);

    let exit = Arc::new(AtomicBool::new(false));

@ -75,7 +76,7 @@ fn main() -> Result<()> {
    let mut read_threads = Vec::new();
    let recycler = PacketsRecycler::default();
    for _ in 0..num_sockets {
-        let read = solana_net_utils::bind_to(port, false).unwrap();
+        let read = solana_net_utils::bind_to(ip_addr, port, false).unwrap();
        read.set_read_timeout(Some(Duration::new(1, 0))).unwrap();

        addr = read.local_addr().unwrap();
--- a/bench-tps/Cargo.toml
+++ b/bench-tps/Cargo.toml
@ -2,7 +2,7 @@
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-bench-tps"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -14,24 +14,24 @@ log = "0.4.8"
 rayon = "1.2.0"
 serde_json = "1.0.46"
 serde_yaml = "0.8.11"
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-core = { path = "../core", version = "1.0.1" }
-solana-genesis = { path = "../genesis", version = "1.0.1" }
-solana-client = { path = "../client", version = "1.0.1" }
-solana-faucet = { path = "../faucet", version = "1.0.1" }
-solana-librapay = { path = "../programs/librapay", version = "1.0.1", optional = true }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-metrics = { path = "../metrics", version = "1.0.1" }
-solana-measure = { path = "../measure", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-runtime = { path = "../runtime", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
-solana-move-loader-program = { path = "../programs/move_loader", version = "1.0.1", optional = true }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-genesis = { path = "../genesis", version = "1.0.8" }
+solana-client = { path = "../client", version = "1.0.8" }
+solana-faucet = { path = "../faucet", version = "1.0.8" }
+solana-librapay = { path = "../programs/librapay", version = "1.0.8", optional = true }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-metrics = { path = "../metrics", version = "1.0.8" }
+solana-measure = { path = "../measure", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-runtime = { path = "../runtime", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+solana-move-loader-program = { path = "../programs/move_loader", version = "1.0.8", optional = true }

 [dev-dependencies]
 serial_test = "0.3.2"
 serial_test_derive = "0.4.0"
-solana-local-cluster = { path = "../local-cluster", version = "1.0.1" }
+solana-local-cluster = { path = "../local-cluster", version = "1.0.8" }

 [features]
 move = ["solana-librapay", "solana-move-loader-program"]
--- a/bench-tps/src/bench.rs
+++ b/bench-tps/src/bench.rs
@ -1059,8 +1059,8 @@ pub fn generate_and_fund_keypairs<T: 'static + Client + Send + Sync>(
    //   pay for the transaction fees in a new run.
    let enough_lamports = 8 * lamports_per_account / 10;
    if first_keypair_balance < enough_lamports || last_keypair_balance < enough_lamports {
-        let (_blockhash, fee_calculator) = get_recent_blockhash(client.as_ref());
-        let max_fee = fee_calculator.max_lamports_per_signature;
+        let fee_rate_governor = client.get_fee_rate_governor().unwrap();
+        let max_fee = fee_rate_governor.max_lamports_per_signature;
        let extra_fees = extra * max_fee;
        let total_keypairs = keypairs.len() as u64 + 1; // Add one for funding keypair
        let mut total = lamports_per_account * total_keypairs + extra_fees;
@ -1134,7 +1134,7 @@ mod tests {
    use solana_runtime::bank::Bank;
    use solana_runtime::bank_client::BankClient;
    use solana_sdk::client::SyncClient;
-    use solana_sdk::fee_calculator::FeeCalculator;
+    use solana_sdk::fee_calculator::FeeRateGovernor;
    use solana_sdk::genesis_config::create_genesis_config;

    #[test]
@ -1181,8 +1181,8 @@ mod tests {
    #[test]
    fn test_bench_tps_fund_keys_with_fees() {
        let (mut genesis_config, id) = create_genesis_config(10_000);
-        let fee_calculator = FeeCalculator::new(11, 0);
-        genesis_config.fee_calculator = fee_calculator;
+        let fee_rate_governor = FeeRateGovernor::new(11, 0);
+        genesis_config.fee_rate_governor = fee_rate_governor;
        let bank = Bank::new(&genesis_config);
        let client = Arc::new(BankClient::new(bank));
        let keypair_count = 20;
--- a/bench-tps/src/cli.rs
+++ b/bench-tps/src/cli.rs
@ -1,6 +1,6 @@
 use clap::{crate_description, crate_name, App, Arg, ArgMatches};
 use solana_faucet::faucet::FAUCET_PORT;
-use solana_sdk::fee_calculator::FeeCalculator;
+use solana_sdk::fee_calculator::FeeRateGovernor;
 use solana_sdk::signature::{read_keypair_file, Keypair};
 use std::{net::SocketAddr, process::exit, time::Duration};

@ -43,7 +43,7 @@ impl Default for Config {
            client_ids_and_stake_file: String::new(),
            write_to_client_file: false,
            read_from_client_file: false,
-            target_lamports_per_signature: FeeCalculator::default().target_lamports_per_signature,
+            target_lamports_per_signature: FeeRateGovernor::default().target_lamports_per_signature,
            multi_client: true,
            use_move: false,
            num_lamports_per_account: NUM_LAMPORTS_PER_ACCOUNT_DEFAULT,
--- a/bench-tps/src/main.rs
+++ b/bench-tps/src/main.rs
@ -3,7 +3,7 @@ use solana_bench_tps::bench::{do_bench_tps, generate_and_fund_keypairs, generate
 use solana_bench_tps::cli;
 use solana_core::gossip_service::{discover_cluster, get_client, get_multi_client};
 use solana_genesis::Base64Account;
-use solana_sdk::fee_calculator::FeeCalculator;
+use solana_sdk::fee_calculator::FeeRateGovernor;
 use solana_sdk::signature::{Keypair, Signer};
 use solana_sdk::system_program;
 use std::{collections::HashMap, fs::File, io::prelude::*, path::Path, process::exit, sync::Arc};
@ -41,7 +41,7 @@ fn main() {
        let (keypairs, _) = generate_keypairs(&id, keypair_count as u64);
        let num_accounts = keypairs.len() as u64;
        let max_fee =
-            FeeCalculator::new(*target_lamports_per_signature, 0).max_lamports_per_signature;
+            FeeRateGovernor::new(*target_lamports_per_signature, 0).max_lamports_per_signature;
        let num_lamports_per_account = (num_accounts - 1 + NUM_SIGNATURES_FOR_TXS * max_fee)
            / num_accounts
            + num_lamports_per_account;
--- a/chacha-cuda/Cargo.toml
+++ b/chacha-cuda/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-chacha-cuda"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Chacha Cuda APIs"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -10,12 +10,12 @@ edition = "2018"

 [dependencies]
 log = "0.4.8"
-solana-archiver-utils = { path = "../archiver-utils", version = "1.0.1" }
-solana-chacha = { path = "../chacha", version = "1.0.1" }
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-perf = { path = "../perf", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-archiver-utils = { path = "../archiver-utils", version = "1.0.8" }
+solana-chacha = { path = "../chacha", version = "1.0.8" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-perf = { path = "../perf", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }

 [dev-dependencies]
 hex-literal = "0.2.1"
--- a/chacha-sys/Cargo.toml
+++ b/chacha-sys/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-chacha-sys"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana chacha-sys"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
--- a/chacha/Cargo.toml
+++ b/chacha/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-chacha"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Chacha APIs"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -12,11 +12,11 @@ edition = "2018"
 log = "0.4.8"
 rand = "0.6.5"
 rand_chacha = "0.1.1"
-solana-chacha-sys = { path = "../chacha-sys", version = "1.0.1" }
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-perf = { path = "../perf", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-chacha-sys = { path = "../chacha-sys", version = "1.0.8" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-perf = { path = "../perf", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }

 [dev-dependencies]
 hex-literal = "0.2.1"
--- a/ci/buildkite.yml
+++ b/ci/buildkite.yml
@ -22,16 +22,20 @@ steps:
    name: "stable"
    timeout_in_minutes: 60
    artifact_paths: "log-*.txt"
+    agents:
+      - "queue=rpc-test-capable"
  - command: ". ci/rust-version.sh; ci/docker-run.sh $$rust_stable_docker_image ci/test-move.sh"
    name: "move"
    timeout_in_minutes: 20
  - command: ". ci/rust-version.sh; ci/docker-run.sh $$rust_stable_docker_image ci/test-local-cluster.sh"
    name: "local-cluster"
-    timeout_in_minutes: 30
+    timeout_in_minutes: 45
    artifact_paths: "log-*.txt"
  - command: ". ci/rust-version.sh; ci/docker-run.sh $$rust_nightly_docker_image ci/test-coverage.sh"
    name: "coverage"
    timeout_in_minutes: 30
+    agents:
+      - "queue=rpc-test-capable"
  - wait
  - trigger: "solana-secondary"
    branches: "!pull/*"
--- a/ci/docker-run.sh
+++ b/ci/docker-run.sh
@ -67,6 +67,7 @@ ARGS+=(
  --env BUILDKITE_JOB_ID
  --env CI
  --env CI_BRANCH
+  --env CI_TAG
  --env CI_BUILD_ID
  --env CI_COMMIT
  --env CI_JOB_ID
--- a/ci/docker-rust-nightly/Dockerfile
+++ b/ci/docker-rust-nightly/Dockerfile
@ -1,4 +1,4 @@
-FROM solanalabs/rust:1.41.1
+FROM solanalabs/rust:1.42.0
 ARG date

 RUN set -x \
--- a/ci/docker-rust-nightly/README.md
+++ b/ci/docker-rust-nightly/README.md
@ -15,6 +15,8 @@ To update the pinned version:
 1. Run `ci/docker-rust-nightly/build.sh` to rebuild the nightly image locally,
   or potentially `ci/docker-rust-nightly/build.sh YYYY-MM-DD` if there's a
   specific YYYY-MM-DD that is desired (default is today's build).
+   Check https://rust-lang.github.io/rustup-components-history/ for build
+   status
 1. Update `ci/rust-version.sh` to reflect the new nightly `YYY-MM-DD`
 1. Run `SOLANA_DOCKER_RUN_NOSETUID=1 ci/docker-run.sh --nopull solanalabs/rust-nightly:YYYY-MM-DD ci/test-coverage.sh`
   to confirm the new nightly image builds.  Fix any issues as needed
--- a/ci/docker-rust/Dockerfile
+++ b/ci/docker-rust/Dockerfile
@ -1,6 +1,6 @@
 # Note: when the rust version is changed also modify
 # ci/rust-version.sh to pick up the new image tag
-FROM rust:1.41.1
+FROM rust:1.42.0

 # Add Google Protocol Buffers for Libra's metrics library.
 ENV PROTOC_VERSION 3.8.0
--- a/ci/localnet-sanity.sh
+++ b/ci/localnet-sanity.sh
@ -178,7 +178,7 @@ startNodes() {

      (
        set -x
-        $solana_cli --keypair config/bootstrap-validator/identity-keypair.json \
+        $solana_cli --keypair config/bootstrap-validator/identity.json \
          --url http://127.0.0.1:8899 genesis-hash
      ) | tee genesis-hash.log
      maybeExpectedGenesisHash="--expected-genesis-hash $(tail -n1 genesis-hash.log)"
--- a/ci/publish-docs.sh
+++ b/ci/publish-docs.sh
@ -11,10 +11,10 @@ if [[ -n $CI_BRANCH ]]; then
    set -x
    (
      . ci/rust-version.sh stable
-      ci/docker-run.sh "$rust_stable_docker_image" make -C docs -B svg
+      ci/docker-run.sh "$rust_stable_docker_image" make -C docs
    )
-    # make a local commit for the svgs
-    git add -A -f docs/src/.gitbook/assets/.
+    # make a local commit for the svgs and generated/updated markdown
+    git add -f docs/src
    if ! git diff-index --quiet HEAD; then
      git config user.email maintainers@solana.com
      git config user.name "$me"
--- a/ci/rust-version.sh
+++ b/ci/rust-version.sh
@ -16,13 +16,13 @@
 if [[ -n $RUST_STABLE_VERSION ]]; then
  stable_version="$RUST_STABLE_VERSION"
 else
-  stable_version=1.41.1
+  stable_version=1.42.0
 fi

 if [[ -n $RUST_NIGHTLY_VERSION ]]; then
  nightly_version="$RUST_NIGHTLY_VERSION"
 else
-  nightly_version=2020-02-27
+  nightly_version=2020-03-12
 fi


--- a/clap-utils/Cargo.toml
+++ b/clap-utils/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-clap-utils"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana utilities for the clap"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -11,8 +11,9 @@ edition = "2018"
 [dependencies]
 clap = "2.33.0"
 rpassword = "4.0"
-solana-remote-wallet = { path = "../remote-wallet", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-remote-wallet = { path = "../remote-wallet", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+thiserror = "1.0.11"
 tiny-bip39 = "0.7.0"
 url = "2.1.0"
 chrono = "0.4"
--- a/clap-utils/src/input_parsers.rs
+++ b/clap-utils/src/input_parsers.rs
@ -1,9 +1,10 @@
 use crate::keypair::{
-    keypair_from_seed_phrase, signer_from_path, ASK_KEYWORD, SKIP_SEED_PHRASE_VALIDATION_ARG,
+    keypair_from_seed_phrase, pubkey_from_path, resolve_signer_from_path, signer_from_path,
+    ASK_KEYWORD, SKIP_SEED_PHRASE_VALIDATION_ARG,
 };
 use chrono::DateTime;
 use clap::ArgMatches;
-use solana_remote_wallet::remote_wallet::{DerivationPath, RemoteWalletManager};
+use solana_remote_wallet::remote_wallet::RemoteWalletManager;
 use solana_sdk::{
    clock::UnixTimestamp,
    native_token::sol_to_lamports,
@ -111,18 +112,54 @@ pub fn signer_of(
    }
 }

-pub fn lamports_of_sol(matches: &ArgMatches<'_>, name: &str) -> Option<u64> {
-    value_of(matches, name).map(sol_to_lamports)
+pub fn pubkey_of_signer(
+    matches: &ArgMatches<'_>,
+    name: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<Option<Pubkey>, Box<dyn std::error::Error>> {
+    if let Some(location) = matches.value_of(name) {
+        Ok(Some(pubkey_from_path(
+            matches,
+            location,
+            name,
+            wallet_manager,
+        )?))
+    } else {
+        Ok(None)
+    }
 }

-pub fn derivation_of(matches: &ArgMatches<'_>, name: &str) -> Option<DerivationPath> {
-    matches.value_of(name).map(|derivation_str| {
-        let derivation_str = derivation_str.replace("'", "");
-        let mut parts = derivation_str.split('/');
-        let account = parts.next().map(|account| account.parse::<u32>().unwrap());
-        let change = parts.next().map(|change| change.parse::<u32>().unwrap());
-        DerivationPath { account, change }
-    })
+pub fn pubkeys_of_multiple_signers(
+    matches: &ArgMatches<'_>,
+    name: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<Option<Vec<Pubkey>>, Box<dyn std::error::Error>> {
+    if let Some(pubkey_matches) = matches.values_of(name) {
+        let mut pubkeys: Vec<Pubkey> = vec![];
+        for signer in pubkey_matches {
+            pubkeys.push(pubkey_from_path(matches, signer, name, wallet_manager)?);
+        }
+        Ok(Some(pubkeys))
+    } else {
+        Ok(None)
+    }
+}
+
+pub fn resolve_signer(
+    matches: &ArgMatches<'_>,
+    name: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<Option<String>, Box<dyn std::error::Error>> {
+    Ok(resolve_signer_from_path(
+        matches,
+        matches.value_of(name).unwrap(),
+        name,
+        wallet_manager,
+    )?)
+}
+
+pub fn lamports_of_sol(matches: &ArgMatches<'_>, name: &str) -> Option<u64> {
+    value_of(matches, name).map(sol_to_lamports)
 }

 #[cfg(test)]
@ -299,40 +336,4 @@ mod tests {
            .get_matches_from(vec!["test", "--single", "0.03"]);
        assert_eq!(lamports_of_sol(&matches, "single"), Some(30000000));
    }
-
-    #[test]
-    fn test_derivation_of() {
-        let matches = app()
-            .clone()
-            .get_matches_from(vec!["test", "--single", "2/3"]);
-        assert_eq!(
-            derivation_of(&matches, "single"),
-            Some(DerivationPath {
-                account: Some(2),
-                change: Some(3)
-            })
-        );
-        assert_eq!(derivation_of(&matches, "another"), None);
-        let matches = app()
-            .clone()
-            .get_matches_from(vec!["test", "--single", "2"]);
-        assert_eq!(
-            derivation_of(&matches, "single"),
-            Some(DerivationPath {
-                account: Some(2),
-                change: None
-            })
-        );
-        assert_eq!(derivation_of(&matches, "another"), None);
-        let matches = app()
-            .clone()
-            .get_matches_from(vec!["test", "--single", "2'/3'"]);
-        assert_eq!(
-            derivation_of(&matches, "single"),
-            Some(DerivationPath {
-                account: Some(2),
-                change: Some(3)
-            })
-        );
-    }
 }
--- a/clap-utils/src/input_validators.rs
+++ b/clap-utils/src/input_validators.rs
@ -1,6 +1,7 @@
 use crate::keypair::{parse_keypair_path, KeypairUrl, ASK_KEYWORD};
 use chrono::DateTime;
 use solana_sdk::{
+    clock::Slot,
    hash::Hash,
    pubkey::Pubkey,
    signature::{read_keypair_file, Signature},
@ -11,7 +12,7 @@ use std::str::FromStr;
 pub fn is_pubkey(string: String) -> Result<(), String> {
    match string.parse::<Pubkey>() {
        Ok(_) => Ok(()),
-        Err(err) => Err(format!("{:?}", err)),
+        Err(err) => Err(format!("{}", err)),
    }
 }

@ -19,7 +20,7 @@ pub fn is_pubkey(string: String) -> Result<(), String> {
 pub fn is_hash(string: String) -> Result<(), String> {
    match string.parse::<Hash>() {
        Ok(_) => Ok(()),
-        Err(err) => Err(format!("{:?}", err)),
+        Err(err) => Err(format!("{}", err)),
    }
 }

@ -27,7 +28,7 @@ pub fn is_hash(string: String) -> Result<(), String> {
 pub fn is_keypair(string: String) -> Result<(), String> {
    read_keypair_file(&string)
        .map(|_| ())
-        .map_err(|err| format!("{:?}", err))
+        .map_err(|err| format!("{}", err))
 }

 // Return an error if a keypair file cannot be parsed
@ -37,7 +38,7 @@ pub fn is_keypair_or_ask_keyword(string: String) -> Result<(), String> {
    }
    read_keypair_file(&string)
        .map(|_| ())
-        .map_err(|err| format!("{:?}", err))
+        .map_err(|err| format!("{}", err))
 }

 // Return an error if string cannot be parsed as pubkey string or keypair file location
@ -45,18 +46,27 @@ pub fn is_pubkey_or_keypair(string: String) -> Result<(), String> {
    is_pubkey(string.clone()).or_else(|_| is_keypair(string))
 }

-// Return an error if string cannot be parsed as pubkey or keypair file or keypair ask keyword
-pub fn is_pubkey_or_keypair_or_ask_keyword(string: String) -> Result<(), String> {
-    is_pubkey(string.clone()).or_else(|_| is_keypair_or_ask_keyword(string))
-}
-
-pub fn is_valid_signer(string: String) -> Result<(), String> {
+// Return an error if string cannot be parsed as a pubkey string, or a valid Signer that can
+// produce a pubkey()
+pub fn is_valid_pubkey(string: String) -> Result<(), String> {
    match parse_keypair_path(&string) {
        KeypairUrl::Filepath(path) => is_keypair(path),
        _ => Ok(()),
    }
 }

+// Return an error if string cannot be parsed as a valid Signer. This is an alias of
+// `is_valid_pubkey`, and does accept pubkey strings, even though a Pubkey is not by itself
+// sufficient to sign a transaction.
+//
+// In the current offline-signing implementation, a pubkey is the valid input for a signer field
+// when paired with an offline `--signer` argument to provide a Presigner (pubkey + signature).
+// Clap validators can't check multiple fields at once, so the verification that a `--signer` is
+// also provided and correct happens in parsing, not in validation.
+pub fn is_valid_signer(string: String) -> Result<(), String> {
+    is_valid_pubkey(string)
+}
+
 // Return an error if string cannot be parsed as pubkey=signature string
 pub fn is_pubkey_sig(string: String) -> Result<(), String> {
    let mut signer = string.split('=');
@ -72,10 +82,10 @@ pub fn is_pubkey_sig(string: String) -> Result<(), String> {
                    .ok_or_else(|| "Malformed signer string".to_string())?,
            ) {
                Ok(_) => Ok(()),
-                Err(err) => Err(format!("{:?}", err)),
+                Err(err) => Err(format!("{}", err)),
            }
        }
-        Err(err) => Err(format!("{:?}", err)),
+        Err(err) => Err(format!("{}", err)),
    }
 }

@ -89,14 +99,20 @@ pub fn is_url(string: String) -> Result<(), String> {
                Err("no host provided".to_string())
            }
        }
-        Err(err) => Err(format!("{:?}", err)),
+        Err(err) => Err(format!("{}", err)),
    }
 }

+pub fn is_slot(slot: String) -> Result<(), String> {
+    slot.parse::<Slot>()
+        .map(|_| ())
+        .map_err(|e| format!("{}", e))
+}
+
 pub fn is_port(port: String) -> Result<(), String> {
    port.parse::<u16>()
        .map(|_| ())
-        .map_err(|e| format!("{:?}", e))
+        .map_err(|e| format!("{}", e))
 }

 pub fn is_valid_percentage(percentage: String) -> Result<(), String> {
@ -104,7 +120,7 @@ pub fn is_valid_percentage(percentage: String) -> Result<(), String> {
        .parse::<u8>()
        .map_err(|e| {
            format!(
-                "Unable to parse input percentage, provided: {}, err: {:?}",
+                "Unable to parse input percentage, provided: {}, err: {}",
                percentage, e
            )
        })
@ -134,7 +150,7 @@ pub fn is_amount(amount: String) -> Result<(), String> {
 pub fn is_rfc3339_datetime(value: String) -> Result<(), String> {
    DateTime::parse_from_rfc3339(&value)
        .map(|_| ())
-        .map_err(|e| format!("{:?}", e))
+        .map_err(|e| format!("{}", e))
 }

 pub fn is_derivation(value: String) -> Result<(), String> {
@ -145,7 +161,7 @@ pub fn is_derivation(value: String) -> Result<(), String> {
        .parse::<u32>()
        .map_err(|e| {
            format!(
-                "Unable to parse derivation, provided: {}, err: {:?}",
+                "Unable to parse derivation, provided: {}, err: {}",
                account, e
            )
        })
@ -153,7 +169,7 @@ pub fn is_derivation(value: String) -> Result<(), String> {
            if let Some(change) = parts.next() {
                change.parse::<u32>().map_err(|e| {
                    format!(
-                        "Unable to parse derivation, provided: {}, err: {:?}",
+                        "Unable to parse derivation, provided: {}, err: {}",
                        change, e
                    )
                })
--- a/clap-utils/src/keypair.rs
+++ b/clap-utils/src/keypair.rs
@ -1,10 +1,10 @@
 use crate::{
-    input_parsers::{derivation_of, pubkeys_sigs_of},
-    offline::SIGNER_ARG,
+    input_parsers::pubkeys_sigs_of,
+    offline::{SIGNER_ARG, SIGN_ONLY_ARG},
    ArgConstant,
 };
 use bip39::{Language, Mnemonic, Seed};
-use clap::{values_t, ArgMatches, Error, ErrorKind};
+use clap::ArgMatches;
 use rpassword::prompt_password_stderr;
 use solana_remote_wallet::{
    remote_keypair::generate_remote_keypair,
@ -14,7 +14,7 @@ use solana_sdk::{
    pubkey::Pubkey,
    signature::{
        keypair_from_seed, keypair_from_seed_phrase_and_passphrase, read_keypair,
-        read_keypair_file, Keypair, Presigner, Signature, Signer,
+        read_keypair_file, Keypair, NullSigner, Presigner, Signature, Signer,
    },
 };
 use std::{
@ -75,7 +75,14 @@ pub fn signer_from_path(
                false,
            )?))
        }
-        KeypairUrl::Filepath(path) => Ok(Box::new(read_keypair_file(&path)?)),
+        KeypairUrl::Filepath(path) => match read_keypair_file(&path) {
+            Err(e) => Err(std::io::Error::new(
+                std::io::ErrorKind::Other,
+                format!("could not find keypair file: {} error: {}", path, e),
+            )
+            .into()),
+            Ok(file) => Ok(Box::new(file)),
+        },
        KeypairUrl::Stdin => {
            let mut stdin = std::io::stdin();
            Ok(Box::new(read_keypair(&mut stdin)?))
@ -84,9 +91,9 @@ pub fn signer_from_path(
            if let Some(wallet_manager) = wallet_manager {
                Ok(Box::new(generate_remote_keypair(
                    path,
-                    derivation_of(matches, "derivation_path"),
                    wallet_manager,
                    matches.is_present("confirm_key"),
+                    keypair_name,
                )?))
            } else {
                Err(RemoteWalletError::NoDeviceFound.into())
@ -98,10 +105,12 @@ pub fn signer_from_path(
                .and_then(|presigners| presigner_from_pubkey_sigs(&pubkey, presigners));
            if let Some(presigner) = presigner {
                Ok(Box::new(presigner))
+            } else if matches.is_present(SIGN_ONLY_ARG.name) {
+                Ok(Box::new(NullSigner::new(&pubkey)))
            } else {
-                Err(Error::with_description(
-                    "Missing signature for supplied pubkey",
-                    ErrorKind::MissingRequiredArgument,
+                Err(std::io::Error::new(
+                    std::io::ErrorKind::Other,
+                    format!("missing signature for supplied pubkey: {}", pubkey),
                )
                .into())
            }
@ -109,39 +118,72 @@ pub fn signer_from_path(
    }
 }

+pub fn pubkey_from_path(
+    matches: &ArgMatches,
+    path: &str,
+    keypair_name: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<Pubkey, Box<dyn error::Error>> {
+    match parse_keypair_path(path) {
+        KeypairUrl::Pubkey(pubkey) => Ok(pubkey),
+        _ => Ok(signer_from_path(matches, path, keypair_name, wallet_manager)?.pubkey()),
+    }
+}
+
+pub fn resolve_signer_from_path(
+    matches: &ArgMatches,
+    path: &str,
+    keypair_name: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<Option<String>, Box<dyn error::Error>> {
+    match parse_keypair_path(path) {
+        KeypairUrl::Ask => {
+            let skip_validation = matches.is_present(SKIP_SEED_PHRASE_VALIDATION_ARG.name);
+            // This method validates the seed phrase, but returns `None` because there is no path
+            // on disk or to a device
+            keypair_from_seed_phrase(keypair_name, skip_validation, false).map(|_| None)
+        }
+        KeypairUrl::Filepath(path) => match read_keypair_file(&path) {
+            Err(e) => Err(std::io::Error::new(
+                std::io::ErrorKind::Other,
+                format!("could not find keypair file: {} error: {}", path, e),
+            )
+            .into()),
+            Ok(_) => Ok(Some(path.to_string())),
+        },
+        KeypairUrl::Stdin => {
+            let mut stdin = std::io::stdin();
+            // This method validates the keypair from stdin, but returns `None` because there is no
+            // path on disk or to a device
+            read_keypair(&mut stdin).map(|_| None)
+        }
+        KeypairUrl::Usb(path) => {
+            if let Some(wallet_manager) = wallet_manager {
+                let path = generate_remote_keypair(
+                    path,
+                    wallet_manager,
+                    matches.is_present("confirm_key"),
+                    keypair_name,
+                )
+                .map(|keypair| keypair.path)?;
+                Ok(Some(path))
+            } else {
+                Err(RemoteWalletError::NoDeviceFound.into())
+            }
+        }
+        _ => Ok(Some(path.to_string())),
+    }
+}
+
 // Keyword used to indicate that the user should be asked for a keypair seed phrase
 pub const ASK_KEYWORD: &str = "ASK";

-pub const ASK_SEED_PHRASE_ARG: ArgConstant<'static> = ArgConstant {
-    long: "ask-seed-phrase",
-    name: "ask_seed_phrase",
-    help: "Recover a keypair using a seed phrase and optional passphrase",
-};
-
 pub const SKIP_SEED_PHRASE_VALIDATION_ARG: ArgConstant<'static> = ArgConstant {
    long: "skip-seed-phrase-validation",
    name: "skip_seed_phrase_validation",
    help: "Skip validation of seed phrases. Use this if your phrase does not use the BIP39 official English word list",
 };

-#[derive(Debug, PartialEq)]
-pub enum Source {
-    Generated,
-    Path,
-    SeedPhrase,
-}
-
-pub struct KeypairWithSource {
-    pub keypair: Keypair,
-    pub source: Source,
-}
-
-impl KeypairWithSource {
-    fn new(keypair: Keypair, source: Source) -> Self {
-        Self { keypair, source }
-    }
-}
-
 /// Prompts user for a passphrase and then asks for confirmirmation to check for mistakes
 pub fn prompt_passphrase(prompt: &str) -> Result<String, Box<dyn error::Error>> {
    let passphrase = prompt_password_stderr(&prompt)?;
@ -195,47 +237,6 @@ pub fn keypair_from_seed_phrase(
    Ok(keypair)
 }

-/// Checks CLI arguments to determine whether a keypair should be:
-///   - inputted securely via stdin,
-///   - read in from a file,
-///   - or newly generated
-pub fn keypair_input(
-    matches: &clap::ArgMatches,
-    keypair_name: &str,
-) -> Result<KeypairWithSource, Box<dyn error::Error>> {
-    let ask_seed_phrase_matches =
-        values_t!(matches.values_of(ASK_SEED_PHRASE_ARG.name), String).unwrap_or_default();
-    let keypair_match_name = keypair_name.replace('-', "_");
-    if ask_seed_phrase_matches
-        .iter()
-        .any(|s| s.as_str() == keypair_name)
-    {
-        if matches.value_of(keypair_match_name).is_some() {
-            clap::Error::with_description(
-                &format!(
-                    "`--{} {}` cannot be used with `{} <PATH>`",
-                    ASK_SEED_PHRASE_ARG.long, keypair_name, keypair_name
-                ),
-                clap::ErrorKind::ArgumentConflict,
-            )
-            .exit();
-        }
-
-        let skip_validation = matches.is_present(SKIP_SEED_PHRASE_VALIDATION_ARG.name);
-        keypair_from_seed_phrase(keypair_name, skip_validation, true)
-            .map(|keypair| KeypairWithSource::new(keypair, Source::SeedPhrase))
-    } else if let Some(keypair_file) = matches.value_of(keypair_match_name) {
-        if keypair_file.starts_with("usb://") {
-            Ok(KeypairWithSource::new(Keypair::new(), Source::Path))
-        } else {
-            read_keypair_file(keypair_file)
-                .map(|keypair| KeypairWithSource::new(keypair, Source::Path))
-        }
-    } else {
-        Ok(KeypairWithSource::new(Keypair::new(), Source::Generated))
-    }
-}
-
 fn sanitize_seed_phrase(seed_phrase: &str) -> String {
    seed_phrase
        .split_whitespace()
@ -246,14 +247,6 @@ fn sanitize_seed_phrase(seed_phrase: &str) -> String {
 #[cfg(test)]
 mod tests {
    use super::*;
-    use clap::ArgMatches;
-
-    #[test]
-    fn test_keypair_input() {
-        let arg_matches = ArgMatches::default();
-        let KeypairWithSource { source, .. } = keypair_input(&arg_matches, "").unwrap();
-        assert_eq!(source, Source::Generated);
-    }

    #[test]
    fn test_sanitize_seed_phrase() {
--- a/clap-utils/src/lib.rs
+++ b/clap-utils/src/lib.rs
@ -1,3 +1,5 @@
+use thiserror::Error;
+
 #[macro_export]
 macro_rules! version {
    () => {
@ -23,6 +25,23 @@ pub struct ArgConstant<'a> {
    pub help: &'a str,
 }

+/// Error type for forwarding Errors out of `main()` of a `clap` app
+/// and still using the `Display` formatter
+#[derive(Error)]
+#[error("{0}")]
+pub struct DisplayError(Box<dyn std::error::Error>);
+impl DisplayError {
+    pub fn new_as_boxed(inner: Box<dyn std::error::Error>) -> Box<Self> {
+        DisplayError(inner).into()
+    }
+}
+
+impl std::fmt::Debug for DisplayError {
+    fn fmt(&self, fmt: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(fmt, "{}", self.0)
+    }
+}
+
 pub mod input_parsers;
 pub mod input_validators;
 pub mod keypair;
--- a/cli-config/Cargo.toml
+++ b/cli-config/Cargo.toml
@ -3,7 +3,7 @@ authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-cli-config"
 description = "Blockchain, Rebuilt for Scale"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -14,3 +14,4 @@ lazy_static = "1.4.0"
 serde = "1.0.104"
 serde_derive = "1.0.103"
 serde_yaml = "0.8.11"
+url = "2.1.1"
--- a/cli-config/src/config.rs
+++ b/cli-config/src/config.rs
@ -5,6 +5,7 @@ use std::{
    io::{self, Write},
    path::Path,
 };
+use url::Url;

 lazy_static! {
    pub static ref CONFIG_FILE: Option<String> = {
@ -15,20 +16,35 @@ lazy_static! {
    };
 }

-#[derive(Serialize, Deserialize, Default, Debug, PartialEq)]
+#[derive(Serialize, Deserialize, Debug, PartialEq)]
 pub struct Config {
-    pub url: String,
+    pub json_rpc_url: String,
+    pub websocket_url: String,
    pub keypair_path: String,
 }

-impl Config {
-    pub fn new(url: &str, keypair_path: &str) -> Self {
+impl Default for Config {
+    fn default() -> Self {
+        let keypair_path = {
+            let mut keypair_path = dirs::home_dir().expect("home directory");
+            keypair_path.extend(&[".config", "solana", "id.json"]);
+            keypair_path.to_str().unwrap().to_string()
+        };
+        let json_rpc_url = "http://127.0.0.1:8899".to_string();
+
+        // Empty websocket_url string indicates the client should
+        // `Config::compute_websocket_url(&json_rpc_url)`
+        let websocket_url = "".to_string();
+
        Self {
-            url: url.to_string(),
-            keypair_path: keypair_path.to_string(),
+            json_rpc_url,
+            websocket_url,
+            keypair_path,
        }
    }
+}

+impl Config {
    pub fn load(config_file: &str) -> Result<Self, io::Error> {
        let file = File::open(config_file.to_string())?;
        let config = serde_yaml::from_reader(file)
@ -48,4 +64,29 @@ impl Config {

        Ok(())
    }
+
+    pub fn compute_websocket_url(json_rpc_url: &str) -> String {
+        let json_rpc_url: Option<Url> = json_rpc_url.parse().ok();
+        if json_rpc_url.is_none() {
+            return "".to_string();
+        }
+        let json_rpc_url = json_rpc_url.unwrap();
+        let is_secure = json_rpc_url.scheme().to_ascii_lowercase() == "https";
+        let mut ws_url = json_rpc_url.clone();
+        ws_url
+            .set_scheme(if is_secure { "wss" } else { "ws" })
+            .expect("unable to set scheme");
+        let ws_port = match json_rpc_url.port() {
+            Some(port) => port + 1,
+            None => {
+                if is_secure {
+                    8901
+                } else {
+                    8900
+                }
+            }
+        };
+        ws_url.set_port(Some(ws_port)).expect("unable to set port");
+        ws_url.to_string()
+    }
 }
--- a/cli-config/src/lib.rs
+++ b/cli-config/src/lib.rs
@ -1,4 +1,5 @@
 #[macro_use]
 extern crate lazy_static;

-pub mod config;
+mod config;
+pub use config::{Config, CONFIG_FILE};
--- a/cli/Cargo.toml
+++ b/cli/Cargo.toml
@ -3,7 +3,7 @@ authors = ["Solana Maintainers <maintainers@solana.com>"]
 edition = "2018"
 name = "solana-cli"
 description = "Blockchain, Rebuilt for Scale"
-version = "1.0.1"
+version = "1.0.8"
 repository = "https://github.com/solana-labs/solana"
 license = "Apache-2.0"
 homepage = "https://solana.com/"
@ -26,27 +26,28 @@ reqwest = { version = "0.10.1", default-features = false, features = ["blocking"
 serde = "1.0.104"
 serde_derive = "1.0.103"
 serde_json = "1.0.46"
-solana-budget-program = { path = "../programs/budget", version = "1.0.1" }
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-cli-config = { path = "../cli-config", version = "1.0.1" }
-solana-client = { path = "../client", version = "1.0.1" }
-solana-config-program = { path = "../programs/config", version = "1.0.1" }
-solana-faucet = { path = "../faucet", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-remote-wallet = { path = "../remote-wallet", version = "1.0.1" }
-solana-runtime = { path = "../runtime", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
-solana-stake-program = { path = "../programs/stake", version = "1.0.1" }
-solana-storage-program = { path = "../programs/storage", version = "1.0.1" }
-solana-vote-program = { path = "../programs/vote", version = "1.0.1" }
-solana-vote-signer = { path = "../vote-signer", version = "1.0.1" }
+solana-budget-program = { path = "../programs/budget", version = "1.0.8" }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-cli-config = { path = "../cli-config", version = "1.0.8" }
+solana-client = { path = "../client", version = "1.0.8" }
+solana-config-program = { path = "../programs/config", version = "1.0.8" }
+solana-faucet = { path = "../faucet", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-remote-wallet = { path = "../remote-wallet", version = "1.0.8" }
+solana-runtime = { path = "../runtime", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+solana-stake-program = { path = "../programs/stake", version = "1.0.8" }
+solana-storage-program = { path = "../programs/storage", version = "1.0.8" }
+solana-vote-program = { path = "../programs/vote", version = "1.0.8" }
+solana-vote-signer = { path = "../vote-signer", version = "1.0.8" }
 titlecase = "1.1.0"
+thiserror = "1.0.11"
 url = "2.1.1"

 [dev-dependencies]
-solana-core = { path = "../core", version = "1.0.1" }
-solana-budget-program = { path = "../programs/budget", version = "1.0.1" }
+solana-core = { path = "../core", version = "1.0.8" }
+solana-budget-program = { path = "../programs/budget", version = "1.0.8" }
 tempfile = "3.1.0"

 [[bin]]
--- a/cli/src/cli.rs
+++ b/cli/src/cli.rs
--- a/cli/src/cluster_query.rs
+++ b/cli/src/cluster_query.rs
@ -56,9 +56,17 @@ impl ClusterQuerySubCommands for App<'_, '_> {
                        .index(1)
                        .takes_value(true)
                        .value_name("PUBKEY")
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .required(true)
                        .help("Identity pubkey of the validator"),
+                )
+                .arg(
+                    Arg::with_name("node_json_rpc_url")
+                        .index(2)
+                        .value_name("URL")
+                        .takes_value(true)
+                        .validator(is_url)
+                        .help("JSON RPC URL for validator, which is useful for validators with a private RPC service")
                ),
        )
        .subcommand(
@ -170,16 +178,7 @@ impl ClusterQuerySubCommands for App<'_, '_> {
        )
        .subcommand(
            SubCommand::with_name("live-slots")
-                .about("Show information about the current slot progression")
-                .arg(
-                    Arg::with_name("websocket_url")
-                        .short("w")
-                        .long("ws")
-                        .value_name("URL")
-                        .takes_value(true)
-                        .default_value("ws://127.0.0.1:8900")
-                        .help("WebSocket URL for PubSub RPC connection"),
-                ),
+                .about("Show information about the current slot progression"),
        )
        .subcommand(
            SubCommand::with_name("block-production")
@ -212,7 +211,7 @@ impl ClusterQuerySubCommands for App<'_, '_> {
                        .value_name("VOTE ACCOUNT PUBKEYS")
                        .takes_value(true)
                        .multiple(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Only show stake accounts delegated to the provided vote accounts"),
                )
                .arg(
@ -226,6 +225,14 @@ impl ClusterQuerySubCommands for App<'_, '_> {
            SubCommand::with_name("validators")
                .about("Show summary information about the current validators")
                .alias("show-validators")
+                .arg(
+                    Arg::with_name("confirmed")
+                        .long("confirmed")
+                        .takes_value(false)
+                        .help(
+                            "Return information at maximum-lockout commitment level",
+                        ),
+                )
                .arg(
                    Arg::with_name("lamports")
                        .long("lamports")
@ -236,10 +243,17 @@ impl ClusterQuerySubCommands for App<'_, '_> {
    }
 }

-pub fn parse_catchup(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
-    let node_pubkey = pubkey_of(matches, "node_pubkey").unwrap();
+pub fn parse_catchup(
+    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
+    let node_pubkey = pubkey_of_signer(matches, "node_pubkey", wallet_manager)?.unwrap();
+    let node_json_rpc_url = value_t!(matches, "node_json_rpc_url", String).ok();
    Ok(CliCommandInfo {
-        command: CliCommand::Catchup { node_pubkey },
+        command: CliCommand::Catchup {
+            node_pubkey,
+            node_json_rpc_url,
+        },
        signers: vec![],
    })
 }
@ -279,14 +293,6 @@ pub fn parse_cluster_ping(
    })
 }

-pub fn parse_live_slots(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
-    let url: String = value_t_or_exit!(matches, "websocket_url", String);
-    Ok(CliCommandInfo {
-        command: CliCommand::LiveSlots { url },
-        signers: vec![],
-    })
-}
-
 pub fn parse_get_block_time(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
    let slot = value_t_or_exit!(matches, "slot", u64);
    Ok(CliCommandInfo {
@ -331,9 +337,13 @@ pub fn parse_get_transaction_count(matches: &ArgMatches<'_>) -> Result<CliComman
    })
 }

-pub fn parse_show_stakes(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
+pub fn parse_show_stakes(
+    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
    let use_lamports_unit = matches.is_present("lamports");
-    let vote_account_pubkeys = pubkeys_of(matches, "vote_account_pubkeys");
+    let vote_account_pubkeys =
+        pubkeys_of_multiple_signers(matches, "vote_account_pubkeys", wallet_manager)?;

    Ok(CliCommandInfo {
        command: CliCommand::ShowStakes {
@ -346,9 +356,17 @@ pub fn parse_show_stakes(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, Cli

 pub fn parse_show_validators(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
    let use_lamports_unit = matches.is_present("lamports");
+    let commitment_config = if matches.is_present("confirmed") {
+        CommitmentConfig::default()
+    } else {
+        CommitmentConfig::recent()
+    };

    Ok(CliCommandInfo {
-        command: CliCommand::ShowValidators { use_lamports_unit },
+        command: CliCommand::ShowValidators {
+            use_lamports_unit,
+            commitment_config,
+        },
        signers: vec![],
    })
 }
@ -362,20 +380,42 @@ fn new_spinner_progress_bar() -> ProgressBar {
    progress_bar
 }

-pub fn process_catchup(rpc_client: &RpcClient, node_pubkey: &Pubkey) -> ProcessResult {
+pub fn process_catchup(
+    rpc_client: &RpcClient,
+    node_pubkey: &Pubkey,
+    node_json_rpc_url: &Option<String>,
+) -> ProcessResult {
    let cluster_nodes = rpc_client.get_cluster_nodes()?;

-    let rpc_addr = cluster_nodes
-        .iter()
-        .find(|contact_info| contact_info.pubkey == node_pubkey.to_string())
-        .ok_or_else(|| format!("Contact information not found for {}", node_pubkey))?
-        .rpc
-        .ok_or_else(|| format!("RPC service not found for {}", node_pubkey))?;
+    let node_client = if let Some(node_json_rpc_url) = node_json_rpc_url {
+        RpcClient::new(node_json_rpc_url.to_string())
+    } else {
+        RpcClient::new_socket(
+            cluster_nodes
+                .iter()
+                .find(|contact_info| contact_info.pubkey == node_pubkey.to_string())
+                .ok_or_else(|| format!("Contact information not found for {}", node_pubkey))?
+                .rpc
+                .ok_or_else(|| format!("RPC service not found for {}", node_pubkey))?,
+        )
+    };
+
+    let reported_node_pubkey = node_client.get_identity()?;
+    if reported_node_pubkey != *node_pubkey {
+        return Err(format!(
+            "The identity reported by node RPC URL does not match.  Expected: {:?}.  Reported: {:?}",
+            node_pubkey, reported_node_pubkey
+        )
+        .into());
+    }
+
+    if rpc_client.get_identity()? == *node_pubkey {
+        return Err("Both RPC URLs reference the same node, unable to monitor for catchup.  Try a different --url".into());
+    }

    let progress_bar = new_spinner_progress_bar();
    progress_bar.set_message("Connecting...");

-    let node_client = RpcClient::new_socket(rpc_addr);
    let mut previous_rpc_slot = std::u64::MAX;
    let mut previous_slot_distance = 0;
    let sleep_interval = 5;
@ -483,7 +523,7 @@ fn slot_to_human_time(slot: Slot) -> String {

 pub fn process_get_epoch_info(
    rpc_client: &RpcClient,
-    commitment_config: &CommitmentConfig,
+    commitment_config: CommitmentConfig,
 ) -> ProcessResult {
    let epoch_info = rpc_client.get_epoch_info_with_commitment(commitment_config.clone())?;
    println!();
@ -529,7 +569,7 @@ pub fn process_get_genesis_hash(rpc_client: &RpcClient) -> ProcessResult {

 pub fn process_get_slot(
    rpc_client: &RpcClient,
-    commitment_config: &CommitmentConfig,
+    commitment_config: CommitmentConfig,
 ) -> ProcessResult {
    let slot = rpc_client.get_slot_with_commitment(commitment_config.clone())?;
    Ok(slot.to_string())
@ -718,7 +758,7 @@ pub fn process_show_block_production(

 pub fn process_get_transaction_count(
    rpc_client: &RpcClient,
-    commitment_config: &CommitmentConfig,
+    commitment_config: CommitmentConfig,
 ) -> ProcessResult {
    let transaction_count =
        rpc_client.get_transaction_count_with_commitment(commitment_config.clone())?;
@ -732,7 +772,7 @@ pub fn process_ping(
    interval: &Duration,
    count: &Option<u64>,
    timeout: &Duration,
-    commitment_config: &CommitmentConfig,
+    commitment_config: CommitmentConfig,
 ) -> ProcessResult {
    let to = Keypair::new().pubkey();

@ -756,7 +796,7 @@ pub fn process_ping(
        last_blockhash = recent_blockhash;

        let ix = system_instruction::transfer(&config.signers[0].pubkey(), &to, lamports);
-        let message = Message::new(vec![ix]);
+        let message = Message::new(&[ix]);
        let mut transaction = Transaction::new_unsigned(message);
        transaction.try_sign(&config.signers, recent_blockhash)?;
        check_account_for_fee(
@ -873,6 +913,9 @@ pub fn process_live_slots(url: &str) -> ProcessResult {
    let (mut client, receiver) = PubsubClient::slot_subscribe(url)?;
    slot_progress.set_message("Connected.");

+    let spacer = "|";
+    slot_progress.println(spacer);
+
    let mut last_root = std::u64::MAX;
    let mut last_root_update = Instant::now();
    let mut slots_per_second = std::f64::NAN;
@ -918,17 +961,25 @@ pub fn process_live_slots(url: &str) -> ProcessResult {
                    //
                    if slot_delta != root_delta {
                        let prev_root = format!(
-                            "|<- {} <- … <- {} <- {}",
+                            "|<--- {} <- … <- {} <- {}   (prev)",
                            previous.root, previous.parent, previous.slot
-                        )
-                        .to_owned();
+                        );
                        slot_progress.println(&prev_root);
+
+                        let new_root = format!(
+                            "|  '- {} <- … <- {} <- {}   (next)",
+                            new_info.root, new_info.parent, new_info.slot
+                        );
+
+                        slot_progress.println(prev_root);
+                        slot_progress.println(new_root);
+                        slot_progress.println(spacer);
                    }
                }
                current = Some(new_info);
            }
            Err(err) => {
-                eprintln!("disconnected: {:?}", err);
+                eprintln!("disconnected: {}", err);
                break;
            }
        }
@ -1012,9 +1063,13 @@ pub fn process_show_stakes(
    Ok("".to_string())
 }

-pub fn process_show_validators(rpc_client: &RpcClient, use_lamports_unit: bool) -> ProcessResult {
-    let epoch_info = rpc_client.get_epoch_info()?;
-    let vote_accounts = rpc_client.get_vote_accounts()?;
+pub fn process_show_validators(
+    rpc_client: &RpcClient,
+    use_lamports_unit: bool,
+    commitment_config: CommitmentConfig,
+) -> ProcessResult {
+    let epoch_info = rpc_client.get_epoch_info_with_commitment(commitment_config)?;
+    let vote_accounts = rpc_client.get_vote_accounts_with_commitment(commitment_config)?;
    let total_active_stake = vote_accounts
        .current
        .iter()
--- a/cli/src/display.rs
+++ b/cli/src/display.rs
@ -1,5 +1,6 @@
+use crate::cli::SettingType;
 use console::style;
-use solana_sdk::transaction::Transaction;
+use solana_sdk::hash::Hash;

 // Pretty print a "name value"
 pub fn println_name_value(name: &str, value: &str) {
@ -11,26 +12,40 @@ pub fn println_name_value(name: &str, value: &str) {
    println!("{} {}", style(name).bold(), styled_value);
 }

-pub fn println_name_value_or(name: &str, value: &str, default_value: &str) {
-    if value == "" {
-        println!(
-            "{} {} {}",
-            style(name).bold(),
-            style(default_value),
-            style("(default)").italic()
-        );
-    } else {
-        println!("{} {}", style(name).bold(), style(value));
+pub fn println_name_value_or(name: &str, value: &str, setting_type: SettingType) {
+    let description = match setting_type {
+        SettingType::Explicit => "",
+        SettingType::Computed => "(computed)",
+        SettingType::SystemDefault => "(default)",
    };
+
+    println!(
+        "{} {} {}",
+        style(name).bold(),
+        style(value),
+        style(description).italic(),
+    );
 }

-pub fn println_signers(tx: &Transaction) {
+pub fn println_signers(
+    blockhash: &Hash,
+    signers: &[String],
+    absent: &[String],
+    bad_sig: &[String],
+) {
    println!();
-    println!("Blockhash: {}", tx.message.recent_blockhash);
-    println!("Signers (Pubkey=Signature):");
-    tx.signatures
-        .iter()
-        .zip(tx.message.account_keys.clone())
-        .for_each(|(signature, pubkey)| println!("  {:?}={:?}", pubkey, signature));
+    println!("Blockhash: {}", blockhash);
+    if !signers.is_empty() {
+        println!("Signers (Pubkey=Signature):");
+        signers.iter().for_each(|signer| println!("  {}", signer))
+    }
+    if !absent.is_empty() {
+        println!("Absent Signers (Pubkey):");
+        absent.iter().for_each(|pubkey| println!("  {}", pubkey))
+    }
+    if !bad_sig.is_empty() {
+        println!("Bad Signatures (Pubkey):");
+        bad_sig.iter().for_each(|pubkey| println!("  {}", pubkey))
+    }
    println!();
 }
--- a/cli/src/main.rs
+++ b/cli/src/main.rs
@ -2,15 +2,14 @@ use clap::{crate_description, crate_name, AppSettings, Arg, ArgGroup, ArgMatches
 use console::style;

 use solana_clap_utils::{
-    input_parsers::derivation_of,
-    input_validators::{is_derivation, is_url},
-    keypair::SKIP_SEED_PHRASE_VALIDATION_ARG,
+    input_validators::is_url, keypair::SKIP_SEED_PHRASE_VALIDATION_ARG, offline::SIGN_ONLY_ARG,
+    DisplayError,
 };
 use solana_cli::{
    cli::{app, parse_command, process_command, CliCommandInfo, CliConfig, CliSigners},
    display::{println_name_value, println_name_value_or},
 };
-use solana_cli_config::config::{Config, CONFIG_FILE};
+use solana_cli_config::{Config, CONFIG_FILE};
 use solana_remote_wallet::remote_wallet::{maybe_wallet_manager, RemoteWalletManager};
 use std::{error, sync::Arc};

@ -20,29 +19,31 @@ fn parse_settings(matches: &ArgMatches<'_>) -> Result<bool, Box<dyn error::Error
            ("get", Some(subcommand_matches)) => {
                if let Some(config_file) = matches.value_of("config_file") {
                    let config = Config::load(config_file).unwrap_or_default();
+
+                    let (url_setting_type, json_rpc_url) =
+                        CliConfig::compute_json_rpc_url_setting("", &config.json_rpc_url);
+                    let (ws_setting_type, websocket_url) = CliConfig::compute_websocket_url_setting(
+                        "",
+                        &config.websocket_url,
+                        "",
+                        &config.json_rpc_url,
+                    );
+                    let (keypair_setting_type, keypair_path) =
+                        CliConfig::compute_keypair_path_setting("", &config.keypair_path);
+
                    if let Some(field) = subcommand_matches.value_of("specific_setting") {
-                        let (field_name, value, default_value) = match field {
-                            "url" => ("RPC URL", config.url, CliConfig::default_json_rpc_url()),
-                            "keypair" => (
-                                "Key Path",
-                                config.keypair_path,
-                                CliConfig::default_keypair_path(),
-                            ),
+                        let (field_name, value, setting_type) = match field {
+                            "json_rpc_url" => ("RPC URL", json_rpc_url, url_setting_type),
+                            "websocket_url" => ("WebSocket URL", websocket_url, ws_setting_type),
+                            "keypair" => ("Key Path", keypair_path, keypair_setting_type),
                            _ => unreachable!(),
                        };
-                        println_name_value_or(&format!("{}:", field_name), &value, &default_value);
+                        println_name_value_or(&format!("{}:", field_name), &value, setting_type);
                    } else {
                        println_name_value("Config File:", config_file);
-                        println_name_value_or(
-                            "RPC URL:",
-                            &config.url,
-                            &CliConfig::default_json_rpc_url(),
-                        );
-                        println_name_value_or(
-                            "Keypair Path:",
-                            &config.keypair_path,
-                            &CliConfig::default_keypair_path(),
-                        );
+                        println_name_value_or("RPC URL:", &json_rpc_url, url_setting_type);
+                        println_name_value_or("WebSocket URL:", &websocket_url, ws_setting_type);
+                        println_name_value_or("Keypair Path:", &keypair_path, keypair_setting_type);
                    }
                } else {
                    println!(
@ -56,15 +57,34 @@ fn parse_settings(matches: &ArgMatches<'_>) -> Result<bool, Box<dyn error::Error
                if let Some(config_file) = matches.value_of("config_file") {
                    let mut config = Config::load(config_file).unwrap_or_default();
                    if let Some(url) = subcommand_matches.value_of("json_rpc_url") {
-                        config.url = url.to_string();
+                        config.json_rpc_url = url.to_string();
+                        // Revert to a computed `websocket_url` value when `json_rpc_url` is
+                        // changed
+                        config.websocket_url = "".to_string();
+                    }
+                    if let Some(url) = subcommand_matches.value_of("websocket_url") {
+                        config.websocket_url = url.to_string();
                    }
                    if let Some(keypair) = subcommand_matches.value_of("keypair") {
                        config.keypair_path = keypair.to_string();
                    }
                    config.save(config_file)?;
+
+                    let (url_setting_type, json_rpc_url) =
+                        CliConfig::compute_json_rpc_url_setting("", &config.json_rpc_url);
+                    let (ws_setting_type, websocket_url) = CliConfig::compute_websocket_url_setting(
+                        "",
+                        &config.websocket_url,
+                        "",
+                        &config.json_rpc_url,
+                    );
+                    let (keypair_setting_type, keypair_path) =
+                        CliConfig::compute_keypair_path_setting("", &config.keypair_path);
+
                    println_name_value("Config File:", config_file);
-                    println_name_value("RPC URL:", &config.url);
-                    println_name_value("Keypair Path:", &config.keypair_path);
+                    println_name_value_or("RPC URL:", &json_rpc_url, url_setting_type);
+                    println_name_value_or("WebSocket URL:", &websocket_url, ws_setting_type);
+                    println_name_value_or("Keypair Path:", &keypair_path, keypair_setting_type);
                } else {
                    println!(
                        "{} Either provide the `--config` arg or ensure home directory exists to use the default config location",
@ -89,22 +109,20 @@ pub fn parse_args<'a>(
    } else {
        Config::default()
    };
-    let json_rpc_url = if let Some(url) = matches.value_of("json_rpc_url") {
-        url.to_string()
-    } else if config.url != "" {
-        config.url
-    } else {
-        let default = CliConfig::default();
-        default.json_rpc_url
-    };
-
-    let default_signer_path = if matches.is_present("keypair") {
-        matches.value_of("keypair").unwrap().to_string()
-    } else if config.keypair_path != "" {
-        config.keypair_path
-    } else {
-        CliConfig::default_keypair_path()
-    };
+    let (_, json_rpc_url) = CliConfig::compute_json_rpc_url_setting(
+        matches.value_of("json_rpc_url").unwrap_or(""),
+        &config.json_rpc_url,
+    );
+    let (_, websocket_url) = CliConfig::compute_websocket_url_setting(
+        matches.value_of("websocket_url").unwrap_or(""),
+        &config.websocket_url,
+        matches.value_of("json_rpc_url").unwrap_or(""),
+        &config.json_rpc_url,
+    );
+    let (_, default_signer_path) = CliConfig::compute_keypair_path_setting(
+        matches.value_of("keypair").unwrap_or(""),
+        &config.keypair_path,
+    );

    let CliCommandInfo { command, signers } =
        parse_command(&matches, &default_signer_path, wallet_manager.as_ref())?;
@ -113,9 +131,9 @@ pub fn parse_args<'a>(
        CliConfig {
            command,
            json_rpc_url,
+            websocket_url,
            signers: vec![],
            keypair_path: default_signer_path,
-            derivation_path: derivation_of(matches, "derivation_path"),
            rpc_client: None,
            verbose: matches.is_present("verbose"),
        },
@ -134,7 +152,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
        let arg = Arg::with_name("config_file")
            .short("C")
            .long("config")
-            .value_name("PATH")
+            .value_name("FILEPATH")
            .takes_value(true)
            .global(true)
            .help("Configuration file to use");
@ -154,30 +172,30 @@ fn main() -> Result<(), Box<dyn error::Error>> {
            .validator(is_url)
            .help("JSON RPC URL for the solana cluster"),
    )
+    .arg(
+        Arg::with_name("websocket_url")
+            .long("ws")
+            .value_name("URL")
+            .takes_value(true)
+            .global(true)
+            .validator(is_url)
+            .help("WebSocket URL for the solana cluster"),
+    )
    .arg(
        Arg::with_name("keypair")
            .short("k")
            .long("keypair")
-            .value_name("PATH")
+            .value_name("KEYPAIR")
            .global(true)
            .takes_value(true)
-            .help("/path/to/id.json or usb://remote/wallet/path"),
-    )
-    .arg(
-        Arg::with_name("derivation_path")
-            .long("derivation-path")
-            .value_name("ACCOUNT or ACCOUNT/CHANGE")
-            .global(true)
-            .takes_value(true)
-            .validator(is_derivation)
-            .help("Derivation path to use: m/44'/501'/ACCOUNT'/CHANGE'; default key is device base pubkey: m/44'/501'/0'")
+            .help("Filepath or URL to a keypair"),
    )
    .arg(
        Arg::with_name("verbose")
            .long("verbose")
            .short("v")
            .global(true)
-            .help("Show extra information header"),
+            .help("Show additional information"),
    )
    .arg(
        Arg::with_name(SKIP_SEED_PHRASE_VALIDATION_ARG.name)
@ -198,7 +216,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
                            .index(1)
                            .value_name("CONFIG_FIELD")
                            .takes_value(true)
-                            .possible_values(&["url", "keypair"])
+                            .possible_values(&["json_rpc_url", "websocket_url", "keypair"])
                            .help("Return a specific config setting"),
                    ),
            )
@ -207,7 +225,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
                    .about("Set a config setting")
                    .group(
                        ArgGroup::with_name("config_settings")
-                            .args(&["json_rpc_url", "keypair"])
+                            .args(&["json_rpc_url", "websocket_url", "keypair"])
                            .multiple(true)
                            .required(true),
                    ),
@ -215,13 +233,23 @@ fn main() -> Result<(), Box<dyn error::Error>> {
    )
    .get_matches();

+    do_main(&matches).map_err(|err| DisplayError::new_as_boxed(err).into())
+}
+
+fn do_main(matches: &ArgMatches<'_>) -> Result<(), Box<dyn error::Error>> {
    if parse_settings(&matches)? {
        let wallet_manager = maybe_wallet_manager()?;

        let (mut config, signers) = parse_args(&matches, wallet_manager)?;
        config.signers = signers.iter().map(|s| s.as_ref()).collect();
        let result = process_command(&config)?;
-        println!("{}", result);
-    }
+        let (_, submatches) = matches.subcommand();
+        let sign_only = submatches
+            .map(|m| m.is_present(SIGN_ONLY_ARG.name))
+            .unwrap_or(false);
+        if !sign_only {
+            println!("{}", result);
+        }
+    };
    Ok(())
 }
--- a/cli/src/nonce.rs
+++ b/cli/src/nonce.rs
@ -14,7 +14,11 @@ use solana_sdk::{
    account_utils::StateMut,
    hash::Hash,
    message::Message,
-    nonce_state::{Meta, NonceState},
+    nonce::{
+        self,
+        state::{Data, Versions},
+        State,
+    },
    pubkey::Pubkey,
    system_instruction::{
        advance_nonce_account, authorize_nonce_account, create_address_with_seed,
@ -25,14 +29,24 @@ use solana_sdk::{
    transaction::Transaction,
 };
 use std::sync::Arc;
+use thiserror::Error;

-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Error, PartialEq)]
 pub enum CliNonceError {
+    #[error("invalid account owner")]
    InvalidAccountOwner,
+    #[error("invalid account data")]
    InvalidAccountData,
+    #[error("unexpected account data size")]
+    UnexpectedDataSize,
+    #[error("query hash does not match stored hash")]
    InvalidHash,
+    #[error("query authority does not match account authority")]
    InvalidAuthority,
-    InvalidState,
+    #[error("invalid state for requested operation")]
+    InvalidStateForOperation,
+    #[error("client error: {0}")]
+    Client(String),
 }

 pub const NONCE_ARG: ArgConstant<'static> = ArgConstant {
@ -60,7 +74,7 @@ pub fn nonce_arg<'a, 'b>() -> Arg<'a, 'b> {
        .takes_value(true)
        .value_name("PUBKEY")
        .requires(BLOCKHASH_ARG.name)
-        .validator(is_pubkey)
+        .validator(is_valid_pubkey)
        .help(NONCE_ARG.help)
 }

@ -68,7 +82,7 @@ pub fn nonce_authority_arg<'a, 'b>() -> Arg<'a, 'b> {
    Arg::with_name(NONCE_AUTHORITY_ARG.name)
        .long(NONCE_AUTHORITY_ARG.long)
        .takes_value(true)
-        .value_name("KEYPAIR or PUBKEY or REMOTE WALLET PATH")
+        .value_name("KEYPAIR")
        .validator(is_valid_signer)
        .help(NONCE_AUTHORITY_ARG.help)
 }
@ -79,27 +93,27 @@ impl NonceSubCommands for App<'_, '_> {
            SubCommand::with_name("authorize-nonce-account")
                .about("Assign account authority to a new entity")
                .arg(
-                    Arg::with_name("nonce_account_keypair")
+                    Arg::with_name("nonce_account_pubkey")
                        .index(1)
-                        .value_name("NONCE_ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Address of the nonce account"),
                )
                .arg(
                    Arg::with_name("new_authority")
                        .index(2)
-                        .value_name("NEW_AUTHORITY_PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Account to be granted authority of the nonce account"),
                )
                .arg(
                    Arg::with_name("seed")
                        .long("seed")
-                        .value_name("SEED STRING")
+                        .value_name("STRING")
                        .takes_value(true)
                        .help("Seed for address generation; if specified, the resulting account will be at a derived address of the NONCE_ACCOUNT pubkey")
                )
@ -111,16 +125,16 @@ impl NonceSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("nonce_account_keypair")
                        .index(1)
-                        .value_name("NONCE ACCOUNT")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_signer)
                        .help("Keypair of the nonce account to fund"),
                )
                .arg(
                    Arg::with_name("amount")
                        .index(2)
-                        .value_name("AMOUNT")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .required(true)
                        .validator(is_amount)
@ -130,8 +144,8 @@ impl NonceSubCommands for App<'_, '_> {
                    Arg::with_name(NONCE_AUTHORITY_ARG.name)
                        .long(NONCE_AUTHORITY_ARG.long)
                        .takes_value(true)
-                        .value_name("BASE58_PUBKEY")
-                        .validator(is_pubkey_or_keypair)
+                        .value_name("PUBKEY")
+                        .validator(is_valid_pubkey)
                        .help("Assign noncing authority to another entity"),
                ),
        )
@ -142,10 +156,10 @@ impl NonceSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("nonce_account_pubkey")
                        .index(1)
-                        .value_name("NONCE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Address of the nonce account to display"),
                ),
        )
@ -153,12 +167,12 @@ impl NonceSubCommands for App<'_, '_> {
            SubCommand::with_name("new-nonce")
                .about("Generate a new nonce, rendering the existing nonce useless")
                .arg(
-                    Arg::with_name("nonce_account_keypair")
+                    Arg::with_name("nonce_account_pubkey")
                        .index(1)
-                        .value_name("NONCE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Address of the nonce account"),
                )
                .arg(nonce_authority_arg()),
@ -170,10 +184,10 @@ impl NonceSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("nonce_account_pubkey")
                        .index(1)
-                        .value_name("NONCE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Address of the nonce account to display"),
                )
                .arg(
@ -185,29 +199,29 @@ impl NonceSubCommands for App<'_, '_> {
        )
        .subcommand(
            SubCommand::with_name("withdraw-from-nonce-account")
-                .about("Withdraw lamports from the nonce account")
+                .about("Withdraw SOL from the nonce account")
                .arg(
-                    Arg::with_name("nonce_account_keypair")
+                    Arg::with_name("nonce_account_pubkey")
                        .index(1)
-                        .value_name("NONCE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_keypair_or_ask_keyword)
-                        .help("Nonce account from to withdraw from"),
+                        .validator(is_valid_pubkey)
+                        .help("Nonce account to withdraw from"),
                )
                .arg(
                    Arg::with_name("destination_account_pubkey")
                        .index(2)
-                        .value_name("DESTINATION ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("The account to which the lamports should be transferred"),
+                        .validator(is_valid_pubkey)
+                        .help("The account to which the SOL should be transferred"),
                )
                .arg(
                    Arg::with_name("amount")
                        .index(3)
-                        .value_name("AMOUNT")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .required(true)
                        .validator(is_amount)
@ -218,13 +232,55 @@ impl NonceSubCommands for App<'_, '_> {
    }
 }

+pub fn get_account(
+    rpc_client: &RpcClient,
+    nonce_pubkey: &Pubkey,
+) -> Result<Account, CliNonceError> {
+    rpc_client
+        .get_account(nonce_pubkey)
+        .map_err(|e| CliNonceError::Client(format!("{}", e)))
+        .and_then(|a| match account_identity_ok(&a) {
+            Ok(()) => Ok(a),
+            Err(e) => Err(e),
+        })
+}
+
+pub fn account_identity_ok(account: &Account) -> Result<(), CliNonceError> {
+    if account.owner != system_program::id() {
+        Err(CliNonceError::InvalidAccountOwner)
+    } else if account.data.is_empty() {
+        Err(CliNonceError::UnexpectedDataSize)
+    } else {
+        Ok(())
+    }
+}
+
+pub fn state_from_account(account: &Account) -> Result<State, CliNonceError> {
+    account_identity_ok(account)?;
+    StateMut::<Versions>::state(account)
+        .map_err(|_| CliNonceError::InvalidAccountData)
+        .map(|v| v.convert_to_current())
+}
+
+pub fn data_from_account(account: &Account) -> Result<Data, CliNonceError> {
+    account_identity_ok(account)?;
+    state_from_account(account).and_then(|ref s| data_from_state(s).map(|d| d.clone()))
+}
+
+pub fn data_from_state(state: &State) -> Result<&Data, CliNonceError> {
+    match state {
+        State::Uninitialized => Err(CliNonceError::InvalidStateForOperation),
+        State::Initialized(data) => Ok(data),
+    }
+}
+
 pub fn parse_authorize_nonce_account(
    matches: &ArgMatches<'_>,
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let nonce_account = pubkey_of(matches, "nonce_account_keypair").unwrap();
-    let new_authority = pubkey_of(matches, "new_authority").unwrap();
+    let nonce_account = pubkey_of_signer(matches, "nonce_account_pubkey", wallet_manager)?.unwrap();
+    let new_authority = pubkey_of_signer(matches, "new_authority", wallet_manager)?.unwrap();
    let (nonce_authority, nonce_authority_pubkey) =
        signer_of(matches, NONCE_AUTHORITY_ARG.name, wallet_manager)?;

@ -255,7 +311,7 @@ pub fn parse_nonce_create_account(
        signer_of(matches, "nonce_account_keypair", wallet_manager)?;
    let seed = matches.value_of("seed").map(|s| s.to_string());
    let lamports = lamports_of_sol(matches, "amount").unwrap();
-    let nonce_authority = pubkey_of(matches, NONCE_AUTHORITY_ARG.name);
+    let nonce_authority = pubkey_of_signer(matches, NONCE_AUTHORITY_ARG.name, wallet_manager)?;

    let payer_provided = None;
    let signer_info = generate_unique_signers(
@ -276,8 +332,12 @@ pub fn parse_nonce_create_account(
    })
 }

-pub fn parse_get_nonce(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
-    let nonce_account_pubkey = pubkey_of(matches, "nonce_account_pubkey").unwrap();
+pub fn parse_get_nonce(
+    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
+    let nonce_account_pubkey =
+        pubkey_of_signer(matches, "nonce_account_pubkey", wallet_manager)?.unwrap();

    Ok(CliCommandInfo {
        command: CliCommand::GetNonce(nonce_account_pubkey),
@ -290,7 +350,7 @@ pub fn parse_new_nonce(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let nonce_account = pubkey_of(matches, "nonce_account_keypair").unwrap();
+    let nonce_account = pubkey_of_signer(matches, "nonce_account_pubkey", wallet_manager)?.unwrap();
    let (nonce_authority, nonce_authority_pubkey) =
        signer_of(matches, NONCE_AUTHORITY_ARG.name, wallet_manager)?;

@ -311,8 +371,12 @@ pub fn parse_new_nonce(
    })
 }

-pub fn parse_show_nonce_account(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
-    let nonce_account_pubkey = pubkey_of(matches, "nonce_account_pubkey").unwrap();
+pub fn parse_show_nonce_account(
+    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
+    let nonce_account_pubkey =
+        pubkey_of_signer(matches, "nonce_account_pubkey", wallet_manager)?.unwrap();
    let use_lamports_unit = matches.is_present("lamports");

    Ok(CliCommandInfo {
@ -329,8 +393,9 @@ pub fn parse_withdraw_from_nonce_account(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let nonce_account = pubkey_of(matches, "nonce_account_keypair").unwrap();
-    let destination_account_pubkey = pubkey_of(matches, "destination_account_pubkey").unwrap();
+    let nonce_account = pubkey_of_signer(matches, "nonce_account_pubkey", wallet_manager)?.unwrap();
+    let destination_account_pubkey =
+        pubkey_of_signer(matches, "destination_account_pubkey", wallet_manager)?.unwrap();
    let lamports = lamports_of_sol(matches, "amount").unwrap();
    let (nonce_authority, nonce_authority_pubkey) =
        signer_of(matches, NONCE_AUTHORITY_ARG.name, wallet_manager)?;
@ -359,26 +424,18 @@ pub fn check_nonce_account(
    nonce_account: &Account,
    nonce_authority: &Pubkey,
    nonce_hash: &Hash,
-) -> Result<(), Box<CliError>> {
-    if nonce_account.owner != system_program::ID {
-        return Err(CliError::InvalidNonce(CliNonceError::InvalidAccountOwner).into());
-    }
-    let nonce_state: NonceState = nonce_account
-        .state()
-        .map_err(|_| Box::new(CliError::InvalidNonce(CliNonceError::InvalidAccountData)))?;
-    match nonce_state {
-        NonceState::Initialized(meta, hash) => {
-            if &hash != nonce_hash {
-                Err(CliError::InvalidNonce(CliNonceError::InvalidHash).into())
-            } else if nonce_authority != &meta.nonce_authority {
-                Err(CliError::InvalidNonce(CliNonceError::InvalidAuthority).into())
+) -> Result<(), CliError> {
+    match state_from_account(nonce_account)? {
+        State::Initialized(ref data) => {
+            if &data.blockhash != nonce_hash {
+                Err(CliNonceError::InvalidHash.into())
+            } else if nonce_authority != &data.authority {
+                Err(CliNonceError::InvalidAuthority.into())
            } else {
                Ok(())
            }
        }
-        NonceState::Uninitialized => {
-            Err(CliError::InvalidNonce(CliNonceError::InvalidState).into())
-        }
+        State::Uninitialized => Err(CliNonceError::InvalidStateForOperation.into()),
    }
 }

@ -393,7 +450,7 @@ pub fn process_authorize_nonce_account(

    let nonce_authority = config.signers[nonce_authority];
    let ix = authorize_nonce_account(nonce_account, &nonce_authority.pubkey(), new_authority);
-    let message = Message::new_with_payer(vec![ix], Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&[ix], Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;

@ -403,7 +460,7 @@ pub fn process_authorize_nonce_account(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<NonceError>(result)
 }

@ -427,10 +484,8 @@ pub fn process_create_nonce_account(
        (&nonce_account_address, "nonce_account".to_string()),
    )?;

-    if let Ok(nonce_account) = rpc_client.get_account(&nonce_account_address) {
-        let err_msg = if nonce_account.owner == system_program::id()
-            && StateMut::<NonceState>::state(&nonce_account).is_ok()
-        {
+    if let Ok(nonce_account) = get_account(rpc_client, &nonce_account_address) {
+        let err_msg = if state_from_account(&nonce_account).is_ok() {
            format!("Nonce account {} already exists", nonce_account_address)
        } else {
            format!(
@ -441,7 +496,7 @@ pub fn process_create_nonce_account(
        return Err(CliError::BadParameter(err_msg).into());
    }

-    let minimum_balance = rpc_client.get_minimum_balance_for_rent_exemption(NonceState::size())?;
+    let minimum_balance = rpc_client.get_minimum_balance_for_rent_exemption(State::size())?;
    if lamports < minimum_balance {
        return Err(CliError::BadParameter(format!(
            "need at least {} lamports for nonce account to be rent exempt, provided lamports: {}",
@ -472,7 +527,7 @@ pub fn process_create_nonce_account(

    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;

-    let message = Message::new_with_payer(ixs, Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&ixs, Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;

@ -482,27 +537,14 @@ pub fn process_create_nonce_account(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<SystemError>(result)
 }

 pub fn process_get_nonce(rpc_client: &RpcClient, nonce_account_pubkey: &Pubkey) -> ProcessResult {
-    let nonce_account = rpc_client.get_account(nonce_account_pubkey)?;
-    if nonce_account.owner != system_program::id() {
-        return Err(CliError::RpcRequestError(format!(
-            "{:?} is not a nonce account",
-            nonce_account_pubkey
-        ))
-        .into());
-    }
-    match nonce_account.state() {
-        Ok(NonceState::Uninitialized) => Ok("Nonce account is uninitialized".to_string()),
-        Ok(NonceState::Initialized(_, hash)) => Ok(format!("{:?}", hash)),
-        Err(err) => Err(CliError::RpcRequestError(format!(
-            "Account data could not be deserialized to nonce state: {:?}",
-            err
-        ))
-        .into()),
+    match get_account(rpc_client, nonce_account_pubkey).and_then(|ref a| state_from_account(a))? {
+        State::Uninitialized => Ok("Nonce account is uninitialized".to_string()),
+        State::Initialized(ref data) => Ok(format!("{:?}", data.blockhash)),
    }
 }

@ -527,7 +569,7 @@ pub fn process_new_nonce(
    let nonce_authority = config.signers[nonce_authority];
    let ix = advance_nonce_account(&nonce_account, &nonce_authority.pubkey());
    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;
-    let message = Message::new_with_payer(vec![ix], Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&[ix], Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -536,8 +578,8 @@ pub fn process_new_nonce(
        &fee_calculator,
        &tx.message,
    )?;
-    let result =
-        rpc_client.send_and_confirm_transaction(&mut tx, &[config.signers[0], nonce_authority]);
+    let result = rpc_client
+        .send_and_confirm_transaction_with_spinner(&mut tx, &[config.signers[0], nonce_authority]);
    log_instruction_custom_error::<SystemError>(result)
 }

@ -546,15 +588,8 @@ pub fn process_show_nonce_account(
    nonce_account_pubkey: &Pubkey,
    use_lamports_unit: bool,
 ) -> ProcessResult {
-    let nonce_account = rpc_client.get_account(nonce_account_pubkey)?;
-    if nonce_account.owner != system_program::id() {
-        return Err(CliError::RpcRequestError(format!(
-            "{:?} is not a nonce account",
-            nonce_account_pubkey
-        ))
-        .into());
-    }
-    let print_account = |data: Option<(Meta, Hash)>| {
+    let nonce_account = get_account(rpc_client, nonce_account_pubkey)?;
+    let print_account = |data: Option<&nonce::state::Data>| {
        println!(
            "Balance: {}",
            build_balance_message(nonce_account.lamports, use_lamports_unit, true)
@ -562,31 +597,31 @@ pub fn process_show_nonce_account(
        println!(
            "Minimum Balance Required: {}",
            build_balance_message(
-                rpc_client.get_minimum_balance_for_rent_exemption(NonceState::size())?,
+                rpc_client.get_minimum_balance_for_rent_exemption(State::size())?,
                use_lamports_unit,
                true
            )
        );
        match data {
-            Some((meta, hash)) => {
-                println!("Nonce: {}", hash);
-                println!("Authority: {}", meta.nonce_authority);
+            Some(ref data) => {
+                println!("Nonce: {}", data.blockhash);
+                println!(
+                    "Fee: {} lamports per signature",
+                    data.fee_calculator.lamports_per_signature
+                );
+                println!("Authority: {}", data.authority);
            }
            None => {
                println!("Nonce: uninitialized");
+                println!("Fees: uninitialized");
                println!("Authority: uninitialized");
            }
        }
        Ok("".to_string())
    };
-    match nonce_account.state() {
-        Ok(NonceState::Uninitialized) => print_account(None),
-        Ok(NonceState::Initialized(meta, hash)) => print_account(Some((meta, hash))),
-        Err(err) => Err(CliError::RpcRequestError(format!(
-            "Account data could not be deserialized to nonce state: {:?}",
-            err
-        ))
-        .into()),
+    match state_from_account(&nonce_account)? {
+        State::Uninitialized => print_account(None),
+        State::Initialized(ref data) => print_account(Some(data)),
    }
 }

@ -607,7 +642,7 @@ pub fn process_withdraw_from_nonce_account(
        destination_account_pubkey,
        lamports,
    );
-    let message = Message::new_with_payer(vec![ix], Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&[ix], Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -616,7 +651,7 @@ pub fn process_withdraw_from_nonce_account(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<NonceError>(result)
 }

@ -626,8 +661,9 @@ mod tests {
    use crate::cli::{app, parse_command};
    use solana_sdk::{
        account::Account,
+        fee_calculator::FeeCalculator,
        hash::hash,
-        nonce_state::{Meta as NonceMeta, NonceState},
+        nonce::{self, State},
        signature::{read_keypair_file, write_keypair, Keypair, Signer},
        system_program,
    };
@ -842,31 +878,6 @@ mod tests {
            }
        );

-        let test_withdraw_from_nonce_account = test_commands.clone().get_matches_from(vec![
-            "test",
-            "withdraw-from-nonce-account",
-            &keypair_file,
-            &nonce_account_string,
-            "42",
-        ]);
-        assert_eq!(
-            parse_command(
-                &test_withdraw_from_nonce_account,
-                &default_keypair_file,
-                None
-            )
-            .unwrap(),
-            CliCommandInfo {
-                command: CliCommand::WithdrawFromNonceAccount {
-                    nonce_account: read_keypair_file(&keypair_file).unwrap().pubkey(),
-                    nonce_authority: 0,
-                    destination_account_pubkey: nonce_account_pubkey,
-                    lamports: 42000000000
-                },
-                signers: vec![read_keypair_file(&default_keypair_file).unwrap().into()],
-            }
-        );
-
        // Test WithdrawFromNonceAccount Subcommand with authority
        let test_withdraw_from_nonce_account = test_commands.clone().get_matches_from(vec![
            "test",
@ -903,61 +914,123 @@ mod tests {
    fn test_check_nonce_account() {
        let blockhash = Hash::default();
        let nonce_pubkey = Pubkey::new_rand();
-        let valid = Account::new_data(
-            1,
-            &NonceState::Initialized(NonceMeta::new(&nonce_pubkey), blockhash),
-            &system_program::ID,
-        );
+        let data = Versions::new_current(State::Initialized(nonce::state::Data {
+            authority: nonce_pubkey,
+            blockhash,
+            fee_calculator: FeeCalculator::default(),
+        }));
+        let valid = Account::new_data(1, &data, &system_program::ID);
        assert!(check_nonce_account(&valid.unwrap(), &nonce_pubkey, &blockhash).is_ok());

-        let invalid_owner = Account::new_data(
-            1,
-            &NonceState::Initialized(NonceMeta::new(&nonce_pubkey), blockhash),
-            &Pubkey::new(&[1u8; 32]),
-        );
+        let invalid_owner = Account::new_data(1, &data, &Pubkey::new(&[1u8; 32]));
        assert_eq!(
            check_nonce_account(&invalid_owner.unwrap(), &nonce_pubkey, &blockhash),
-            Err(Box::new(CliError::InvalidNonce(
-                CliNonceError::InvalidAccountOwner
-            ))),
+            Err(CliNonceError::InvalidAccountOwner.into()),
        );

        let invalid_data = Account::new_data(1, &"invalid", &system_program::ID);
        assert_eq!(
            check_nonce_account(&invalid_data.unwrap(), &nonce_pubkey, &blockhash),
-            Err(Box::new(CliError::InvalidNonce(
-                CliNonceError::InvalidAccountData
-            ))),
+            Err(CliNonceError::InvalidAccountData.into()),
        );

-        let invalid_hash = Account::new_data(
-            1,
-            &NonceState::Initialized(NonceMeta::new(&nonce_pubkey), hash(b"invalid")),
-            &system_program::ID,
-        );
+        let data = Versions::new_current(State::Initialized(nonce::state::Data {
+            authority: nonce_pubkey,
+            blockhash: hash(b"invalid"),
+            fee_calculator: FeeCalculator::default(),
+        }));
+        let invalid_hash = Account::new_data(1, &data, &system_program::ID);
        assert_eq!(
            check_nonce_account(&invalid_hash.unwrap(), &nonce_pubkey, &blockhash),
-            Err(Box::new(CliError::InvalidNonce(CliNonceError::InvalidHash))),
+            Err(CliNonceError::InvalidHash.into()),
        );

-        let invalid_authority = Account::new_data(
-            1,
-            &NonceState::Initialized(NonceMeta::new(&Pubkey::new_rand()), blockhash),
-            &system_program::ID,
-        );
+        let data = Versions::new_current(State::Initialized(nonce::state::Data {
+            authority: Pubkey::new_rand(),
+            blockhash,
+            fee_calculator: FeeCalculator::default(),
+        }));
+        let invalid_authority = Account::new_data(1, &data, &system_program::ID);
        assert_eq!(
            check_nonce_account(&invalid_authority.unwrap(), &nonce_pubkey, &blockhash),
-            Err(Box::new(CliError::InvalidNonce(
-                CliNonceError::InvalidAuthority
-            ))),
+            Err(CliNonceError::InvalidAuthority.into()),
        );

-        let invalid_state = Account::new_data(1, &NonceState::Uninitialized, &system_program::ID);
+        let data = Versions::new_current(State::Uninitialized);
+        let invalid_state = Account::new_data(1, &data, &system_program::ID);
        assert_eq!(
            check_nonce_account(&invalid_state.unwrap(), &nonce_pubkey, &blockhash),
-            Err(Box::new(CliError::InvalidNonce(
-                CliNonceError::InvalidState
-            ))),
+            Err(CliNonceError::InvalidStateForOperation.into()),
        );
    }
+
+    #[test]
+    fn test_account_identity_ok() {
+        let nonce_account = nonce::create_account(1).into_inner();
+        assert_eq!(account_identity_ok(&nonce_account), Ok(()));
+
+        let system_account = Account::new(1, 0, &system_program::id());
+        assert_eq!(
+            account_identity_ok(&system_account),
+            Err(CliNonceError::UnexpectedDataSize),
+        );
+
+        let other_program = Pubkey::new(&[1u8; 32]);
+        let other_account_no_data = Account::new(1, 0, &other_program);
+        assert_eq!(
+            account_identity_ok(&other_account_no_data),
+            Err(CliNonceError::InvalidAccountOwner),
+        );
+    }
+
+    #[test]
+    fn test_state_from_account() {
+        let mut nonce_account = nonce::create_account(1).into_inner();
+        assert_eq!(state_from_account(&nonce_account), Ok(State::Uninitialized));
+
+        let data = nonce::state::Data {
+            authority: Pubkey::new(&[1u8; 32]),
+            blockhash: Hash::new(&[42u8; 32]),
+            fee_calculator: FeeCalculator::new(42),
+        };
+        nonce_account
+            .set_state(&Versions::new_current(State::Initialized(data.clone())))
+            .unwrap();
+        assert_eq!(
+            state_from_account(&nonce_account),
+            Ok(State::Initialized(data))
+        );
+
+        let wrong_data_size_account = Account::new(1, 1, &system_program::id());
+        assert_eq!(
+            state_from_account(&wrong_data_size_account),
+            Err(CliNonceError::InvalidAccountData),
+        );
+    }
+
+    #[test]
+    fn test_data_from_helpers() {
+        let mut nonce_account = nonce::create_account(1).into_inner();
+        let state = state_from_account(&nonce_account).unwrap();
+        assert_eq!(
+            data_from_state(&state),
+            Err(CliNonceError::InvalidStateForOperation)
+        );
+        assert_eq!(
+            data_from_account(&nonce_account),
+            Err(CliNonceError::InvalidStateForOperation)
+        );
+
+        let data = nonce::state::Data {
+            authority: Pubkey::new(&[1u8; 32]),
+            blockhash: Hash::new(&[42u8; 32]),
+            fee_calculator: FeeCalculator::new(42),
+        };
+        nonce_account
+            .set_state(&Versions::new_current(State::Initialized(data.clone())))
+            .unwrap();
+        let state = state_from_account(&nonce_account).unwrap();
+        assert_eq!(data_from_state(&state), Ok(&data));
+        assert_eq!(data_from_account(&nonce_account), Ok(data));
+    }
 }
--- a/cli/src/offline.rs
+++ b/cli/src/offline.rs
@ -1,253 +0,0 @@
-use clap::{App, Arg, ArgMatches};
-use serde_json::Value;
-use solana_clap_utils::{
-    input_parsers::value_of,
-    input_validators::{is_hash, is_pubkey_sig},
-    offline::{BLOCKHASH_ARG, SIGNER_ARG, SIGN_ONLY_ARG},
-};
-use solana_client::rpc_client::RpcClient;
-use solana_sdk::{fee_calculator::FeeCalculator, hash::Hash, pubkey::Pubkey, signature::Signature};
-use std::str::FromStr;
-
-#[derive(Clone, Debug, PartialEq)]
-pub enum BlockhashQuery {
-    None(Hash, FeeCalculator),
-    FeeCalculator(Hash),
-    All,
-}
-
-impl BlockhashQuery {
-    pub fn new(blockhash: Option<Hash>, sign_only: bool) -> Self {
-        match blockhash {
-            Some(hash) if sign_only => Self::None(hash, FeeCalculator::default()),
-            Some(hash) if !sign_only => Self::FeeCalculator(hash),
-            None if !sign_only => Self::All,
-            _ => panic!("Cannot resolve blockhash"),
-        }
-    }
-
-    pub fn new_from_matches(matches: &ArgMatches<'_>) -> Self {
-        let blockhash = value_of(matches, BLOCKHASH_ARG.name);
-        let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
-        BlockhashQuery::new(blockhash, sign_only)
-    }
-
-    pub fn get_blockhash_fee_calculator(
-        &self,
-        rpc_client: &RpcClient,
-    ) -> Result<(Hash, FeeCalculator), Box<dyn std::error::Error>> {
-        let (hash, fee_calc) = match self {
-            BlockhashQuery::None(hash, fee_calc) => (Some(hash), Some(fee_calc)),
-            BlockhashQuery::FeeCalculator(hash) => (Some(hash), None),
-            BlockhashQuery::All => (None, None),
-        };
-        if None == fee_calc {
-            let (cluster_hash, fee_calc) = rpc_client.get_recent_blockhash()?;
-            Ok((*hash.unwrap_or(&cluster_hash), fee_calc))
-        } else {
-            Ok((*hash.unwrap(), fee_calc.unwrap().clone()))
-        }
-    }
-}
-
-impl Default for BlockhashQuery {
-    fn default() -> Self {
-        BlockhashQuery::All
-    }
-}
-
-fn blockhash_arg<'a, 'b>() -> Arg<'a, 'b> {
-    Arg::with_name(BLOCKHASH_ARG.name)
-        .long(BLOCKHASH_ARG.long)
-        .takes_value(true)
-        .value_name("BLOCKHASH")
-        .validator(is_hash)
-        .help(BLOCKHASH_ARG.help)
-}
-
-fn sign_only_arg<'a, 'b>() -> Arg<'a, 'b> {
-    Arg::with_name(SIGN_ONLY_ARG.name)
-        .long(SIGN_ONLY_ARG.long)
-        .takes_value(false)
-        .requires(BLOCKHASH_ARG.name)
-        .help(SIGN_ONLY_ARG.help)
-}
-
-fn signer_arg<'a, 'b>() -> Arg<'a, 'b> {
-    Arg::with_name(SIGNER_ARG.name)
-        .long(SIGNER_ARG.long)
-        .takes_value(true)
-        .value_name("BASE58_PUBKEY=BASE58_SIG")
-        .validator(is_pubkey_sig)
-        .requires(BLOCKHASH_ARG.name)
-        .multiple(true)
-        .help(SIGNER_ARG.help)
-}
-
-pub trait OfflineArgs {
-    fn offline_args(self) -> Self;
-}
-
-impl OfflineArgs for App<'_, '_> {
-    fn offline_args(self) -> Self {
-        self.arg(blockhash_arg())
-            .arg(sign_only_arg())
-            .arg(signer_arg())
-    }
-}
-
-pub fn parse_sign_only_reply_string(reply: &str) -> (Hash, Vec<(Pubkey, Signature)>) {
-    let object: Value = serde_json::from_str(&reply).unwrap();
-    let blockhash_str = object.get("blockhash").unwrap().as_str().unwrap();
-    let blockhash = blockhash_str.parse::<Hash>().unwrap();
-    let signer_strings = object.get("signers").unwrap().as_array().unwrap();
-    let signers = signer_strings
-        .iter()
-        .map(|signer_string| {
-            let mut signer = signer_string.as_str().unwrap().split('=');
-            let key = Pubkey::from_str(signer.next().unwrap()).unwrap();
-            let sig = Signature::from_str(signer.next().unwrap()).unwrap();
-            (key, sig)
-        })
-        .collect();
-    (blockhash, signers)
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use clap::App;
-    use serde_json::{self, json, Value};
-    use solana_client::{
-        rpc_request::RpcRequest,
-        rpc_response::{Response, RpcResponseContext},
-    };
-    use solana_sdk::{fee_calculator::FeeCalculator, hash::hash};
-    use std::collections::HashMap;
-
-    #[test]
-    fn test_blockhashspec_new_ok() {
-        let blockhash = hash(&[1u8]);
-
-        assert_eq!(
-            BlockhashQuery::new(Some(blockhash), true),
-            BlockhashQuery::None(blockhash, FeeCalculator::default()),
-        );
-        assert_eq!(
-            BlockhashQuery::new(Some(blockhash), false),
-            BlockhashQuery::FeeCalculator(blockhash),
-        );
-        assert_eq!(BlockhashQuery::new(None, false), BlockhashQuery::All,);
-    }
-
-    #[test]
-    #[should_panic]
-    fn test_blockhashspec_new_fail() {
-        BlockhashQuery::new(None, true);
-    }
-
-    #[test]
-    fn test_blockhashspec_new_from_matches_ok() {
-        let test_commands = App::new("blockhashspec_test").offline_args();
-        let blockhash = hash(&[1u8]);
-        let blockhash_string = blockhash.to_string();
-
-        let matches = test_commands.clone().get_matches_from(vec![
-            "blockhashspec_test",
-            "--blockhash",
-            &blockhash_string,
-            "--sign-only",
-        ]);
-        assert_eq!(
-            BlockhashQuery::new_from_matches(&matches),
-            BlockhashQuery::None(blockhash, FeeCalculator::default()),
-        );
-
-        let matches = test_commands.clone().get_matches_from(vec![
-            "blockhashspec_test",
-            "--blockhash",
-            &blockhash_string,
-        ]);
-        assert_eq!(
-            BlockhashQuery::new_from_matches(&matches),
-            BlockhashQuery::FeeCalculator(blockhash),
-        );
-
-        let matches = test_commands
-            .clone()
-            .get_matches_from(vec!["blockhashspec_test"]);
-        assert_eq!(
-            BlockhashQuery::new_from_matches(&matches),
-            BlockhashQuery::All,
-        );
-    }
-
-    #[test]
-    #[should_panic]
-    fn test_blockhashspec_new_from_matches_fail() {
-        let test_commands = App::new("blockhashspec_test")
-            .arg(blockhash_arg())
-            // We can really only hit this case unless the arg requirements
-            // are broken, so unset the requires() to recreate that condition
-            .arg(sign_only_arg().requires(""));
-
-        let matches = test_commands
-            .clone()
-            .get_matches_from(vec!["blockhashspec_test", "--sign-only"]);
-        BlockhashQuery::new_from_matches(&matches);
-    }
-
-    #[test]
-    fn test_blockhashspec_get_blockhash_fee_calc() {
-        let test_blockhash = hash(&[0u8]);
-        let rpc_blockhash = hash(&[1u8]);
-        let rpc_fee_calc = FeeCalculator::new(42, 42);
-        let get_recent_blockhash_response = json!(Response {
-            context: RpcResponseContext { slot: 1 },
-            value: json!((
-                Value::String(rpc_blockhash.to_string()),
-                serde_json::to_value(rpc_fee_calc.clone()).unwrap()
-            )),
-        });
-        let mut mocks = HashMap::new();
-        mocks.insert(
-            RpcRequest::GetRecentBlockhash,
-            get_recent_blockhash_response.clone(),
-        );
-        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
-        assert_eq!(
-            BlockhashQuery::All
-                .get_blockhash_fee_calculator(&rpc_client)
-                .unwrap(),
-            (rpc_blockhash, rpc_fee_calc.clone()),
-        );
-        let mut mocks = HashMap::new();
-        mocks.insert(
-            RpcRequest::GetRecentBlockhash,
-            get_recent_blockhash_response.clone(),
-        );
-        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
-        assert_eq!(
-            BlockhashQuery::FeeCalculator(test_blockhash)
-                .get_blockhash_fee_calculator(&rpc_client)
-                .unwrap(),
-            (test_blockhash, rpc_fee_calc.clone()),
-        );
-        let mut mocks = HashMap::new();
-        mocks.insert(
-            RpcRequest::GetRecentBlockhash,
-            get_recent_blockhash_response.clone(),
-        );
-        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
-        assert_eq!(
-            BlockhashQuery::None(test_blockhash, FeeCalculator::default())
-                .get_blockhash_fee_calculator(&rpc_client)
-                .unwrap(),
-            (test_blockhash, FeeCalculator::default()),
-        );
-        let rpc_client = RpcClient::new_mock("fails".to_string());
-        assert!(BlockhashQuery::All
-            .get_blockhash_fee_calculator(&rpc_client)
-            .is_err());
-    }
-}
--- a/cli/src/offline/blockhash_query.rs
+++ b/cli/src/offline/blockhash_query.rs
@ -0,0 +1,394 @@
+use super::*;
+
+#[derive(Debug, PartialEq)]
+pub enum Source {
+    Cluster,
+    NonceAccount(Pubkey),
+}
+
+impl Source {
+    pub fn get_blockhash_and_fee_calculator(
+        &self,
+        rpc_client: &RpcClient,
+    ) -> Result<(Hash, FeeCalculator), Box<dyn std::error::Error>> {
+        match self {
+            Self::Cluster => {
+                let res = rpc_client.get_recent_blockhash()?;
+                Ok(res)
+            }
+            Self::NonceAccount(ref pubkey) => {
+                let data = nonce::get_account(rpc_client, pubkey)
+                    .and_then(|ref a| nonce::data_from_account(a))?;
+                Ok((data.blockhash, data.fee_calculator))
+            }
+        }
+    }
+
+    pub fn get_fee_calculator(
+        &self,
+        rpc_client: &RpcClient,
+        blockhash: &Hash,
+    ) -> Result<Option<FeeCalculator>, Box<dyn std::error::Error>> {
+        match self {
+            Self::Cluster => {
+                let res = rpc_client.get_fee_calculator_for_blockhash(blockhash)?;
+                Ok(res)
+            }
+            Self::NonceAccount(ref pubkey) => {
+                let res = nonce::get_account(rpc_client, pubkey)
+                    .and_then(|ref a| nonce::data_from_account(a))
+                    .and_then(|d| {
+                        if d.blockhash == *blockhash {
+                            Ok(Some(d.fee_calculator))
+                        } else {
+                            Ok(None)
+                        }
+                    })?;
+                Ok(res)
+            }
+        }
+    }
+}
+
+#[derive(Debug, PartialEq)]
+pub enum BlockhashQuery {
+    None(Hash),
+    FeeCalculator(Source, Hash),
+    All(Source),
+}
+
+impl BlockhashQuery {
+    pub fn new(blockhash: Option<Hash>, sign_only: bool, nonce_account: Option<Pubkey>) -> Self {
+        let source = nonce_account
+            .map(Source::NonceAccount)
+            .unwrap_or(Source::Cluster);
+        match blockhash {
+            Some(hash) if sign_only => Self::None(hash),
+            Some(hash) if !sign_only => Self::FeeCalculator(source, hash),
+            None if !sign_only => Self::All(source),
+            _ => panic!("Cannot resolve blockhash"),
+        }
+    }
+
+    pub fn new_from_matches(matches: &ArgMatches<'_>) -> Self {
+        let blockhash = value_of(matches, BLOCKHASH_ARG.name);
+        let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
+        let nonce_account = pubkey_of(matches, nonce::NONCE_ARG.name);
+        BlockhashQuery::new(blockhash, sign_only, nonce_account)
+    }
+
+    pub fn get_blockhash_and_fee_calculator(
+        &self,
+        rpc_client: &RpcClient,
+    ) -> Result<(Hash, FeeCalculator), Box<dyn std::error::Error>> {
+        match self {
+            BlockhashQuery::None(hash) => Ok((*hash, FeeCalculator::default())),
+            BlockhashQuery::FeeCalculator(source, hash) => {
+                let fee_calculator = source
+                    .get_fee_calculator(rpc_client, hash)?
+                    .ok_or(format!("Hash has expired {:?}", hash))?;
+                Ok((*hash, fee_calculator))
+            }
+            BlockhashQuery::All(source) => source.get_blockhash_and_fee_calculator(rpc_client),
+        }
+    }
+}
+
+impl Default for BlockhashQuery {
+    fn default() -> Self {
+        BlockhashQuery::All(Source::Cluster)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::{nonce::nonce_arg, offline::blockhash_query::BlockhashQuery};
+    use clap::App;
+    use serde_json::{self, json, Value};
+    use solana_client::{
+        rpc_request::RpcRequest,
+        rpc_response::{Response, RpcAccount, RpcFeeCalculator, RpcResponseContext},
+    };
+    use solana_sdk::{
+        account::Account, fee_calculator::FeeCalculator, hash::hash, nonce, system_program,
+    };
+    use std::collections::HashMap;
+
+    #[test]
+    fn test_blockhash_query_new_ok() {
+        let blockhash = hash(&[1u8]);
+        let nonce_pubkey = Pubkey::new(&[1u8; 32]);
+
+        assert_eq!(
+            BlockhashQuery::new(Some(blockhash), true, None),
+            BlockhashQuery::None(blockhash),
+        );
+        assert_eq!(
+            BlockhashQuery::new(Some(blockhash), false, None),
+            BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
+        );
+        assert_eq!(
+            BlockhashQuery::new(None, false, None),
+            BlockhashQuery::All(blockhash_query::Source::Cluster)
+        );
+
+        assert_eq!(
+            BlockhashQuery::new(Some(blockhash), true, Some(nonce_pubkey)),
+            BlockhashQuery::None(blockhash),
+        );
+        assert_eq!(
+            BlockhashQuery::new(Some(blockhash), false, Some(nonce_pubkey)),
+            BlockhashQuery::FeeCalculator(
+                blockhash_query::Source::NonceAccount(nonce_pubkey),
+                blockhash
+            ),
+        );
+        assert_eq!(
+            BlockhashQuery::new(None, false, Some(nonce_pubkey)),
+            BlockhashQuery::All(blockhash_query::Source::NonceAccount(nonce_pubkey)),
+        );
+    }
+
+    #[test]
+    #[should_panic]
+    fn test_blockhash_query_new_no_nonce_fail() {
+        BlockhashQuery::new(None, true, None);
+    }
+
+    #[test]
+    #[should_panic]
+    fn test_blockhash_query_new_nonce_fail() {
+        let nonce_pubkey = Pubkey::new(&[1u8; 32]);
+        BlockhashQuery::new(None, true, Some(nonce_pubkey));
+    }
+
+    #[test]
+    fn test_blockhash_query_new_from_matches_ok() {
+        let test_commands = App::new("blockhash_query_test")
+            .arg(nonce_arg())
+            .offline_args();
+        let blockhash = hash(&[1u8]);
+        let blockhash_string = blockhash.to_string();
+
+        let matches = test_commands.clone().get_matches_from(vec![
+            "blockhash_query_test",
+            "--blockhash",
+            &blockhash_string,
+            "--sign-only",
+        ]);
+        assert_eq!(
+            BlockhashQuery::new_from_matches(&matches),
+            BlockhashQuery::None(blockhash),
+        );
+
+        let matches = test_commands.clone().get_matches_from(vec![
+            "blockhash_query_test",
+            "--blockhash",
+            &blockhash_string,
+        ]);
+        assert_eq!(
+            BlockhashQuery::new_from_matches(&matches),
+            BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
+        );
+
+        let matches = test_commands
+            .clone()
+            .get_matches_from(vec!["blockhash_query_test"]);
+        assert_eq!(
+            BlockhashQuery::new_from_matches(&matches),
+            BlockhashQuery::All(blockhash_query::Source::Cluster),
+        );
+
+        let nonce_pubkey = Pubkey::new(&[1u8; 32]);
+        let nonce_string = nonce_pubkey.to_string();
+        let matches = test_commands.clone().get_matches_from(vec![
+            "blockhash_query_test",
+            "--blockhash",
+            &blockhash_string,
+            "--sign-only",
+            "--nonce",
+            &nonce_string,
+        ]);
+        assert_eq!(
+            BlockhashQuery::new_from_matches(&matches),
+            BlockhashQuery::None(blockhash),
+        );
+
+        let matches = test_commands.clone().get_matches_from(vec![
+            "blockhash_query_test",
+            "--blockhash",
+            &blockhash_string,
+            "--nonce",
+            &nonce_string,
+        ]);
+        assert_eq!(
+            BlockhashQuery::new_from_matches(&matches),
+            BlockhashQuery::FeeCalculator(
+                blockhash_query::Source::NonceAccount(nonce_pubkey),
+                blockhash
+            ),
+        );
+    }
+
+    #[test]
+    #[should_panic]
+    fn test_blockhash_query_new_from_matches_without_nonce_fail() {
+        let test_commands = App::new("blockhash_query_test")
+            .arg(blockhash_arg())
+            // We can really only hit this case if the arg requirements
+            // are broken, so unset the requires() to recreate that condition
+            .arg(sign_only_arg().requires(""));
+
+        let matches = test_commands
+            .clone()
+            .get_matches_from(vec!["blockhash_query_test", "--sign-only"]);
+        BlockhashQuery::new_from_matches(&matches);
+    }
+
+    #[test]
+    #[should_panic]
+    fn test_blockhash_query_new_from_matches_with_nonce_fail() {
+        let test_commands = App::new("blockhash_query_test")
+            .arg(blockhash_arg())
+            // We can really only hit this case if the arg requirements
+            // are broken, so unset the requires() to recreate that condition
+            .arg(sign_only_arg().requires(""));
+        let nonce_pubkey = Pubkey::new(&[1u8; 32]);
+        let nonce_string = nonce_pubkey.to_string();
+
+        let matches = test_commands.clone().get_matches_from(vec![
+            "blockhash_query_test",
+            "--sign-only",
+            "--nonce",
+            &nonce_string,
+        ]);
+        BlockhashQuery::new_from_matches(&matches);
+    }
+
+    #[test]
+    fn test_blockhash_query_get_blockhash_fee_calc() {
+        let test_blockhash = hash(&[0u8]);
+        let rpc_blockhash = hash(&[1u8]);
+        let rpc_fee_calc = FeeCalculator::new(42);
+        let get_recent_blockhash_response = json!(Response {
+            context: RpcResponseContext { slot: 1 },
+            value: json!((
+                Value::String(rpc_blockhash.to_string()),
+                serde_json::to_value(rpc_fee_calc.clone()).unwrap()
+            )),
+        });
+        let get_fee_calculator_for_blockhash_response = json!(Response {
+            context: RpcResponseContext { slot: 1 },
+            value: json!(RpcFeeCalculator {
+                fee_calculator: rpc_fee_calc.clone()
+            }),
+        });
+        let mut mocks = HashMap::new();
+        mocks.insert(
+            RpcRequest::GetRecentBlockhash,
+            get_recent_blockhash_response.clone(),
+        );
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::default()
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (rpc_blockhash, rpc_fee_calc.clone()),
+        );
+        let mut mocks = HashMap::new();
+        mocks.insert(
+            RpcRequest::GetRecentBlockhash,
+            get_recent_blockhash_response.clone(),
+        );
+        mocks.insert(
+            RpcRequest::GetFeeCalculatorForBlockhash,
+            get_fee_calculator_for_blockhash_response.clone(),
+        );
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::FeeCalculator(Source::Cluster, test_blockhash)
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (test_blockhash, rpc_fee_calc.clone()),
+        );
+        let mut mocks = HashMap::new();
+        mocks.insert(
+            RpcRequest::GetRecentBlockhash,
+            get_recent_blockhash_response.clone(),
+        );
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::None(test_blockhash)
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (test_blockhash, FeeCalculator::default()),
+        );
+        let rpc_client = RpcClient::new_mock("fails".to_string());
+        assert!(BlockhashQuery::default()
+            .get_blockhash_and_fee_calculator(&rpc_client)
+            .is_err());
+
+        let nonce_blockhash = Hash::new(&[2u8; 32]);
+        let nonce_fee_calc = FeeCalculator::new(4242);
+        let data = nonce::state::Data {
+            authority: Pubkey::new(&[3u8; 32]),
+            blockhash: nonce_blockhash,
+            fee_calculator: nonce_fee_calc.clone(),
+        };
+        let nonce_account = Account::new_data_with_space(
+            42,
+            &nonce::state::Versions::new_current(nonce::State::Initialized(data)),
+            nonce::State::size(),
+            &system_program::id(),
+        )
+        .unwrap();
+        let nonce_pubkey = Pubkey::new(&[4u8; 32]);
+        let rpc_nonce_account = RpcAccount::encode(nonce_account);
+        let get_account_response = json!(Response {
+            context: RpcResponseContext { slot: 1 },
+            value: json!(Some(rpc_nonce_account.clone())),
+        });
+
+        let mut mocks = HashMap::new();
+        mocks.insert(RpcRequest::GetAccountInfo, get_account_response.clone());
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::All(Source::NonceAccount(nonce_pubkey))
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (nonce_blockhash, nonce_fee_calc.clone()),
+        );
+        let mut mocks = HashMap::new();
+        mocks.insert(RpcRequest::GetAccountInfo, get_account_response.clone());
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::FeeCalculator(Source::NonceAccount(nonce_pubkey), nonce_blockhash)
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (nonce_blockhash, nonce_fee_calc.clone()),
+        );
+        let mut mocks = HashMap::new();
+        mocks.insert(RpcRequest::GetAccountInfo, get_account_response.clone());
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert!(
+            BlockhashQuery::FeeCalculator(Source::NonceAccount(nonce_pubkey), test_blockhash)
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .is_err()
+        );
+        let mut mocks = HashMap::new();
+        mocks.insert(RpcRequest::GetAccountInfo, get_account_response.clone());
+        let rpc_client = RpcClient::new_mock_with_mocks("".to_string(), mocks);
+        assert_eq!(
+            BlockhashQuery::None(nonce_blockhash)
+                .get_blockhash_and_fee_calculator(&rpc_client)
+                .unwrap(),
+            (nonce_blockhash, FeeCalculator::default()),
+        );
+
+        let rpc_client = RpcClient::new_mock("fails".to_string());
+        assert!(BlockhashQuery::All(Source::NonceAccount(nonce_pubkey))
+            .get_blockhash_and_fee_calculator(&rpc_client)
+            .is_err());
+    }
+}
--- a/cli/src/offline/mod.rs
+++ b/cli/src/offline/mod.rs
@ -0,0 +1,114 @@
+pub mod blockhash_query;
+
+use crate::nonce;
+use clap::{App, Arg, ArgMatches};
+use serde_json::Value;
+use solana_clap_utils::{
+    input_parsers::{pubkey_of, value_of},
+    input_validators::{is_hash, is_pubkey_sig},
+    keypair::presigner_from_pubkey_sigs,
+    offline::{BLOCKHASH_ARG, SIGNER_ARG, SIGN_ONLY_ARG},
+};
+use solana_client::rpc_client::RpcClient;
+use solana_sdk::{
+    fee_calculator::FeeCalculator,
+    hash::Hash,
+    pubkey::Pubkey,
+    signature::{Presigner, Signature},
+};
+use std::str::FromStr;
+
+fn blockhash_arg<'a, 'b>() -> Arg<'a, 'b> {
+    Arg::with_name(BLOCKHASH_ARG.name)
+        .long(BLOCKHASH_ARG.long)
+        .takes_value(true)
+        .value_name("BLOCKHASH")
+        .validator(is_hash)
+        .help(BLOCKHASH_ARG.help)
+}
+
+fn sign_only_arg<'a, 'b>() -> Arg<'a, 'b> {
+    Arg::with_name(SIGN_ONLY_ARG.name)
+        .long(SIGN_ONLY_ARG.long)
+        .takes_value(false)
+        .requires(BLOCKHASH_ARG.name)
+        .help(SIGN_ONLY_ARG.help)
+}
+
+fn signer_arg<'a, 'b>() -> Arg<'a, 'b> {
+    Arg::with_name(SIGNER_ARG.name)
+        .long(SIGNER_ARG.long)
+        .takes_value(true)
+        .value_name("PUBKEY=SIGNATURE")
+        .validator(is_pubkey_sig)
+        .requires(BLOCKHASH_ARG.name)
+        .multiple(true)
+        .help(SIGNER_ARG.help)
+}
+
+pub trait OfflineArgs {
+    fn offline_args(self) -> Self;
+}
+
+impl OfflineArgs for App<'_, '_> {
+    fn offline_args(self) -> Self {
+        self.arg(blockhash_arg())
+            .arg(sign_only_arg())
+            .arg(signer_arg())
+    }
+}
+
+pub struct SignOnly {
+    pub blockhash: Hash,
+    pub present_signers: Vec<(Pubkey, Signature)>,
+    pub absent_signers: Vec<Pubkey>,
+    pub bad_signers: Vec<Pubkey>,
+}
+
+impl SignOnly {
+    pub fn has_all_signers(&self) -> bool {
+        self.absent_signers.is_empty() && self.bad_signers.is_empty()
+    }
+
+    pub fn presigner_of(&self, pubkey: &Pubkey) -> Option<Presigner> {
+        presigner_from_pubkey_sigs(pubkey, &self.present_signers)
+    }
+}
+
+pub fn parse_sign_only_reply_string(reply: &str) -> SignOnly {
+    let object: Value = serde_json::from_str(&reply).unwrap();
+    let blockhash_str = object.get("blockhash").unwrap().as_str().unwrap();
+    let blockhash = blockhash_str.parse::<Hash>().unwrap();
+    let signer_strings = object.get("signers").unwrap().as_array().unwrap();
+    let present_signers = signer_strings
+        .iter()
+        .map(|signer_string| {
+            let mut signer = signer_string.as_str().unwrap().split('=');
+            let key = Pubkey::from_str(signer.next().unwrap()).unwrap();
+            let sig = Signature::from_str(signer.next().unwrap()).unwrap();
+            (key, sig)
+        })
+        .collect();
+    let signer_strings = object.get("absent").unwrap().as_array().unwrap();
+    let absent_signers = signer_strings
+        .iter()
+        .map(|val| {
+            let s = val.as_str().unwrap();
+            Pubkey::from_str(s).unwrap()
+        })
+        .collect();
+    let signer_strings = object.get("badSig").unwrap().as_array().unwrap();
+    let bad_signers = signer_strings
+        .iter()
+        .map(|val| {
+            let s = val.as_str().unwrap();
+            Pubkey::from_str(s).unwrap()
+        })
+        .collect();
+    SignOnly {
+        blockhash,
+        present_signers,
+        absent_signers,
+        bad_signers,
+    }
+}
--- a/cli/src/stake.rs
+++ b/cli/src/stake.rs
@ -5,9 +5,10 @@ use crate::{
        CliCommand, CliCommandInfo, CliConfig, CliError, ProcessResult, SignerIndex, FEE_PAYER_ARG,
    },
    nonce::{check_nonce_account, nonce_arg, NONCE_ARG, NONCE_AUTHORITY_ARG},
-    offline::*,
+    offline::{blockhash_query::BlockhashQuery, *},
 };
-use clap::{App, Arg, ArgMatches, SubCommand};
+use chrono::{DateTime, NaiveDateTime, SecondsFormat, Utc};
+use clap::{App, Arg, ArgGroup, ArgMatches, SubCommand};
 use console::style;
 use solana_clap_utils::{input_parsers::*, input_validators::*, offline::*, ArgConstant};
 use solana_client::rpc_client::RpcClient;
@ -24,7 +25,7 @@ use solana_sdk::{
    transaction::Transaction,
 };
 use solana_stake_program::{
-    stake_instruction::{self, StakeError},
+    stake_instruction::{self, LockupArgs, StakeError},
    stake_state::{Authorized, Lockup, Meta, StakeAuthorize, StakeState},
 };
 use solana_vote_program::vote_state::VoteState;
@ -33,20 +34,20 @@ use std::{ops::Deref, sync::Arc};
 pub const STAKE_AUTHORITY_ARG: ArgConstant<'static> = ArgConstant {
    name: "stake_authority",
    long: "stake-authority",
-    help: "Public key of authorized staker (defaults to cli config pubkey)",
+    help: "Authorized staker [default: cli config keypair]",
 };

 pub const WITHDRAW_AUTHORITY_ARG: ArgConstant<'static> = ArgConstant {
    name: "withdraw_authority",
    long: "withdraw-authority",
-    help: "Public key of authorized withdrawer (defaults to cli config pubkey)",
+    help: "Authorized withdrawer [default: cli config keypair]",
 };

 fn stake_authority_arg<'a, 'b>() -> Arg<'a, 'b> {
    Arg::with_name(STAKE_AUTHORITY_ARG.name)
        .long(STAKE_AUTHORITY_ARG.long)
        .takes_value(true)
-        .value_name("KEYPAIR or PUBKEY or REMOTE WALLET PATH")
+        .value_name("KEYPAIR")
        .validator(is_valid_signer)
        .help(STAKE_AUTHORITY_ARG.help)
 }
@ -55,7 +56,7 @@ fn withdraw_authority_arg<'a, 'b>() -> Arg<'a, 'b> {
    Arg::with_name(WITHDRAW_AUTHORITY_ARG.name)
        .long(WITHDRAW_AUTHORITY_ARG.long)
        .takes_value(true)
-        .value_name("KEYPAIR or PUBKEY or REMOTE WALLET PATH")
+        .value_name("KEYPAIR")
        .validator(is_valid_signer)
        .help(WITHDRAW_AUTHORITY_ARG.help)
 }
@ -72,7 +73,7 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
                        .validator(is_valid_signer)
@ -81,7 +82,7 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("amount")
                        .index(2)
-                        .value_name("AMOUNT")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .validator(is_amount)
                        .required(true)
@ -90,29 +91,29 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("custodian")
                        .long("custodian")
-                        .value_name("KEYPAIR or PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Identity of the custodian (can withdraw before lockup expires)")
                )
                .arg(
                    Arg::with_name("seed")
                        .long("seed")
-                        .value_name("SEED STRING")
+                        .value_name("STRING")
                        .takes_value(true)
-                        .help("Seed for address generation; if specified, the resulting account will be at a derived address of the STAKE ACCOUNT pubkey")
+                        .help("Seed for address generation; if specified, the resulting account will be at a derived address of the stake_account pubkey")
                )
                .arg(
                    Arg::with_name("lockup_epoch")
                        .long("lockup-epoch")
-                        .value_name("EPOCH")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .help("The epoch height at which this account will be available for withdrawal")
                )
                .arg(
                    Arg::with_name("lockup_date")
                        .long("lockup-date")
-                        .value_name("RFC3339 DATE TIME")
+                        .value_name("RFC3339 DATETIME")
                        .validator(is_rfc3339_datetime)
                        .takes_value(true)
                        .help("The date and time at which this account will be available for withdrawal")
@ -122,7 +123,7 @@ impl StakeSubCommands for App<'_, '_> {
                        .long(STAKE_AUTHORITY_ARG.long)
                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help(STAKE_AUTHORITY_ARG.help)
                )
                .arg(
@ -130,14 +131,14 @@ impl StakeSubCommands for App<'_, '_> {
                        .long(WITHDRAW_AUTHORITY_ARG.long)
                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help(WITHDRAW_AUTHORITY_ARG.help)
                )
                .arg(
                    Arg::with_name("from")
                        .long("from")
                        .takes_value(true)
-                        .value_name("KEYPAIR or PUBKEY or REMOTE WALLET PATH")
+                        .value_name("KEYPAIR")
                        .validator(is_valid_signer)
                        .help("Source account of funds (if different from client local account)"),
                )
@ -159,19 +160,19 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Stake account to delegate")
                )
                .arg(
                    Arg::with_name("vote_account_pubkey")
                        .index(2)
-                        .value_name("VOTE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("The vote account to which the stake will be delegated")
                )
                .arg(stake_authority_arg())
@ -186,19 +187,19 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Stake account in which to set the authorized staker")
                )
                .arg(
                    Arg::with_name("authorized_pubkey")
                        .index(2)
-                        .value_name("AUTHORIZE PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("New authorized staker")
                )
                .arg(stake_authority_arg())
@ -213,19 +214,19 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Stake account in which to set the authorized withdrawer")
                )
                .arg(
                    Arg::with_name("authorized_pubkey")
                        .index(2)
-                        .value_name("AUTHORIZE PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("New authorized withdrawer")
                )
                .arg(withdraw_authority_arg())
@ -240,9 +241,10 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
+                        .validator(is_valid_pubkey)
                        .help("Stake account to be deactivated.")
                )
                .arg(stake_authority_arg())
@ -257,33 +259,34 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
+                        .validator(is_valid_pubkey)
                        .help("Stake account to be split")
                )
                .arg(
                    Arg::with_name("split_stake_account")
                        .index(2)
-                        .value_name("SPLIT STAKE ACCOUNT")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_keypair_or_ask_keyword)
+                        .validator(is_valid_signer)
                        .help("Keypair of the new stake account to split funds into")
                )
                .arg(
                    Arg::with_name("amount")
                        .index(3)
-                        .value_name("AMOUNT")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .validator(is_amount)
                        .required(true)
-                        .help("The amount to move into the new stake account, in unit SOL")
+                        .help("The amount to move into the new stake account, in SOL")
                )
                .arg(
                    Arg::with_name("seed")
                        .long("seed")
-                        .value_name("SEED STRING")
+                        .value_name("STRING")
                        .takes_value(true)
                        .help("Seed for address generation; if specified, the resulting account will be at a derived address of the SPLIT STAKE ACCOUNT pubkey")
                )
@ -295,29 +298,29 @@ impl StakeSubCommands for App<'_, '_> {
        )
        .subcommand(
            SubCommand::with_name("withdraw-stake")
-                .about("Withdraw the unstaked lamports from the stake account")
+                .about("Withdraw the unstaked SOL from the stake account")
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Stake account from which to withdraw")
                )
                .arg(
                    Arg::with_name("destination_account_pubkey")
                        .index(2)
-                        .value_name("DESTINATION ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("The account to which the lamports should be transferred")
+                        .validator(is_valid_pubkey)
+                        .help("The account to which the SOL should be transferred")
                )
                .arg(
                    Arg::with_name("amount")
                        .index(3)
-                        .value_name("AMOUNT")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .validator(is_amount)
                        .required(true)
@ -335,23 +338,23 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Stake account for which to set Lockup")
                )
                .arg(
                    Arg::with_name("lockup_epoch")
                        .long("lockup-epoch")
-                        .value_name("EPOCH")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .help("The epoch height at which this account will be available for withdrawal")
                )
                .arg(
                    Arg::with_name("lockup_date")
                        .long("lockup-date")
-                        .value_name("RFC3339 DATE TIME")
+                        .value_name("RFC3339 DATETIME")
                        .validator(is_rfc3339_datetime)
                        .takes_value(true)
                        .help("The date and time at which this account will be available for withdrawal")
@ -359,18 +362,21 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("new_custodian")
                        .long("new-custodian")
-                        .value_name("KEYPAIR or PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Identity of the new lockup custodian (can withdraw before lockup expires)")
                )
+                .group(ArgGroup::with_name("lockup_details")
+                    .args(&["lockup_epoch", "lockup_date", "new_custodian"])
+                    .required(true))
                .arg(
                    Arg::with_name("custodian")
                        .long("custodian")
                        .takes_value(true)
-                        .value_name("KEYPAIR or PUBKEY or REMOTE WALLET PATH")
+                        .value_name("KEYPAIR")
                        .validator(is_valid_signer)
-                        .help("Public key of signing custodian (defaults to cli config pubkey)")
+                        .help("Public key of signing custodian [default: cli config pubkey]")
                )
                .offline_args()
                .arg(nonce_arg())
@ -384,10 +390,10 @@ impl StakeSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("stake_account_pubkey")
                        .index(1)
-                        .value_name("STAKE ACCOUNT")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Address of the stake account to display")
                )
                .arg(
@ -419,13 +425,13 @@ pub fn parse_stake_create_account(
    let seed = matches.value_of("seed").map(|s| s.to_string());
    let epoch = value_of(matches, "lockup_epoch").unwrap_or(0);
    let unix_timestamp = unix_timestamp_from_rfc3339_datetime(matches, "lockup_date").unwrap_or(0);
-    let custodian = pubkey_of(matches, "custodian").unwrap_or_default();
-    let staker = pubkey_of(matches, STAKE_AUTHORITY_ARG.name);
-    let withdrawer = pubkey_of(matches, WITHDRAW_AUTHORITY_ARG.name);
+    let custodian = pubkey_of_signer(matches, "custodian", wallet_manager)?.unwrap_or_default();
+    let staker = pubkey_of_signer(matches, STAKE_AUTHORITY_ARG.name, wallet_manager)?;
+    let withdrawer = pubkey_of_signer(matches, WITHDRAW_AUTHORITY_ARG.name, wallet_manager)?;
    let lamports = lamports_of_sol(matches, "amount").unwrap();
    let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
    let blockhash_query = BlockhashQuery::new_from_matches(matches);
-    let nonce_account = pubkey_of(matches, NONCE_ARG.name);
+    let nonce_account = pubkey_of_signer(matches, NONCE_ARG.name, wallet_manager)?;
    let (nonce_authority, nonce_authority_pubkey) =
        signer_of(matches, NONCE_AUTHORITY_ARG.name, wallet_manager)?;
    let (fee_payer, fee_payer_pubkey) = signer_of(matches, FEE_PAYER_ARG.name, wallet_manager)?;
@ -468,8 +474,10 @@ pub fn parse_stake_delegate_stake(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
-    let vote_account_pubkey = pubkey_of(matches, "vote_account_pubkey").unwrap();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
+    let vote_account_pubkey =
+        pubkey_of_signer(matches, "vote_account_pubkey", wallet_manager)?.unwrap();
    let force = matches.is_present("force");
    let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
    let blockhash_query = BlockhashQuery::new_from_matches(matches);
@ -509,8 +517,10 @@ pub fn parse_stake_authorize(
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
    stake_authorize: StakeAuthorize,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
-    let new_authorized_pubkey = pubkey_of(matches, "authorized_pubkey").unwrap();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
+    let new_authorized_pubkey =
+        pubkey_of_signer(matches, "authorized_pubkey", wallet_manager)?.unwrap();
    let authority_flag = match stake_authorize {
        StakeAuthorize::Staker => STAKE_AUTHORITY_ARG.name,
        StakeAuthorize::Withdrawer => WITHDRAW_AUTHORITY_ARG.name,
@ -551,7 +561,8 @@ pub fn parse_split_stake(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
    let (split_stake_account, split_stake_account_pubkey) =
        signer_of(matches, "split_stake_account", wallet_manager)?;
    let lamports = lamports_of_sol(matches, "amount").unwrap();
@ -595,7 +606,8 @@ pub fn parse_stake_deactivate_stake(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
    let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
    let blockhash_query = BlockhashQuery::new_from_matches(matches);
    let nonce_account = pubkey_of(matches, NONCE_ARG.name);
@ -631,8 +643,10 @@ pub fn parse_stake_withdraw_stake(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
-    let destination_account_pubkey = pubkey_of(matches, "destination_account_pubkey").unwrap();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
+    let destination_account_pubkey =
+        pubkey_of_signer(matches, "destination_account_pubkey", wallet_manager)?.unwrap();
    let lamports = lamports_of_sol(matches, "amount").unwrap();
    let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
    let blockhash_query = BlockhashQuery::new_from_matches(matches);
@ -671,10 +685,11 @@ pub fn parse_stake_set_lockup(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
-    let epoch = value_of(matches, "lockup_epoch").unwrap_or(0);
-    let unix_timestamp = unix_timestamp_from_rfc3339_datetime(matches, "lockup_date").unwrap_or(0);
-    let new_custodian = pubkey_of(matches, "new_custodian").unwrap_or_default();
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
+    let epoch = value_of(matches, "lockup_epoch");
+    let unix_timestamp = unix_timestamp_from_rfc3339_datetime(matches, "lockup_date");
+    let new_custodian = pubkey_of_signer(matches, "new_custodian", wallet_manager)?;

    let sign_only = matches.is_present(SIGN_ONLY_ARG.name);
    let blockhash_query = BlockhashQuery::new_from_matches(matches);
@ -695,7 +710,7 @@ pub fn parse_stake_set_lockup(
    Ok(CliCommandInfo {
        command: CliCommand::StakeSetLockup {
            stake_account_pubkey,
-            lockup: Lockup {
+            lockup: LockupArgs {
                custodian: new_custodian,
                epoch,
                unix_timestamp,
@ -711,8 +726,12 @@ pub fn parse_stake_set_lockup(
    })
 }

-pub fn parse_show_stake_account(matches: &ArgMatches<'_>) -> Result<CliCommandInfo, CliError> {
-    let stake_account_pubkey = pubkey_of(matches, "stake_account_pubkey").unwrap();
+pub fn parse_show_stake_account(
+    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
+    let stake_account_pubkey =
+        pubkey_of_signer(matches, "stake_account_pubkey", wallet_manager)?.unwrap();
    let use_lamports_unit = matches.is_present("lamports");
    Ok(CliCommandInfo {
        command: CliCommand::ShowStakeAccount {
@ -810,7 +829,7 @@ pub fn process_create_stake_account(
        )
    };
    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;

    let fee_payer = config.signers[fee_payer];
    let nonce_authority = config.signers[nonce_authority];
@ -823,14 +842,15 @@ pub fn process_create_stake_account(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -841,7 +861,7 @@ pub fn process_create_stake_account(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<SystemError>(result)
    }
 }
@ -866,7 +886,7 @@ pub fn process_stake_authorize(
    )?;
    let authority = config.signers[authority];
    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;
    let ixs = vec![stake_instruction::authorize(
        stake_account_pubkey, // stake account to update
        &authority.pubkey(),  // currently authorized
@ -885,14 +905,15 @@ pub fn process_stake_authorize(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -903,7 +924,7 @@ pub fn process_stake_authorize(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<StakeError>(result)
    }
 }
@ -921,7 +942,7 @@ pub fn process_deactivate_stake_account(
    fee_payer: SignerIndex,
 ) -> ProcessResult {
    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;
    let stake_authority = config.signers[stake_authority];
    let ixs = vec![stake_instruction::deactivate_stake(
        stake_account_pubkey,
@ -938,14 +959,15 @@ pub fn process_deactivate_stake_account(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -956,7 +978,7 @@ pub fn process_deactivate_stake_account(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<StakeError>(result)
    }
 }
@ -976,7 +998,7 @@ pub fn process_withdraw_stake(
    fee_payer: SignerIndex,
 ) -> ProcessResult {
    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;
    let withdraw_authority = config.signers[withdraw_authority];

    let ixs = vec![stake_instruction::withdraw(
@ -997,14 +1019,15 @@ pub fn process_withdraw_stake(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -1015,7 +1038,7 @@ pub fn process_withdraw_stake(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<SystemError>(result)
    }
 }
@ -1037,13 +1060,16 @@ pub fn process_split_stake(
 ) -> ProcessResult {
    let split_stake_account = config.signers[split_stake_account];
    let fee_payer = config.signers[fee_payer];
-    check_unique_pubkeys(
-        (&fee_payer.pubkey(), "fee-payer keypair".to_string()),
-        (
-            &split_stake_account.pubkey(),
-            "split_stake_account".to_string(),
-        ),
-    )?;
+
+    if split_stake_account_seed.is_none() {
+        check_unique_pubkeys(
+            (&fee_payer.pubkey(), "fee-payer keypair".to_string()),
+            (
+                &split_stake_account.pubkey(),
+                "split_stake_account".to_string(),
+            ),
+        )?;
+    }
    check_unique_pubkeys(
        (&fee_payer.pubkey(), "fee-payer keypair".to_string()),
        (&stake_account_pubkey, "stake_account".to_string()),
@ -1097,7 +1123,7 @@ pub fn process_split_stake(
    }

    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;

    let ixs = if let Some(seed) = split_stake_account_seed {
        stake_instruction::split_with_seed(
@ -1127,14 +1153,15 @@ pub fn process_split_stake(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -1145,7 +1172,7 @@ pub fn process_split_stake(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<StakeError>(result)
    }
 }
@ -1155,7 +1182,7 @@ pub fn process_stake_set_lockup(
    rpc_client: &RpcClient,
    config: &CliConfig,
    stake_account_pubkey: &Pubkey,
-    lockup: &mut Lockup,
+    lockup: &mut LockupArgs,
    custodian: SignerIndex,
    sign_only: bool,
    blockhash_query: &BlockhashQuery,
@ -1164,12 +1191,9 @@ pub fn process_stake_set_lockup(
    fee_payer: SignerIndex,
 ) -> ProcessResult {
    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;
    let custodian = config.signers[custodian];
-    // If new custodian is not explicitly set, default to current custodian
-    if lockup.custodian == Pubkey::default() {
-        lockup.custodian = custodian.pubkey();
-    }
+
    let ixs = vec![stake_instruction::set_lockup(
        stake_account_pubkey,
        lockup,
@ -1186,14 +1210,15 @@ pub fn process_stake_set_lockup(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -1204,7 +1229,7 @@ pub fn process_stake_set_lockup(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<StakeError>(result)
    }
 }
@ -1215,6 +1240,12 @@ pub fn print_stake_state(stake_lamports: u64, stake_state: &StakeState, use_lamp
        println!("Authorized Withdrawer: {}", authorized.withdrawer);
    }
    fn show_lockup(lockup: &Lockup) {
+        println!(
+            "Lockup Timestamp: {} (UnixTimestamp: {})",
+            DateTime::<Utc>::from_utc(NaiveDateTime::from_timestamp(lockup.unix_timestamp, 0), Utc)
+                .to_rfc3339_opts(SecondsFormat::Secs, true),
+            lockup.unix_timestamp
+        );
        println!("Lockup Epoch: {}", lockup.epoch);
        println!("Lockup Custodian: {}", lockup.custodian);
    }
@ -1290,7 +1321,7 @@ pub fn process_show_stake_account(
            Ok("".to_string())
        }
        Err(err) => Err(CliError::RpcRequestError(format!(
-            "Account data could not be deserialized to stake state: {:?}",
+            "Account data could not be deserialized to stake state: {}",
            err
        ))
        .into()),
@ -1386,17 +1417,17 @@ pub fn process_delegate_stake(
            }
        };

-        if sanity_check_result.is_err() {
+        if let Err(err) = &sanity_check_result {
            if !force {
                sanity_check_result?;
            } else {
-                println!("--force supplied, ignoring: {:?}", sanity_check_result);
+                println!("--force supplied, ignoring: {}", err);
            }
        }
    }

    let (recent_blockhash, fee_calculator) =
-        blockhash_query.get_blockhash_fee_calculator(rpc_client)?;
+        blockhash_query.get_blockhash_and_fee_calculator(rpc_client)?;

    let ixs = vec![stake_instruction::delegate_stake(
        stake_account_pubkey,
@ -1414,14 +1445,15 @@ pub fn process_delegate_stake(
            &nonce_authority.pubkey(),
        )
    } else {
-        Message::new_with_payer(ixs, Some(&fee_payer.pubkey()))
+        Message::new_with_payer(&ixs, Some(&fee_payer.pubkey()))
    };
    let mut tx = Transaction::new_unsigned(message);
-    tx.try_sign(&config.signers, recent_blockhash)?;

    if sign_only {
+        tx.try_partial_sign(&config.signers, recent_blockhash)?;
        return_signers(&tx)
    } else {
+        tx.try_sign(&config.signers, recent_blockhash)?;
        if let Some(nonce_account) = &nonce_account {
            let nonce_account = rpc_client.get_account(nonce_account)?;
            check_nonce_account(&nonce_account, &nonce_authority.pubkey(), &recent_blockhash)?;
@ -1432,7 +1464,7 @@ pub fn process_delegate_stake(
            &fee_calculator,
            &tx.message,
        )?;
-        let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+        let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
        log_instruction_custom_error::<StakeError>(result)
    }
 }
@ -1442,7 +1474,6 @@ mod tests {
    use super::*;
    use crate::cli::{app, parse_command};
    use solana_sdk::{
-        fee_calculator::FeeCalculator,
        hash::Hash,
        signature::{
            keypair_from_seed, read_keypair_file, write_keypair, Keypair, Presigner, Signer,
@ -1546,7 +1577,7 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: true,
-                    blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+                    blockhash_query: BlockhashQuery::None(blockhash),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -1580,7 +1611,10 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -1624,7 +1658,10 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        blockhash
+                    ),
                    nonce_account: Some(nonce_account),
                    nonce_authority: 2,
                    fee_payer: 1,
@ -1654,7 +1691,10 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -1689,7 +1729,10 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account_pubkey),
+                        blockhash
+                    ),
                    nonce_account: Some(nonce_account_pubkey),
                    nonce_authority: 1,
                    fee_payer: 0,
@ -1723,7 +1766,7 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -1758,7 +1801,10 @@ mod tests {
                    stake_authorize,
                    authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -1832,7 +1878,7 @@ mod tests {
                    },
                    lamports: 50_000_000_000,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -1869,7 +1915,7 @@ mod tests {
                    lockup: Lockup::default(),
                    lamports: 50_000_000_000,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -1922,7 +1968,10 @@ mod tests {
                    lockup: Lockup::default(),
                    lamports: 50_000_000_000,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        nonce_hash
+                    ),
                    nonce_account: Some(nonce_account),
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2042,7 +2091,10 @@ mod tests {
                    stake_authority: 0,
                    force: false,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2069,7 +2121,7 @@ mod tests {
                    stake_authority: 0,
                    force: false,
                    sign_only: true,
-                    blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+                    blockhash_query: BlockhashQuery::None(blockhash),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2103,7 +2155,10 @@ mod tests {
                    stake_authority: 0,
                    force: false,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -2146,7 +2201,10 @@ mod tests {
                    stake_authority: 0,
                    force: false,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        blockhash
+                    ),
                    nonce_account: Some(nonce_account),
                    nonce_authority: 2,
                    fee_payer: 1,
@ -2180,7 +2238,7 @@ mod tests {
                    stake_authority: 0,
                    force: false,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -2210,7 +2268,7 @@ mod tests {
                    lamports: 42_000_000_000,
                    withdraw_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2239,7 +2297,7 @@ mod tests {
                    lamports: 42_000_000_000,
                    withdraw_authority: 1,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2283,7 +2341,10 @@ mod tests {
                    lamports: 42_000_000_000,
                    withdraw_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        nonce_hash
+                    ),
                    nonce_account: Some(nonce_account),
                    nonce_authority: 1,
                    fee_payer: 1,
@ -2365,7 +2426,10 @@ mod tests {
                    stake_account_pubkey,
                    stake_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2389,7 +2453,7 @@ mod tests {
                    stake_account_pubkey,
                    stake_authority: 0,
                    sign_only: true,
-                    blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+                    blockhash_query: BlockhashQuery::None(blockhash),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 0,
@ -2420,7 +2484,10 @@ mod tests {
                    stake_account_pubkey,
                    stake_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::Cluster,
+                        blockhash
+                    ),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -2460,7 +2527,10 @@ mod tests {
                    stake_account_pubkey,
                    stake_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        blockhash
+                    ),
                    nonce_account: Some(nonce_account),
                    nonce_authority: 2,
                    fee_payer: 1,
@ -2488,7 +2558,7 @@ mod tests {
                    stake_account_pubkey,
                    stake_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::All,
+                    blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
                    nonce_account: None,
                    nonce_authority: 0,
                    fee_payer: 1,
@ -2583,7 +2653,10 @@ mod tests {
                    stake_account_pubkey: stake_account_keypair.pubkey(),
                    stake_authority: 0,
                    sign_only: false,
-                    blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+                    blockhash_query: BlockhashQuery::FeeCalculator(
+                        blockhash_query::Source::NonceAccount(nonce_account),
+                        nonce_hash
+                    ),
                    nonce_account: Some(nonce_account.into()),
                    nonce_authority: 1,
                    split_stake_account: 2,
--- a/cli/src/storage.rs
+++ b/cli/src/storage.rs
@ -1,6 +1,7 @@
 use crate::cli::{
-    check_account_for_fee, check_unique_pubkeys, log_instruction_custom_error, CliCommand,
-    CliCommandInfo, CliConfig, CliError, ProcessResult, SignerIndex,
+    check_account_for_fee, check_unique_pubkeys, generate_unique_signers,
+    log_instruction_custom_error, CliCommand, CliCommandInfo, CliConfig, CliError, ProcessResult,
+    SignerIndex,
 };
 use clap::{App, Arg, ArgMatches, SubCommand};
 use solana_clap_utils::{input_parsers::*, input_validators::*, keypair::signer_from_path};
@ -25,18 +26,18 @@ impl StorageSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("storage_account_owner")
                        .index(1)
-                        .value_name("STORAGE ACCOUNT OWNER PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair),
+                        .validator(is_valid_pubkey),
                )
                .arg(
                    Arg::with_name("storage_account")
                        .index(2)
-                        .value_name("STORAGE ACCOUNT")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_keypair_or_ask_keyword),
+                        .validator(is_valid_signer),
                ),
        )
        .subcommand(
@ -45,18 +46,18 @@ impl StorageSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("storage_account_owner")
                        .index(1)
-                        .value_name("STORAGE ACCOUNT OWNER PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair),
+                        .validator(is_valid_pubkey),
                )
                .arg(
                    Arg::with_name("storage_account")
                        .index(2)
-                        .value_name("STORAGE ACCOUNT")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_keypair_or_ask_keyword),
+                        .validator(is_valid_signer),
                ),
        )
        .subcommand(
@ -65,19 +66,19 @@ impl StorageSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("node_account_pubkey")
                        .index(1)
-                        .value_name("NODE PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("The node account to credit the rewards to"),
                )
                .arg(
                    Arg::with_name("storage_account_pubkey")
                        .index(2)
-                        .value_name("STORAGE ACCOUNT PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Storage account address to redeem credits for"),
                ),
        )
@ -88,10 +89,10 @@ impl StorageSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("storage_account_pubkey")
                        .index(1)
-                        .value_name("STORAGE ACCOUNT PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Storage account pubkey"),
                ),
        )
@ -103,18 +104,26 @@ pub fn parse_storage_create_archiver_account(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let account_owner = pubkey_of(matches, "storage_account_owner").unwrap();
-    let storage_account = keypair_of(matches, "storage_account").unwrap();
+    let account_owner =
+        pubkey_of_signer(matches, "storage_account_owner", wallet_manager)?.unwrap();
+    let (storage_account, storage_account_pubkey) =
+        signer_of(matches, "storage_account", wallet_manager)?;
+
+    let payer_provided = None;
+    let signer_info = generate_unique_signers(
+        vec![payer_provided, storage_account],
+        matches,
+        default_signer_path,
+        wallet_manager,
+    )?;
+
    Ok(CliCommandInfo {
        command: CliCommand::CreateStorageAccount {
            account_owner,
-            storage_account: 1,
+            storage_account: signer_info.index_of(storage_account_pubkey).unwrap(),
            account_type: StorageAccountType::Archiver,
        },
-        signers: vec![
-            signer_from_path(matches, default_signer_path, "keypair", wallet_manager)?,
-            storage_account.into(),
-        ],
+        signers: signer_info.signers,
    })
 }

@ -123,18 +132,26 @@ pub fn parse_storage_create_validator_account(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let account_owner = pubkey_of(matches, "storage_account_owner").unwrap();
-    let storage_account = keypair_of(matches, "storage_account").unwrap();
+    let account_owner =
+        pubkey_of_signer(matches, "storage_account_owner", wallet_manager)?.unwrap();
+    let (storage_account, storage_account_pubkey) =
+        signer_of(matches, "storage_account", wallet_manager)?;
+
+    let payer_provided = None;
+    let signer_info = generate_unique_signers(
+        vec![payer_provided, storage_account],
+        matches,
+        default_signer_path,
+        wallet_manager,
+    )?;
+
    Ok(CliCommandInfo {
        command: CliCommand::CreateStorageAccount {
            account_owner,
-            storage_account: 1,
+            storage_account: signer_info.index_of(storage_account_pubkey).unwrap(),
            account_type: StorageAccountType::Validator,
        },
-        signers: vec![
-            signer_from_path(matches, default_signer_path, "keypair", wallet_manager)?,
-            storage_account.into(),
-        ],
+        signers: signer_info.signers,
    })
 }

@ -143,8 +160,10 @@ pub fn parse_storage_claim_reward(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let node_account_pubkey = pubkey_of(matches, "node_account_pubkey").unwrap();
-    let storage_account_pubkey = pubkey_of(matches, "storage_account_pubkey").unwrap();
+    let node_account_pubkey =
+        pubkey_of_signer(matches, "node_account_pubkey", wallet_manager)?.unwrap();
+    let storage_account_pubkey =
+        pubkey_of_signer(matches, "storage_account_pubkey", wallet_manager)?.unwrap();
    Ok(CliCommandInfo {
        command: CliCommand::ClaimStorageReward {
            node_account_pubkey,
@ -161,8 +180,10 @@ pub fn parse_storage_claim_reward(

 pub fn parse_storage_get_account_command(
    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let storage_account_pubkey = pubkey_of(matches, "storage_account_pubkey").unwrap();
+    let storage_account_pubkey =
+        pubkey_of_signer(matches, "storage_account_pubkey", wallet_manager)?.unwrap();
    Ok(CliCommandInfo {
        command: CliCommand::ShowStorageAccount(storage_account_pubkey),
        signers: vec![],
@ -212,7 +233,7 @@ pub fn process_create_storage_account(
    );
    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;

-    let message = Message::new(ixs);
+    let message = Message::new(&ixs);
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -221,7 +242,7 @@ pub fn process_create_storage_account(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<SystemError>(result)
 }

@ -236,7 +257,7 @@ pub fn process_claim_storage_reward(
    let instruction =
        storage_instruction::claim_reward(node_account_pubkey, storage_account_pubkey);
    let signers = [config.signers[0]];
-    let message = Message::new_with_payer(vec![instruction], Some(&signers[0].pubkey()));
+    let message = Message::new_with_payer(&[instruction], Some(&signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&signers, recent_blockhash)?;
    check_account_for_fee(
@ -245,7 +266,7 @@ pub fn process_claim_storage_reward(
        &fee_calculator,
        &tx.message,
    )?;
-    let signature_str = rpc_client.send_and_confirm_transaction(&mut tx, &signers)?;
+    let signature_str = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &signers)?;
    Ok(signature_str)
 }

@ -266,7 +287,7 @@ pub fn process_show_storage_account(

    use solana_storage_program::storage_contract::StorageContract;
    let storage_contract: StorageContract = account.state().map_err(|err| {
-        CliError::RpcRequestError(format!("Unable to deserialize storage account: {:?}", err))
+        CliError::RpcRequestError(format!("Unable to deserialize storage account: {}", err))
    })?;
    println!("{:#?}", storage_contract);
    println!("Account Lamports: {}", account.lamports);
--- a/cli/src/validator_info.rs
+++ b/cli/src/validator_info.rs
@ -274,7 +274,7 @@ pub fn process_set_validator_info(
                println!("--force supplied, ignoring: {:?}", result);
            } else {
                result.map_err(|err| {
-                    CliError::BadParameter(format!("Invalid validator keybase username: {:?}", err))
+                    CliError::BadParameter(format!("Invalid validator keybase username: {}", err))
                })?;
            }
        }
@ -339,7 +339,7 @@ pub fn process_set_validator_info(
            &validator_info,
        )]);
        let signers = vec![config.signers[0], &info_keypair];
-        let message = Message::new(instructions);
+        let message = Message::new(&instructions);
        (message, signers)
    } else {
        println!(
@ -353,7 +353,7 @@ pub fn process_set_validator_info(
            keys,
            &validator_info,
        )];
-        let message = Message::new_with_payer(instructions, Some(&config.signers[0].pubkey()));
+        let message = Message::new_with_payer(&instructions, Some(&config.signers[0].pubkey()));
        let signers = vec![config.signers[0]];
        (message, signers)
    };
@ -368,7 +368,7 @@ pub fn process_set_validator_info(
        &fee_calculator,
        &tx.message,
    )?;
-    let signature_str = rpc_client.send_and_confirm_transaction(&mut tx, &signers)?;
+    let signature_str = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &signers)?;

    println!("Success! Validator info published at: {:?}", info_pubkey);
    println!("{}", signature_str);
--- a/cli/src/vote.rs
+++ b/cli/src/vote.rs
@ -1,7 +1,7 @@
 use crate::cli::{
    build_balance_message, check_account_for_fee, check_unique_pubkeys, generate_unique_signers,
    log_instruction_custom_error, CliCommand, CliCommandInfo, CliConfig, CliError, CliSignerInfo,
-    ProcessResult,
+    ProcessResult, SignerIndex,
 };
 use clap::{value_t_or_exit, App, Arg, ArgMatches, SubCommand};
 use solana_clap_utils::{input_parsers::*, input_validators::*};
@ -9,13 +9,14 @@ use solana_client::rpc_client::RpcClient;
 use solana_remote_wallet::remote_wallet::RemoteWalletManager;
 use solana_sdk::{
    account::Account,
+    commitment_config::CommitmentConfig,
    message::Message,
    pubkey::Pubkey,
    system_instruction::{create_address_with_seed, SystemError},
    transaction::Transaction,
 };
 use solana_vote_program::{
-    vote_instruction::{self, VoteError},
+    vote_instruction::{self, withdraw, VoteError},
    vote_state::{VoteAuthorize, VoteInit, VoteState},
 };
 use std::sync::Arc;
@ -32,25 +33,25 @@ impl VoteSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("vote_account")
                        .index(1)
-                        .value_name("VOTE ACCOUNT KEYPAIR")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_keypair_or_ask_keyword)
+                        .validator(is_valid_signer)
                        .help("Vote account keypair to fund"),
                )
                .arg(
-                    Arg::with_name("identity_pubkey")
+                    Arg::with_name("identity_account")
                        .index(2)
-                        .value_name("VALIDATOR IDENTITY PUBKEY")
+                        .value_name("KEYPAIR")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("Validator that will vote with this account"),
+                        .validator(is_valid_signer)
+                        .help("Keypair of validator that will vote with this account"),
                )
                .arg(
                    Arg::with_name("commission")
                        .long("commission")
-                        .value_name("NUM")
+                        .value_name("NUMBER")
                        .takes_value(true)
                        .default_value("100")
                        .help("The commission taken on reward redemption (0-100)"),
@ -60,75 +61,44 @@ impl VoteSubCommands for App<'_, '_> {
                        .long("authorized-voter")
                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("Public key of the authorized voter (defaults to vote account)"),
+                        .validator(is_valid_pubkey)
+                        .help("Public key of the authorized voter [default: validator identity pubkey]"),
                )
                .arg(
                    Arg::with_name("authorized_withdrawer")
                        .long("authorized-withdrawer")
                        .value_name("PUBKEY")
                        .takes_value(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("Public key of the authorized withdrawer (defaults to cli config pubkey)"),
+                        .validator(is_valid_pubkey)
+                        .help("Public key of the authorized withdrawer [default: validator identity pubkey]"),
                )
                .arg(
                    Arg::with_name("seed")
                        .long("seed")
-                        .value_name("SEED STRING")
+                        .value_name("STRING")
                        .takes_value(true)
                        .help("Seed for address generation; if specified, the resulting account will be at a derived address of the VOTE ACCOUNT pubkey")
                ),
        )
-        .subcommand(
-            SubCommand::with_name("vote-update-validator")
-                .about("Update the vote account's validator identity")
-                .arg(
-                    Arg::with_name("vote_account_pubkey")
-                        .index(1)
-                        .value_name("VOTE ACCOUNT PUBKEY")
-                        .takes_value(true)
-                        .required(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("Vote account to update"),
-                )
-                .arg(
-                    Arg::with_name("new_identity_pubkey")
-                        .index(2)
-                        .value_name("NEW VALIDATOR IDENTITY PUBKEY")
-                        .takes_value(true)
-                        .required(true)
-                        .validator(is_pubkey_or_keypair)
-                        .help("New validator that will vote with this account"),
-                )
-                .arg(
-                    Arg::with_name("authorized_voter")
-                        .index(3)
-                        .value_name("AUTHORIZED VOTER KEYPAIR")
-                        .takes_value(true)
-                        .required(true)
-                        .validator(is_keypair)
-                        .help("Authorized voter keypair"),
-                )
-        )
        .subcommand(
            SubCommand::with_name("vote-authorize-voter")
                .about("Authorize a new vote signing keypair for the given vote account")
                .arg(
                    Arg::with_name("vote_account_pubkey")
                        .index(1)
-                        .value_name("VOTE ACCOUNT PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Vote account in which to set the authorized voter"),
                )
                .arg(
                    Arg::with_name("new_authorized_pubkey")
                        .index(2)
-                        .value_name("NEW VOTER PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("New vote signer to authorize"),
                ),
        )
@ -138,33 +108,72 @@ impl VoteSubCommands for App<'_, '_> {
                .arg(
                    Arg::with_name("vote_account_pubkey")
                        .index(1)
-                        .value_name("VOTE ACCOUNT PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Vote account in which to set the authorized withdrawer"),
                )
                .arg(
                    Arg::with_name("new_authorized_pubkey")
                        .index(2)
-                        .value_name("NEW WITHDRAWER PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("New withdrawer to authorize"),
                ),
        )
+        .subcommand(
+            SubCommand::with_name("vote-update-validator")
+                .about("Update the vote account's validator identity")
+                .arg(
+                    Arg::with_name("vote_account_pubkey")
+                        .index(1)
+                        .value_name("PUBKEY")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_valid_pubkey)
+                        .help("Vote account to update"),
+                )
+                .arg(
+                    Arg::with_name("new_identity_account")
+                        .index(2)
+                        .value_name("KEYPAIR")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_valid_signer)
+                        .help("Keypair of new validator that will vote with this account"),
+                )
+                .arg(
+                    Arg::with_name("authorized_withdrawer")
+                        .index(3)
+                        .value_name("KEYPAIR")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_valid_signer)
+                        .help("Authorized withdrawer keypair"),
+                )
+        )
        .subcommand(
            SubCommand::with_name("vote-account")
                .about("Show the contents of a vote account")
                .alias("show-vote-account")
+                .arg(
+                    Arg::with_name("confirmed")
+                        .long("confirmed")
+                        .takes_value(false)
+                        .help(
+                            "Return information at maximum-lockout commitment level",
+                        ),
+                )
                .arg(
                    Arg::with_name("vote_account_pubkey")
                        .index(1)
-                        .value_name("VOTE ACCOUNT PUBKEY")
+                        .value_name("PUBKEY")
                        .takes_value(true)
                        .required(true)
-                        .validator(is_pubkey_or_keypair)
+                        .validator(is_valid_pubkey)
                        .help("Vote account pubkey"),
                )
                .arg(
@ -174,24 +183,64 @@ impl VoteSubCommands for App<'_, '_> {
                        .help("Display balance in lamports instead of SOL"),
                ),
        )
+        .subcommand(
+            SubCommand::with_name("withdraw-from-vote-account")
+                .about("Withdraw lamports from a vote account into a specified account")
+                .arg(
+                    Arg::with_name("vote_account_pubkey")
+                        .index(1)
+                        .value_name("PUBKEY")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_valid_pubkey)
+                        .help("Vote account from which to withdraw"),
+                )
+                .arg(
+                    Arg::with_name("destination_account_pubkey")
+                        .index(2)
+                        .value_name("PUBKEY")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_valid_pubkey)
+                        .help("The account to which the SOL should be transferred"),
+                )
+                .arg(
+                    Arg::with_name("amount")
+                        .index(3)
+                        .value_name("NUMBER")
+                        .takes_value(true)
+                        .required(true)
+                        .validator(is_amount)
+                        .help("The amount to withdraw, in SOL"),
+                )
+                .arg(
+                    Arg::with_name("authorized_withdrawer")
+                        .long("authorized-withdrawer")
+                        .value_name("KEYPAIR")
+                        .takes_value(true)
+                        .validator(is_valid_signer)
+                        .help("Authorized withdrawer [default: cli config keypair]"),
+                )
+        )
    }
 }

-pub fn parse_vote_create_account(
+pub fn parse_create_vote_account(
    matches: &ArgMatches<'_>,
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
    let (vote_account, _) = signer_of(matches, "vote_account", wallet_manager)?;
    let seed = matches.value_of("seed").map(|s| s.to_string());
-    let identity_pubkey = pubkey_of(matches, "identity_pubkey").unwrap();
+    let (identity_account, identity_pubkey) =
+        signer_of(matches, "identity_account", wallet_manager)?;
    let commission = value_t_or_exit!(matches, "commission", u8);
-    let authorized_voter = pubkey_of(matches, "authorized_voter");
-    let authorized_withdrawer = pubkey_of(matches, "authorized_withdrawer");
+    let authorized_voter = pubkey_of_signer(matches, "authorized_voter", wallet_manager)?;
+    let authorized_withdrawer = pubkey_of_signer(matches, "authorized_withdrawer", wallet_manager)?;

    let payer_provided = None;
-    let CliSignerInfo { signers } = generate_unique_signers(
-        vec![payer_provided, vote_account],
+    let signer_info = generate_unique_signers(
+        vec![payer_provided, vote_account, identity_account],
        matches,
        default_signer_path,
        wallet_manager,
@ -200,12 +249,12 @@ pub fn parse_vote_create_account(
    Ok(CliCommandInfo {
        command: CliCommand::CreateVoteAccount {
            seed,
-            node_pubkey: identity_pubkey,
+            identity_account: signer_info.index_of(identity_pubkey).unwrap(),
            authorized_voter,
            authorized_withdrawer,
            commission,
        },
-        signers,
+        signers: signer_info.signers,
    })
 }

@ -215,8 +264,10 @@ pub fn parse_vote_authorize(
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
    vote_authorize: VoteAuthorize,
 ) -> Result<CliCommandInfo, CliError> {
-    let vote_account_pubkey = pubkey_of(matches, "vote_account_pubkey").unwrap();
-    let new_authorized_pubkey = pubkey_of(matches, "new_authorized_pubkey").unwrap();
+    let vote_account_pubkey =
+        pubkey_of_signer(matches, "vote_account_pubkey", wallet_manager)?.unwrap();
+    let new_authorized_pubkey =
+        pubkey_of_signer(matches, "new_authorized_pubkey", wallet_manager)?.unwrap();

    let authorized_voter_provided = None;
    let CliSignerInfo { signers } = generate_unique_signers(
@ -241,13 +292,15 @@ pub fn parse_vote_update_validator(
    default_signer_path: &str,
    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let vote_account_pubkey = pubkey_of(matches, "vote_account_pubkey").unwrap();
-    let new_identity_pubkey = pubkey_of(matches, "new_identity_pubkey").unwrap();
-    let (authorized_voter, _) = signer_of(matches, "authorized_voter", wallet_manager)?;
+    let vote_account_pubkey =
+        pubkey_of_signer(matches, "vote_account_pubkey", wallet_manager)?.unwrap();
+    let (new_identity_account, new_identity_pubkey) =
+        signer_of(matches, "new_identity_account", wallet_manager)?;
+    let (authorized_withdrawer, _) = signer_of(matches, "authorized_withdrawer", wallet_manager)?;

    let payer_provided = None;
-    let CliSignerInfo { signers } = generate_unique_signers(
-        vec![payer_provided, authorized_voter],
+    let signer_info = generate_unique_signers(
+        vec![payer_provided, authorized_withdrawer, new_identity_account],
        matches,
        default_signer_path,
        wallet_manager,
@ -256,31 +309,71 @@ pub fn parse_vote_update_validator(
    Ok(CliCommandInfo {
        command: CliCommand::VoteUpdateValidator {
            vote_account_pubkey,
-            new_identity_pubkey,
+            new_identity_account: signer_info.index_of(new_identity_pubkey).unwrap(),
        },
-        signers,
+        signers: signer_info.signers,
    })
 }

 pub fn parse_vote_get_account_command(
    matches: &ArgMatches<'_>,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
 ) -> Result<CliCommandInfo, CliError> {
-    let vote_account_pubkey = pubkey_of(matches, "vote_account_pubkey").unwrap();
+    let vote_account_pubkey =
+        pubkey_of_signer(matches, "vote_account_pubkey", wallet_manager)?.unwrap();
    let use_lamports_unit = matches.is_present("lamports");
+    let commitment_config = if matches.is_present("confirmed") {
+        CommitmentConfig::default()
+    } else {
+        CommitmentConfig::recent()
+    };
    Ok(CliCommandInfo {
        command: CliCommand::ShowVoteAccount {
            pubkey: vote_account_pubkey,
            use_lamports_unit,
+            commitment_config,
        },
        signers: vec![],
    })
 }

+pub fn parse_withdraw_from_vote_account(
+    matches: &ArgMatches<'_>,
+    default_signer_path: &str,
+    wallet_manager: Option<&Arc<RemoteWalletManager>>,
+) -> Result<CliCommandInfo, CliError> {
+    let vote_account_pubkey =
+        pubkey_of_signer(matches, "vote_account_pubkey", wallet_manager)?.unwrap();
+    let destination_account_pubkey =
+        pubkey_of_signer(matches, "destination_account_pubkey", wallet_manager)?.unwrap();
+    let lamports = lamports_of_sol(matches, "amount").unwrap();
+    let (withdraw_authority, withdraw_authority_pubkey) =
+        signer_of(matches, "authorized_withdrawer", wallet_manager)?;
+
+    let payer_provided = None;
+    let signer_info = generate_unique_signers(
+        vec![payer_provided, withdraw_authority],
+        matches,
+        default_signer_path,
+        wallet_manager,
+    )?;
+
+    Ok(CliCommandInfo {
+        command: CliCommand::WithdrawFromVoteAccount {
+            vote_account_pubkey,
+            destination_account_pubkey,
+            withdraw_authority: signer_info.index_of(withdraw_authority_pubkey).unwrap(),
+            lamports,
+        },
+        signers: signer_info.signers,
+    })
+}
+
 pub fn process_create_vote_account(
    rpc_client: &RpcClient,
    config: &CliConfig,
    seed: &Option<String>,
-    identity_pubkey: &Pubkey,
+    identity_account: SignerIndex,
    authorized_voter: &Option<Pubkey>,
    authorized_withdrawer: &Option<Pubkey>,
    commission: u8,
@ -297,6 +390,8 @@ pub fn process_create_vote_account(
        (&vote_account_address, "vote_account".to_string()),
    )?;

+    let identity_account = config.signers[identity_account];
+    let identity_pubkey = identity_account.pubkey();
    check_unique_pubkeys(
        (&vote_account_address, "vote_account".to_string()),
        (&identity_pubkey, "identity_pubkey".to_string()),
@ -319,9 +414,9 @@ pub fn process_create_vote_account(
        .max(1);

    let vote_init = VoteInit {
-        node_pubkey: *identity_pubkey,
-        authorized_voter: authorized_voter.unwrap_or(vote_account_pubkey),
-        authorized_withdrawer: authorized_withdrawer.unwrap_or(vote_account_pubkey),
+        node_pubkey: identity_pubkey,
+        authorized_voter: authorized_voter.unwrap_or(identity_pubkey),
+        authorized_withdrawer: authorized_withdrawer.unwrap_or(identity_pubkey),
        commission,
    };

@ -344,7 +439,7 @@ pub fn process_create_vote_account(
    };
    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;

-    let message = Message::new(ixs);
+    let message = Message::new(&ixs);
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -353,7 +448,7 @@ pub fn process_create_vote_account(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<SystemError>(result)
 }

@ -376,7 +471,7 @@ pub fn process_vote_authorize(
        vote_authorize,              // vote or withdraw
    )];

-    let message = Message::new_with_payer(ixs, Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&ixs, Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -385,7 +480,8 @@ pub fn process_vote_authorize(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &[config.signers[0]]);
+    let result =
+        rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &[config.signers[0]]);
    log_instruction_custom_error::<VoteError>(result)
 }

@ -393,21 +489,23 @@ pub fn process_vote_update_validator(
    rpc_client: &RpcClient,
    config: &CliConfig,
    vote_account_pubkey: &Pubkey,
-    new_identity_pubkey: &Pubkey,
+    new_identity_account: SignerIndex,
 ) -> ProcessResult {
-    let authorized_voter = config.signers[1];
+    let authorized_withdrawer = config.signers[1];
+    let new_identity_account = config.signers[new_identity_account];
+    let new_identity_pubkey = new_identity_account.pubkey();
    check_unique_pubkeys(
        (vote_account_pubkey, "vote_account_pubkey".to_string()),
-        (new_identity_pubkey, "new_identity_pubkey".to_string()),
+        (&new_identity_pubkey, "new_identity_account".to_string()),
    )?;
    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;
    let ixs = vec![vote_instruction::update_node(
        vote_account_pubkey,
-        &authorized_voter.pubkey(),
-        new_identity_pubkey,
+        &authorized_withdrawer.pubkey(),
+        &new_identity_pubkey,
    )];

-    let message = Message::new_with_payer(ixs, Some(&config.signers[0].pubkey()));
+    let message = Message::new_with_payer(&ixs, Some(&config.signers[0].pubkey()));
    let mut tx = Transaction::new_unsigned(message);
    tx.try_sign(&config.signers, recent_blockhash)?;
    check_account_for_fee(
@ -416,15 +514,21 @@ pub fn process_vote_update_validator(
        &fee_calculator,
        &tx.message,
    )?;
-    let result = rpc_client.send_and_confirm_transaction(&mut tx, &config.signers);
+    let result = rpc_client.send_and_confirm_transaction_with_spinner(&mut tx, &config.signers);
    log_instruction_custom_error::<VoteError>(result)
 }

 fn get_vote_account(
    rpc_client: &RpcClient,
    vote_account_pubkey: &Pubkey,
+    commitment_config: CommitmentConfig,
 ) -> Result<(Account, VoteState), Box<dyn std::error::Error>> {
-    let vote_account = rpc_client.get_account(vote_account_pubkey)?;
+    let vote_account = rpc_client
+        .get_account_with_commitment(vote_account_pubkey, commitment_config)?
+        .value
+        .ok_or_else(|| {
+            CliError::RpcRequestError(format!("{:?} account does not exist", vote_account_pubkey))
+        })?;

    if vote_account.owner != solana_vote_program::id() {
        return Err(CliError::RpcRequestError(format!(
@ -447,8 +551,10 @@ pub fn process_show_vote_account(
    _config: &CliConfig,
    vote_account_pubkey: &Pubkey,
    use_lamports_unit: bool,
+    commitment_config: CommitmentConfig,
 ) -> ProcessResult {
-    let (vote_account, vote_state) = get_vote_account(rpc_client, vote_account_pubkey)?;
+    let (vote_account, vote_state) =
+        get_vote_account(rpc_client, vote_account_pubkey, commitment_config)?;

    let epoch_schedule = rpc_client.get_epoch_schedule()?;

@ -494,6 +600,38 @@ pub fn process_show_vote_account(
    Ok("".to_string())
 }

+pub fn process_withdraw_from_vote_account(
+    rpc_client: &RpcClient,
+    config: &CliConfig,
+    vote_account_pubkey: &Pubkey,
+    withdraw_authority: SignerIndex,
+    lamports: u64,
+    destination_account_pubkey: &Pubkey,
+) -> ProcessResult {
+    let (recent_blockhash, fee_calculator) = rpc_client.get_recent_blockhash()?;
+    let withdraw_authority = config.signers[withdraw_authority];
+
+    let ix = withdraw(
+        vote_account_pubkey,
+        &withdraw_authority.pubkey(),
+        lamports,
+        destination_account_pubkey,
+    );
+
+    let message = Message::new_with_payer(&[ix], Some(&config.signers[0].pubkey()));
+    let mut transaction = Transaction::new_unsigned(message);
+    transaction.try_sign(&config.signers, recent_blockhash)?;
+    check_account_for_fee(
+        rpc_client,
+        &config.signers[0].pubkey(),
+        &fee_calculator,
+        &transaction.message,
+    )?;
+    let result =
+        rpc_client.send_and_confirm_transaction_with_spinner(&mut transaction, &config.signers);
+    log_instruction_custom_error::<VoteError>(result)
+}
+
 #[cfg(test)]
 mod tests {
    use super::*;
@ -542,13 +680,14 @@ mod tests {
        let keypair = Keypair::new();
        write_keypair(&keypair, tmp_file.as_file_mut()).unwrap();
        // Test CreateVoteAccount SubCommand
-        let node_pubkey = Pubkey::new_rand();
-        let node_pubkey_string = format!("{}", node_pubkey);
+        let (identity_keypair_file, mut tmp_file) = make_tmp_file();
+        let identity_keypair = Keypair::new();
+        write_keypair(&identity_keypair, tmp_file.as_file_mut()).unwrap();
        let test_create_vote_account = test_commands.clone().get_matches_from(vec![
            "test",
            "create-vote-account",
            &keypair_file,
-            &node_pubkey_string,
+            &identity_keypair_file,
            "--commission",
            "10",
        ]);
@ -557,14 +696,15 @@ mod tests {
            CliCommandInfo {
                command: CliCommand::CreateVoteAccount {
                    seed: None,
-                    node_pubkey,
+                    identity_account: 2,
                    authorized_voter: None,
                    authorized_withdrawer: None,
                    commission: 10,
                },
                signers: vec![
                    read_keypair_file(&default_keypair_file).unwrap().into(),
-                    Box::new(keypair)
+                    Box::new(keypair),
+                    read_keypair_file(&identity_keypair_file).unwrap().into(),
                ],
            }
        );
@ -577,21 +717,22 @@ mod tests {
            "test",
            "create-vote-account",
            &keypair_file,
-            &node_pubkey_string,
+            &identity_keypair_file,
        ]);
        assert_eq!(
            parse_command(&test_create_vote_account2, &default_keypair_file, None).unwrap(),
            CliCommandInfo {
                command: CliCommand::CreateVoteAccount {
                    seed: None,
-                    node_pubkey,
+                    identity_account: 2,
                    authorized_voter: None,
                    authorized_withdrawer: None,
                    commission: 100,
                },
                signers: vec![
                    read_keypair_file(&default_keypair_file).unwrap().into(),
-                    Box::new(keypair)
+                    Box::new(keypair),
+                    read_keypair_file(&identity_keypair_file).unwrap().into(),
                ],
            }
        );
@ -606,7 +747,7 @@ mod tests {
            "test",
            "create-vote-account",
            &keypair_file,
-            &node_pubkey_string,
+            &identity_keypair_file,
            "--authorized-voter",
            &authed.to_string(),
        ]);
@ -615,14 +756,15 @@ mod tests {
            CliCommandInfo {
                command: CliCommand::CreateVoteAccount {
                    seed: None,
-                    node_pubkey,
+                    identity_account: 2,
                    authorized_voter: Some(authed),
                    authorized_withdrawer: None,
                    commission: 100
                },
                signers: vec![
                    read_keypair_file(&default_keypair_file).unwrap().into(),
-                    Box::new(keypair)
+                    Box::new(keypair),
+                    read_keypair_file(&identity_keypair_file).unwrap().into(),
                ],
            }
        );
@ -635,7 +777,7 @@ mod tests {
            "test",
            "create-vote-account",
            &keypair_file,
-            &node_pubkey_string,
+            &identity_keypair_file,
            "--authorized-withdrawer",
            &authed.to_string(),
        ]);
@ -644,14 +786,15 @@ mod tests {
            CliCommandInfo {
                command: CliCommand::CreateVoteAccount {
                    seed: None,
-                    node_pubkey,
+                    identity_account: 2,
                    authorized_voter: None,
                    authorized_withdrawer: Some(authed),
                    commission: 100
                },
                signers: vec![
                    read_keypair_file(&default_keypair_file).unwrap().into(),
-                    Box::new(keypair)
+                    Box::new(keypair),
+                    read_keypair_file(&identity_keypair_file).unwrap().into(),
                ],
            }
        );
@ -660,7 +803,7 @@ mod tests {
            "test",
            "vote-update-validator",
            &pubkey_string,
-            &pubkey2_string,
+            &identity_keypair_file,
            &keypair_file,
        ]);
        assert_eq!(
@ -668,11 +811,72 @@ mod tests {
            CliCommandInfo {
                command: CliCommand::VoteUpdateValidator {
                    vote_account_pubkey: pubkey,
-                    new_identity_pubkey: pubkey2,
+                    new_identity_account: 2,
                },
                signers: vec![
                    read_keypair_file(&default_keypair_file).unwrap().into(),
-                    Box::new(read_keypair_file(&keypair_file).unwrap())
+                    Box::new(read_keypair_file(&keypair_file).unwrap()),
+                    read_keypair_file(&identity_keypair_file).unwrap().into(),
+                ],
+            }
+        );
+
+        // Test WithdrawFromVoteAccount subcommand
+        let test_withdraw_from_vote_account = test_commands.clone().get_matches_from(vec![
+            "test",
+            "withdraw-from-vote-account",
+            &keypair_file,
+            &pubkey_string,
+            "42",
+        ]);
+        assert_eq!(
+            parse_command(
+                &test_withdraw_from_vote_account,
+                &default_keypair_file,
+                None
+            )
+            .unwrap(),
+            CliCommandInfo {
+                command: CliCommand::WithdrawFromVoteAccount {
+                    vote_account_pubkey: read_keypair_file(&keypair_file).unwrap().pubkey(),
+                    destination_account_pubkey: pubkey,
+                    withdraw_authority: 0,
+                    lamports: 42_000_000_000
+                },
+                signers: vec![read_keypair_file(&default_keypair_file).unwrap().into()],
+            }
+        );
+
+        // Test WithdrawFromVoteAccount subcommand with authority
+        let withdraw_authority = Keypair::new();
+        let (withdraw_authority_file, mut tmp_file) = make_tmp_file();
+        write_keypair(&withdraw_authority, tmp_file.as_file_mut()).unwrap();
+        let test_withdraw_from_vote_account = test_commands.clone().get_matches_from(vec![
+            "test",
+            "withdraw-from-vote-account",
+            &keypair_file,
+            &pubkey_string,
+            "42",
+            "--authorized-withdrawer",
+            &withdraw_authority_file,
+        ]);
+        assert_eq!(
+            parse_command(
+                &test_withdraw_from_vote_account,
+                &default_keypair_file,
+                None
+            )
+            .unwrap(),
+            CliCommandInfo {
+                command: CliCommand::WithdrawFromVoteAccount {
+                    vote_account_pubkey: read_keypair_file(&keypair_file).unwrap().pubkey(),
+                    destination_account_pubkey: pubkey,
+                    withdraw_authority: 1,
+                    lamports: 42_000_000_000
+                },
+                signers: vec![
+                    read_keypair_file(&default_keypair_file).unwrap().into(),
+                    read_keypair_file(&withdraw_authority_file).unwrap().into()
                ],
            }
        );
--- a/cli/tests/pay.rs
+++ b/cli/tests/pay.rs
@ -1,17 +1,18 @@
 use chrono::prelude::*;
 use serde_json::Value;
-use solana_clap_utils::keypair::presigner_from_pubkey_sigs;
 use solana_cli::{
    cli::{process_command, request_and_confirm_airdrop, CliCommand, CliConfig, PayCommand},
-    offline::{parse_sign_only_reply_string, BlockhashQuery},
+    nonce,
+    offline::{
+        blockhash_query::{self, BlockhashQuery},
+        parse_sign_only_reply_string,
+    },
 };
 use solana_client::rpc_client::RpcClient;
 use solana_core::validator::TestValidator;
 use solana_faucet::faucet::run_local_faucet;
 use solana_sdk::{
-    account_utils::StateMut,
-    fee_calculator::FeeCalculator,
-    nonce_state::NonceState,
+    nonce::State as NonceState,
    pubkey::Pubkey,
    signature::{Keypair, Signer},
 };
@ -323,7 +324,7 @@ fn test_offline_pay_tx() {
    config_offline.command = CliCommand::Pay(PayCommand {
        lamports: 10,
        to: bob_pubkey,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        sign_only: true,
        ..PayCommand::default()
    });
@ -333,15 +334,17 @@ fn test_offline_pay_tx() {
    check_balance(50, &rpc_client, &config_online.signers[0].pubkey());
    check_balance(0, &rpc_client, &bob_pubkey);

-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner =
-        presigner_from_pubkey_sigs(&config_offline.signers[0].pubkey(), &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only
+        .presigner_of(&config_offline.signers[0].pubkey())
+        .unwrap();
    let online_pubkey = config_online.signers[0].pubkey();
    config_online.signers = vec![&offline_presigner];
    config_online.command = CliCommand::Pay(PayCommand {
        lamports: 10,
        to: bob_pubkey,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        ..PayCommand::default()
    });
    process_command(&config_online).unwrap();
@ -408,19 +411,20 @@ fn test_nonced_pay_tx() {
    check_balance(minimum_nonce_balance, &rpc_client, &nonce_account.pubkey());

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    let bob_pubkey = Pubkey::new_rand();
    config.signers = vec![&default_signer];
    config.command = CliCommand::Pay(PayCommand {
        lamports: 10,
        to: bob_pubkey,
-        blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            nonce_hash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        ..PayCommand::default()
    });
@ -430,12 +434,11 @@ fn test_nonced_pay_tx() {
    check_balance(10, &rpc_client, &bob_pubkey);

    // Verify that nonce has been used
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    match nonce_state {
-        NonceState::Initialized(_meta, hash) => assert_ne!(hash, nonce_hash),
-        _ => assert!(false, "Nonce is not initialized"),
-    }
+    let nonce_hash2 = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;
+    assert_ne!(nonce_hash, nonce_hash2);

    server.close().unwrap();
    remove_dir_all(ledger_path).unwrap();
--- a/cli/tests/stake.rs
+++ b/cli/tests/stake.rs
@ -1,20 +1,25 @@
-use solana_clap_utils::keypair::presigner_from_pubkey_sigs;
 use solana_cli::{
    cli::{process_command, request_and_confirm_airdrop, CliCommand, CliConfig},
-    offline::{parse_sign_only_reply_string, BlockhashQuery},
+    nonce,
+    offline::{
+        blockhash_query::{self, BlockhashQuery},
+        parse_sign_only_reply_string,
+    },
 };
 use solana_client::rpc_client::RpcClient;
 use solana_core::validator::{TestValidator, TestValidatorOptions};
 use solana_faucet::faucet::run_local_faucet;
 use solana_sdk::{
    account_utils::StateMut,
-    fee_calculator::FeeCalculator,
-    nonce_state::NonceState,
+    nonce::State as NonceState,
    pubkey::Pubkey,
    signature::{keypair_from_seed, Keypair, Signer},
    system_instruction::create_address_with_seed,
 };
-use solana_stake_program::stake_state::{Lockup, StakeAuthorize, StakeState};
+use solana_stake_program::{
+    stake_instruction::LockupArgs,
+    stake_state::{Lockup, StakeAuthorize, StakeState},
+};
 use std::{fs::remove_dir_all, sync::mpsc::channel, thread::sleep, time::Duration};

 fn check_balance(expected_balance: u64, client: &RpcClient, pubkey: &Pubkey) {
@ -63,7 +68,7 @@ fn test_stake_delegation_force() {
    config.signers = vec![&default_signer, &vote_keypair];
    config.command = CliCommand::CreateVoteAccount {
        seed: None,
-        node_pubkey: config.signers[0].pubkey(),
+        identity_account: 0,
        authorized_voter: None,
        authorized_withdrawer: None,
        commission: 0,
@ -81,7 +86,7 @@ fn test_stake_delegation_force() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -172,7 +177,7 @@ fn test_seed_stake_delegation_and_deactivation() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -255,7 +260,7 @@ fn test_stake_delegation_and_deactivation() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -360,7 +365,7 @@ fn test_offline_stake_delegation_and_deactivation() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -376,15 +381,17 @@ fn test_offline_stake_delegation_and_deactivation() {
        stake_authority: 0,
        force: false,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner =
-        presigner_from_pubkey_sigs(&config_offline.signers[0].pubkey(), &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only
+        .presigner_of(&config_offline.signers[0].pubkey())
+        .unwrap();
    config_payer.signers = vec![&offline_presigner];
    config_payer.command = CliCommand::DelegateStake {
        stake_account_pubkey: stake_keypair.pubkey(),
@ -392,7 +399,7 @@ fn test_offline_stake_delegation_and_deactivation() {
        stake_authority: 0,
        force: false,
        sign_only: false,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -405,21 +412,23 @@ fn test_offline_stake_delegation_and_deactivation() {
        stake_account_pubkey: stake_keypair.pubkey(),
        stake_authority: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner =
-        presigner_from_pubkey_sigs(&config_offline.signers[0].pubkey(), &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only
+        .presigner_of(&config_offline.signers[0].pubkey())
+        .unwrap();
    config_payer.signers = vec![&offline_presigner];
    config_payer.command = CliCommand::DeactivateStake {
        stake_account_pubkey: stake_keypair.pubkey(),
        stake_authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -476,7 +485,7 @@ fn test_nonced_stake_delegation_and_deactivation() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -496,12 +505,10 @@ fn test_nonced_stake_delegation_and_deactivation() {
    process_command(&config).unwrap();

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Delegate stake
    config.signers = vec![&config_keypair];
@ -511,7 +518,10 @@ fn test_nonced_stake_delegation_and_deactivation() {
        stake_authority: 0,
        force: false,
        sign_only: false,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            nonce_hash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
@ -519,19 +529,20 @@ fn test_nonced_stake_delegation_and_deactivation() {
    process_command(&config).unwrap();

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Deactivate stake
    config.command = CliCommand::DeactivateStake {
        stake_account_pubkey: stake_keypair.pubkey(),
        stake_authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            nonce_hash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
@ -601,7 +612,7 @@ fn test_stake_authorize() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -665,15 +676,15 @@ fn test_stake_authorize() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sign_reply = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sign_reply);
-    let offline_presigner =
-        presigner_from_pubkey_sigs(&offline_authority_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_reply);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_authority_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::StakeAuthorize {
        stake_account_pubkey,
@ -681,7 +692,7 @@ fn test_stake_authorize() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -710,12 +721,10 @@ fn test_stake_authorize() {
    process_command(&config).unwrap();

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Nonced assignment of new online stake authority
    let online_authority = Keypair::new();
@ -727,18 +736,17 @@ fn test_stake_authorize() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 1,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sign_reply = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sign_reply);
-    assert_eq!(blockhash, nonce_hash);
-    let offline_presigner =
-        presigner_from_pubkey_sigs(&offline_authority_pubkey, &signers).unwrap();
-    let nonced_authority_presigner =
-        presigner_from_pubkey_sigs(&nonced_authority_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_reply);
+    assert!(sign_only.has_all_signers());
+    assert_eq!(sign_only.blockhash, nonce_hash);
+    let offline_presigner = sign_only.presigner_of(&offline_authority_pubkey).unwrap();
+    let nonced_authority_presigner = sign_only.presigner_of(&nonced_authority_pubkey).unwrap();
    config.signers = vec![&offline_presigner, &nonced_authority_presigner];
    config.command = CliCommand::StakeAuthorize {
        stake_account_pubkey,
@ -746,7 +754,10 @@ fn test_stake_authorize() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 1,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
@ -759,12 +770,11 @@ fn test_stake_authorize() {
        _ => panic!("Unexpected stake state!"),
    };
    assert_eq!(current_authority, online_authority_pubkey);
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let new_nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+
+    let new_nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;
    assert_ne!(nonce_hash, new_nonce_hash);

    server.close().unwrap();
@ -808,6 +818,7 @@ fn test_stake_authorize_with_fee_payer() {
    let mut config_offline = CliConfig::default();
    let offline_signer = Keypair::new();
    config_offline.signers = vec![&offline_signer];
+    config_offline.json_rpc_url = String::new();
    let offline_pubkey = config_offline.signers[0].pubkey();
    // Verify we're offline
    config_offline.command = CliCommand::ClusterVersion;
@ -834,7 +845,7 @@ fn test_stake_authorize_with_fee_payer() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -852,7 +863,7 @@ fn test_stake_authorize_with_fee_payer() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 1,
@ -872,14 +883,15 @@ fn test_stake_authorize_with_fee_payer() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sign_reply = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sign_reply);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_reply);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::StakeAuthorize {
        stake_account_pubkey,
@ -887,7 +899,7 @@ fn test_stake_authorize_with_fee_payer() {
        stake_authorize: StakeAuthorize::Staker,
        authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -964,7 +976,7 @@ fn test_stake_split() {
        lockup: Lockup::default(),
        lamports: 10 * minimum_stake_balance,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -993,12 +1005,10 @@ fn test_stake_split() {
    check_balance(minimum_nonce_balance, &rpc_client, &nonce_account.pubkey());

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Nonced offline split
    let split_account = keypair_from_seed(&[2u8; 32]).unwrap();
@ -1008,7 +1018,7 @@ fn test_stake_split() {
        stake_account_pubkey: stake_account_pubkey,
        stake_authority: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        split_stake_account: 1,
@ -1017,14 +1027,18 @@ fn test_stake_split() {
        fee_payer: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner, &split_account];
    config.command = CliCommand::SplitStake {
        stake_account_pubkey: stake_account_pubkey,
        stake_authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        split_stake_account: 1,
@ -1114,7 +1128,7 @@ fn test_stake_set_lockup() {
        lockup,
        lamports: 10 * minimum_stake_balance,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -1128,10 +1142,10 @@ fn test_stake_set_lockup() {
    );

    // Online set lockup
-    let mut lockup = Lockup {
-        unix_timestamp: 1581534570,
-        epoch: 200,
-        custodian: Pubkey::default(),
+    let lockup = LockupArgs {
+        unix_timestamp: Some(1581534570),
+        epoch: Some(200),
+        custodian: None,
    };
    config.signers.pop();
    config.command = CliCommand::StakeSetLockup {
@ -1151,17 +1165,21 @@ fn test_stake_set_lockup() {
        StakeState::Initialized(meta) => meta.lockup,
        _ => panic!("Unexpected stake state!"),
    };
-    lockup.custodian = config.signers[0].pubkey(); // Default new_custodian is config.signers[0]
-    assert_eq!(current_lockup, lockup);
+    assert_eq!(
+        current_lockup.unix_timestamp,
+        lockup.unix_timestamp.unwrap()
+    );
+    assert_eq!(current_lockup.epoch, lockup.epoch.unwrap());
+    assert_eq!(current_lockup.custodian, config.signers[0].pubkey());

    // Set custodian to another pubkey
    let online_custodian = Keypair::new();
    let online_custodian_pubkey = online_custodian.pubkey();

-    let lockup = Lockup {
-        unix_timestamp: 1581534571,
-        epoch: 201,
-        custodian: online_custodian_pubkey,
+    let lockup = LockupArgs {
+        unix_timestamp: Some(1581534571),
+        epoch: Some(201),
+        custodian: Some(online_custodian_pubkey),
    };
    config.command = CliCommand::StakeSetLockup {
        stake_account_pubkey,
@ -1175,10 +1193,10 @@ fn test_stake_set_lockup() {
    };
    process_command(&config).unwrap();

-    let mut lockup = Lockup {
-        unix_timestamp: 1581534572,
-        epoch: 202,
-        custodian: Pubkey::default(),
+    let lockup = LockupArgs {
+        unix_timestamp: Some(1581534572),
+        epoch: Some(202),
+        custodian: None,
    };
    config.signers = vec![&default_signer, &online_custodian];
    config.command = CliCommand::StakeSetLockup {
@ -1198,14 +1216,18 @@ fn test_stake_set_lockup() {
        StakeState::Initialized(meta) => meta.lockup,
        _ => panic!("Unexpected stake state!"),
    };
-    lockup.custodian = online_custodian_pubkey; // Default new_custodian is designated custodian
-    assert_eq!(current_lockup, lockup);
+    assert_eq!(
+        current_lockup.unix_timestamp,
+        lockup.unix_timestamp.unwrap()
+    );
+    assert_eq!(current_lockup.epoch, lockup.epoch.unwrap());
+    assert_eq!(current_lockup.custodian, online_custodian_pubkey);

    // Set custodian to offline pubkey
-    let lockup = Lockup {
-        unix_timestamp: 1581534573,
-        epoch: 203,
-        custodian: offline_pubkey,
+    let lockup = LockupArgs {
+        unix_timestamp: Some(1581534573),
+        epoch: Some(203),
+        custodian: Some(offline_pubkey),
    };
    config.command = CliCommand::StakeSetLockup {
        stake_account_pubkey,
@ -1236,39 +1258,41 @@ fn test_stake_set_lockup() {
    check_balance(minimum_nonce_balance, &rpc_client, &nonce_account_pubkey);

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account_pubkey).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Nonced offline set lockup
-    let lockup = Lockup {
-        unix_timestamp: 1581534576,
-        epoch: 222,
-        custodian: offline_pubkey,
+    let lockup = LockupArgs {
+        unix_timestamp: Some(1581534576),
+        epoch: Some(222),
+        custodian: None,
    };
    config_offline.command = CliCommand::StakeSetLockup {
        stake_account_pubkey,
        lockup,
        custodian: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_account_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::StakeSetLockup {
        stake_account_pubkey,
        lockup,
        custodian: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account_pubkey),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_account_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
@ -1280,7 +1304,12 @@ fn test_stake_set_lockup() {
        StakeState::Initialized(meta) => meta.lockup,
        _ => panic!("Unexpected stake state!"),
    };
-    assert_eq!(current_lockup, lockup);
+    assert_eq!(
+        current_lockup.unix_timestamp,
+        lockup.unix_timestamp.unwrap()
+    );
+    assert_eq!(current_lockup.epoch, lockup.epoch.unwrap());
+    assert_eq!(current_lockup.custodian, offline_pubkey);

    server.close().unwrap();
    remove_dir_all(ledger_path).unwrap();
@ -1345,12 +1374,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
    process_command(&config).unwrap();

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Create stake account offline
    let stake_keypair = keypair_from_seed(&[4u8; 32]).unwrap();
@ -1364,16 +1391,17 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
        from: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
-    let stake_presigner = presigner_from_pubkey_sigs(&stake_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
+    let stake_presigner = sign_only.presigner_of(&stake_pubkey).unwrap();
    config.signers = vec![&offline_presigner, &stake_presigner];
    config.command = CliCommand::CreateStakeAccount {
        stake_account: 1,
@ -1383,7 +1411,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_pubkey),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
@ -1393,12 +1424,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
    check_balance(50_000, &rpc_client, &stake_pubkey);

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Offline, nonced stake-withdraw
    let recipient = keypair_from_seed(&[5u8; 32]).unwrap();
@ -1410,14 +1439,14 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lamports: 42,
        withdraw_authority: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::WithdrawStake {
        stake_account_pubkey: stake_pubkey,
@ -1425,7 +1454,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lamports: 42,
        withdraw_authority: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_pubkey),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
@ -1434,12 +1466,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
    check_balance(42, &rpc_client, &recipient_pubkey);

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Create another stake account. This time with seed
    let seed = "seedy";
@ -1452,16 +1482,16 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
        from: 0,
    };
    let sig_response = process_command(&config_offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sig_response);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
-    let stake_presigner = presigner_from_pubkey_sigs(&stake_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sig_response);
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
+    let stake_presigner = sign_only.presigner_of(&stake_pubkey).unwrap();
    config.signers = vec![&offline_presigner, &stake_presigner];
    config.command = CliCommand::CreateStakeAccount {
        stake_account: 1,
@ -1471,7 +1501,10 @@ fn test_offline_nonced_create_stake_account_and_withdraw() {
        lockup: Lockup::default(),
        lamports: 50_000,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_pubkey),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_pubkey),
        nonce_authority: 0,
        fee_payer: 0,
--- a/cli/tests/transfer.rs
+++ b/cli/tests/transfer.rs
@ -1,17 +1,18 @@
-use solana_clap_utils::keypair::presigner_from_pubkey_sigs;
 use solana_cli::{
    cli::{process_command, request_and_confirm_airdrop, CliCommand, CliConfig},
-    offline::{parse_sign_only_reply_string, BlockhashQuery},
+    nonce,
+    offline::{
+        blockhash_query::{self, BlockhashQuery},
+        parse_sign_only_reply_string,
+    },
 };
 use solana_client::rpc_client::RpcClient;
 use solana_core::validator::{TestValidator, TestValidatorOptions};
 use solana_faucet::faucet::run_local_faucet;
 use solana_sdk::{
-    account_utils::StateMut,
-    fee_calculator::FeeCalculator,
-    nonce_state::NonceState,
+    nonce::State as NonceState,
    pubkey::Pubkey,
-    signature::{keypair_from_seed, Keypair, Signer},
+    signature::{keypair_from_seed, Keypair, NullSigner, Signer},
 };
 use std::{fs::remove_dir_all, sync::mpsc::channel, thread::sleep, time::Duration};

@ -67,7 +68,7 @@ fn test_transfer() {
        to: recipient_pubkey,
        from: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::All,
+        blockhash_query: BlockhashQuery::All(blockhash_query::Source::Cluster),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -94,21 +95,22 @@ fn test_transfer() {
        to: recipient_pubkey,
        from: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(blockhash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sign_only_reply = process_command(&offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sign_only_reply);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_only_reply);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::Transfer {
        lamports: 10,
        to: recipient_pubkey,
        from: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
        nonce_account: None,
        nonce_authority: 0,
        fee_payer: 0,
@ -133,12 +135,10 @@ fn test_transfer() {
    check_balance(49_987 - minimum_nonce_balance, &rpc_client, &sender_pubkey);

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Nonced transfer
    config.signers = vec![&default_signer];
@ -147,7 +147,10 @@ fn test_transfer() {
        to: recipient_pubkey,
        from: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(nonce_hash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            nonce_hash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
@ -155,12 +158,10 @@ fn test_transfer() {
    process_command(&config).unwrap();
    check_balance(49_976 - minimum_nonce_balance, &rpc_client, &sender_pubkey);
    check_balance(30, &rpc_client, &recipient_pubkey);
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let new_nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let new_nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;
    assert_ne!(nonce_hash, new_nonce_hash);

    // Assign nonce authority to offline
@ -174,12 +175,10 @@ fn test_transfer() {
    check_balance(49_975 - minimum_nonce_balance, &rpc_client, &sender_pubkey);

    // Fetch nonce hash
-    let account = rpc_client.get_account(&nonce_account.pubkey()).unwrap();
-    let nonce_state: NonceState = account.state().unwrap();
-    let nonce_hash = match nonce_state {
-        NonceState::Initialized(_meta, hash) => hash,
-        _ => panic!("Nonce is not initialized"),
-    };
+    let nonce_hash = nonce::get_account(&rpc_client, &nonce_account.pubkey())
+        .and_then(|ref a| nonce::data_from_account(a))
+        .unwrap()
+        .blockhash;

    // Offline, nonced transfer
    offline.signers = vec![&default_offline_signer];
@ -188,21 +187,25 @@ fn test_transfer() {
        to: recipient_pubkey,
        from: 0,
        sign_only: true,
-        blockhash_query: BlockhashQuery::None(nonce_hash, FeeCalculator::default()),
+        blockhash_query: BlockhashQuery::None(nonce_hash),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
    };
    let sign_only_reply = process_command(&offline).unwrap();
-    let (blockhash, signers) = parse_sign_only_reply_string(&sign_only_reply);
-    let offline_presigner = presigner_from_pubkey_sigs(&offline_pubkey, &signers).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_only_reply);
+    assert!(sign_only.has_all_signers());
+    let offline_presigner = sign_only.presigner_of(&offline_pubkey).unwrap();
    config.signers = vec![&offline_presigner];
    config.command = CliCommand::Transfer {
        lamports: 10,
        to: recipient_pubkey,
        from: 0,
        sign_only: false,
-        blockhash_query: BlockhashQuery::FeeCalculator(blockhash),
+        blockhash_query: BlockhashQuery::FeeCalculator(
+            blockhash_query::Source::NonceAccount(nonce_account.pubkey()),
+            sign_only.blockhash,
+        ),
        nonce_account: Some(nonce_account.pubkey()),
        nonce_authority: 0,
        fee_payer: 0,
@ -214,3 +217,114 @@ fn test_transfer() {
    server.close().unwrap();
    remove_dir_all(ledger_path).unwrap();
 }
+
+#[test]
+fn test_transfer_multisession_signing() {
+    let TestValidator {
+        server,
+        leader_data,
+        alice: mint_keypair,
+        ledger_path,
+        ..
+    } = TestValidator::run_with_options(TestValidatorOptions {
+        fees: 1,
+        bootstrap_validator_lamports: 42_000,
+    });
+
+    let (sender, receiver) = channel();
+    run_local_faucet(mint_keypair, sender, None);
+    let faucet_addr = receiver.recv().unwrap();
+
+    let to_pubkey = Pubkey::new(&[1u8; 32]);
+    let offline_from_signer = keypair_from_seed(&[2u8; 32]).unwrap();
+    let offline_fee_payer_signer = keypair_from_seed(&[3u8; 32]).unwrap();
+    let from_null_signer = NullSigner::new(&offline_from_signer.pubkey());
+
+    // Setup accounts
+    let rpc_client = RpcClient::new_socket(leader_data.rpc);
+    request_and_confirm_airdrop(&rpc_client, &faucet_addr, &offline_from_signer.pubkey(), 43)
+        .unwrap();
+    request_and_confirm_airdrop(
+        &rpc_client,
+        &faucet_addr,
+        &offline_fee_payer_signer.pubkey(),
+        3,
+    )
+    .unwrap();
+    check_balance(43, &rpc_client, &offline_from_signer.pubkey());
+    check_balance(3, &rpc_client, &offline_fee_payer_signer.pubkey());
+    check_balance(0, &rpc_client, &to_pubkey);
+
+    let (blockhash, _) = rpc_client.get_recent_blockhash().unwrap();
+
+    // Offline fee-payer signs first
+    let mut fee_payer_config = CliConfig::default();
+    fee_payer_config.json_rpc_url = String::default();
+    fee_payer_config.signers = vec![&offline_fee_payer_signer, &from_null_signer];
+    // Verify we cannot contact the cluster
+    fee_payer_config.command = CliCommand::ClusterVersion;
+    process_command(&fee_payer_config).unwrap_err();
+    fee_payer_config.command = CliCommand::Transfer {
+        lamports: 42,
+        to: to_pubkey,
+        from: 1,
+        sign_only: true,
+        blockhash_query: BlockhashQuery::None(blockhash),
+        nonce_account: None,
+        nonce_authority: 0,
+        fee_payer: 0,
+    };
+    let sign_only_reply = process_command(&fee_payer_config).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_only_reply);
+    assert!(!sign_only.has_all_signers());
+    let fee_payer_presigner = sign_only
+        .presigner_of(&offline_fee_payer_signer.pubkey())
+        .unwrap();
+
+    // Now the offline fund source
+    let mut from_config = CliConfig::default();
+    from_config.json_rpc_url = String::default();
+    from_config.signers = vec![&fee_payer_presigner, &offline_from_signer];
+    // Verify we cannot contact the cluster
+    from_config.command = CliCommand::ClusterVersion;
+    process_command(&from_config).unwrap_err();
+    from_config.command = CliCommand::Transfer {
+        lamports: 42,
+        to: to_pubkey,
+        from: 1,
+        sign_only: true,
+        blockhash_query: BlockhashQuery::None(blockhash),
+        nonce_account: None,
+        nonce_authority: 0,
+        fee_payer: 0,
+    };
+    let sign_only_reply = process_command(&from_config).unwrap();
+    let sign_only = parse_sign_only_reply_string(&sign_only_reply);
+    assert!(sign_only.has_all_signers());
+    let from_presigner = sign_only
+        .presigner_of(&offline_from_signer.pubkey())
+        .unwrap();
+
+    // Finally submit to the cluster
+    let mut config = CliConfig::default();
+    config.json_rpc_url = format!("http://{}:{}", leader_data.rpc.ip(), leader_data.rpc.port());
+    config.signers = vec![&fee_payer_presigner, &from_presigner];
+    config.command = CliCommand::Transfer {
+        lamports: 42,
+        to: to_pubkey,
+        from: 1,
+        sign_only: false,
+        blockhash_query: BlockhashQuery::FeeCalculator(blockhash_query::Source::Cluster, blockhash),
+        nonce_account: None,
+        nonce_authority: 0,
+        fee_payer: 0,
+    };
+    process_command(&config).unwrap();
+
+    check_balance(1, &rpc_client, &offline_from_signer.pubkey());
+    check_balance(1, &rpc_client, &offline_fee_payer_signer.pubkey());
+    check_balance(42, &rpc_client, &to_pubkey);
+
+    server.close().unwrap();
+    remove_dir_all(ledger_path).unwrap();
+}
--- a/cli/tests/vote.rs
+++ b/cli/tests/vote.rs
@ -0,0 +1,118 @@
+use solana_cli::cli::{process_command, request_and_confirm_airdrop, CliCommand, CliConfig};
+use solana_client::rpc_client::RpcClient;
+use solana_core::validator::TestValidator;
+use solana_faucet::faucet::run_local_faucet;
+use solana_sdk::{
+    account_utils::StateMut,
+    pubkey::Pubkey,
+    signature::{Keypair, Signer},
+};
+use solana_vote_program::vote_state::{VoteAuthorize, VoteState, VoteStateVersions};
+use std::{fs::remove_dir_all, sync::mpsc::channel, thread::sleep, time::Duration};
+
+fn check_balance(expected_balance: u64, client: &RpcClient, pubkey: &Pubkey) {
+    (0..5).for_each(|tries| {
+        let balance = client.retry_get_balance(pubkey, 1).unwrap().unwrap();
+        if balance == expected_balance {
+            return;
+        }
+        if tries == 4 {
+            assert_eq!(balance, expected_balance);
+        }
+        sleep(Duration::from_millis(500));
+    });
+}
+
+#[test]
+fn test_vote_authorize_and_withdraw() {
+    let TestValidator {
+        server,
+        leader_data,
+        alice,
+        ledger_path,
+        ..
+    } = TestValidator::run();
+    let (sender, receiver) = channel();
+    run_local_faucet(alice, sender, None);
+    let faucet_addr = receiver.recv().unwrap();
+
+    let rpc_client = RpcClient::new_socket(leader_data.rpc);
+    let default_signer = Keypair::new();
+
+    let mut config = CliConfig::default();
+    config.json_rpc_url = format!("http://{}:{}", leader_data.rpc.ip(), leader_data.rpc.port());
+    config.signers = vec![&default_signer];
+
+    request_and_confirm_airdrop(
+        &rpc_client,
+        &faucet_addr,
+        &config.signers[0].pubkey(),
+        100_000,
+    )
+    .unwrap();
+
+    // Create vote account
+    let vote_account_keypair = Keypair::new();
+    let vote_account_pubkey = vote_account_keypair.pubkey();
+    config.signers = vec![&default_signer, &vote_account_keypair];
+    config.command = CliCommand::CreateVoteAccount {
+        seed: None,
+        identity_account: 0,
+        authorized_voter: None,
+        authorized_withdrawer: Some(config.signers[0].pubkey()),
+        commission: 0,
+    };
+    process_command(&config).unwrap();
+    let vote_account = rpc_client
+        .get_account(&vote_account_keypair.pubkey())
+        .unwrap();
+    let vote_state: VoteStateVersions = vote_account.state().unwrap();
+    let authorized_withdrawer = vote_state.convert_to_current().authorized_withdrawer;
+    assert_eq!(authorized_withdrawer, config.signers[0].pubkey());
+    let expected_balance = rpc_client
+        .get_minimum_balance_for_rent_exemption(VoteState::size_of())
+        .unwrap()
+        .max(1);
+    check_balance(expected_balance, &rpc_client, &vote_account_pubkey);
+
+    // Authorize vote account withdrawal to another signer
+    let withdraw_authority = Keypair::new();
+    config.signers = vec![&default_signer];
+    config.command = CliCommand::VoteAuthorize {
+        vote_account_pubkey,
+        new_authorized_pubkey: withdraw_authority.pubkey(),
+        vote_authorize: VoteAuthorize::Withdrawer,
+    };
+    process_command(&config).unwrap();
+    let vote_account = rpc_client
+        .get_account(&vote_account_keypair.pubkey())
+        .unwrap();
+    let vote_state: VoteStateVersions = vote_account.state().unwrap();
+    let authorized_withdrawer = vote_state.convert_to_current().authorized_withdrawer;
+    assert_eq!(authorized_withdrawer, withdraw_authority.pubkey());
+
+    // Withdraw from vote account
+    let destination_account = Pubkey::new_rand(); // Send withdrawal to new account to make balance check easy
+    config.signers = vec![&default_signer, &withdraw_authority];
+    config.command = CliCommand::WithdrawFromVoteAccount {
+        vote_account_pubkey,
+        withdraw_authority: 1,
+        lamports: 100,
+        destination_account_pubkey: destination_account,
+    };
+    process_command(&config).unwrap();
+    check_balance(expected_balance - 100, &rpc_client, &vote_account_pubkey);
+    check_balance(100, &rpc_client, &destination_account);
+
+    // Re-assign validator identity
+    let new_identity_keypair = Keypair::new();
+    config.signers.push(&new_identity_keypair);
+    config.command = CliCommand::VoteUpdateValidator {
+        vote_account_pubkey,
+        new_identity_account: 2,
+    };
+    process_command(&config).unwrap();
+
+    server.close().unwrap();
+    remove_dir_all(ledger_path).unwrap();
+}
--- a/client/Cargo.toml
+++ b/client/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-client"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Client"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
@ -11,6 +11,7 @@ edition = "2018"
 [dependencies]
 bincode = "1.2.1"
 bs58 = "0.3.0"
+indicatif = "0.14.0"
 jsonrpc-core = "14.0.5"
 log = "0.4.8"
 rayon = "1.2.0"
@ -18,8 +19,9 @@ reqwest = { version = "0.10.1", default-features = false, features = ["blocking"
 serde = "1.0.104"
 serde_derive = "1.0.103"
 serde_json = "1.0.46"
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+solana-vote-program = { path = "../programs/vote", version = "1.0.8" }
 thiserror = "1.0"
 tungstenite = "0.10.1"
 url = "2.1.1"
@ -28,4 +30,4 @@ url = "2.1.1"
 assert_matches = "1.3.0"
 jsonrpc-core = "14.0.5"
 jsonrpc-http-server = "14.0.6"
-solana-logger = { path = "../logger", version = "1.0.1" }
+solana-logger = { path = "../logger", version = "1.0.8" }
--- a/client/src/client_error.rs
+++ b/client/src/client_error.rs
@ -1,20 +1,161 @@
 use crate::rpc_request;
-use solana_sdk::{signature::SignerError, transaction::TransactionError};
-use std::{fmt, io};
+use solana_sdk::{
+    signature::SignerError, transaction::TransactionError, transport::TransportError,
+};
+use std::io;
 use thiserror::Error;

 #[derive(Error, Debug)]
-pub enum ClientError {
+pub enum ClientErrorKind {
+    #[error(transparent)]
    Io(#[from] io::Error),
+    #[error(transparent)]
    Reqwest(#[from] reqwest::Error),
+    #[error(transparent)]
    RpcError(#[from] rpc_request::RpcError),
+    #[error(transparent)]
    SerdeJson(#[from] serde_json::error::Error),
+    #[error(transparent)]
    SigningError(#[from] SignerError),
+    #[error(transparent)]
    TransactionError(#[from] TransactionError),
+    #[error("Custom: {0}")]
+    Custom(String),
 }

-impl fmt::Display for ClientError {
-    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        write!(f, "solana client error")
+impl From<TransportError> for ClientErrorKind {
+    fn from(err: TransportError) -> Self {
+        match err {
+            TransportError::IoError(err) => Self::Io(err),
+            TransportError::TransactionError(err) => Self::TransactionError(err),
+            TransportError::Custom(err) => Self::Custom(err),
+        }
    }
 }
+
+impl Into<TransportError> for ClientErrorKind {
+    fn into(self) -> TransportError {
+        match self {
+            Self::Io(err) => TransportError::IoError(err),
+            Self::TransactionError(err) => TransportError::TransactionError(err),
+            Self::Reqwest(err) => TransportError::Custom(format!("{:?}", err)),
+            Self::RpcError(err) => TransportError::Custom(format!("{:?}", err)),
+            Self::SerdeJson(err) => TransportError::Custom(format!("{:?}", err)),
+            Self::SigningError(err) => TransportError::Custom(format!("{:?}", err)),
+            Self::Custom(err) => TransportError::Custom(format!("{:?}", err)),
+        }
+    }
+}
+
+#[derive(Error, Debug)]
+#[error("{kind}")]
+pub struct ClientError {
+    command: Option<&'static str>,
+    #[source]
+    #[error(transparent)]
+    kind: ClientErrorKind,
+}
+
+impl ClientError {
+    pub fn new_with_command(kind: ClientErrorKind, command: &'static str) -> Self {
+        Self {
+            command: Some(command),
+            kind,
+        }
+    }
+
+    pub fn into_with_command(self, command: &'static str) -> Self {
+        Self {
+            command: Some(command),
+            ..self
+        }
+    }
+
+    pub fn command(&self) -> Option<&'static str> {
+        self.command
+    }
+
+    pub fn kind(&self) -> &ClientErrorKind {
+        &self.kind
+    }
+}
+
+impl From<ClientErrorKind> for ClientError {
+    fn from(kind: ClientErrorKind) -> Self {
+        Self {
+            command: None,
+            kind,
+        }
+    }
+}
+
+impl From<TransportError> for ClientError {
+    fn from(err: TransportError) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl Into<TransportError> for ClientError {
+    fn into(self) -> TransportError {
+        self.kind.into()
+    }
+}
+
+impl From<std::io::Error> for ClientError {
+    fn from(err: std::io::Error) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl From<reqwest::Error> for ClientError {
+    fn from(err: reqwest::Error) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl From<rpc_request::RpcError> for ClientError {
+    fn from(err: rpc_request::RpcError) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl From<serde_json::error::Error> for ClientError {
+    fn from(err: serde_json::error::Error) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl From<SignerError> for ClientError {
+    fn from(err: SignerError) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+impl From<TransactionError> for ClientError {
+    fn from(err: TransactionError) -> Self {
+        Self {
+            command: None,
+            kind: err.into(),
+        }
+    }
+}
+
+pub type Result<T> = std::result::Result<T, ClientError>;
--- a/client/src/generic_rpc_client_request.rs
+++ b/client/src/generic_rpc_client_request.rs
@ -1,4 +1,4 @@
-use crate::{client_error::ClientError, rpc_request::RpcRequest};
+use crate::{client_error::Result, rpc_request::RpcRequest};

 pub(crate) trait GenericRpcClientRequest {
    fn send(
@ -6,5 +6,5 @@ pub(crate) trait GenericRpcClientRequest {
        request: &RpcRequest,
        params: serde_json::Value,
        retries: usize,
-    ) -> Result<serde_json::Value, ClientError>;
+    ) -> Result<serde_json::Value>;
 }
--- a/client/src/mock_rpc_client_request.rs
+++ b/client/src/mock_rpc_client_request.rs
@ -1,12 +1,12 @@
 use crate::{
-    client_error::ClientError,
+    client_error::Result,
    generic_rpc_client_request::GenericRpcClientRequest,
    rpc_request::RpcRequest,
    rpc_response::{Response, RpcResponseContext},
 };
 use serde_json::{Number, Value};
 use solana_sdk::{
-    fee_calculator::FeeCalculator,
+    fee_calculator::{FeeCalculator, FeeRateGovernor},
    instruction::InstructionError,
    transaction::{self, TransactionError},
 };
@ -41,7 +41,7 @@ impl GenericRpcClientRequest for MockRpcClientRequest {
        request: &RpcRequest,
        params: serde_json::Value,
        _retries: usize,
-    ) -> Result<serde_json::Value, ClientError> {
+    ) -> Result<serde_json::Value> {
        if let Some(value) = self.mocks.write().unwrap().remove(request) {
            return Ok(value);
        }
@ -71,6 +71,21 @@ impl GenericRpcClientRequest for MockRpcClientRequest {
                    serde_json::to_value(FeeCalculator::default()).unwrap(),
                ),
            })?,
+            RpcRequest::GetFeeCalculatorForBlockhash => {
+                let value = if self.url == "blockhash_expired" {
+                    Value::Null
+                } else {
+                    serde_json::to_value(Some(FeeCalculator::default())).unwrap()
+                };
+                serde_json::to_value(Response {
+                    context: RpcResponseContext { slot: 1 },
+                    value,
+                })?
+            }
+            RpcRequest::GetFeeRateGovernor => serde_json::to_value(Response {
+                context: RpcResponseContext { slot: 1 },
+                value: serde_json::to_value(FeeRateGovernor::default()).unwrap(),
+            })?,
            RpcRequest::GetSignatureStatus => {
                let response: Option<transaction::Result<()>> = if self.url == "account_in_use" {
                    Some(Err(TransactionError::AccountInUse))
--- a/client/src/rpc_client.rs
+++ b/client/src/rpc_client.rs
--- a/client/src/rpc_client_request.rs
+++ b/client/src/rpc_client_request.rs
@ -1,5 +1,5 @@
 use crate::{
-    client_error::ClientError,
+    client_error::Result,
    generic_rpc_client_request::GenericRpcClientRequest,
    rpc_request::{RpcError, RpcRequest},
 };
@ -34,7 +34,7 @@ impl GenericRpcClientRequest for RpcClientRequest {
        request: &RpcRequest,
        params: serde_json::Value,
        mut retries: usize,
-    ) -> Result<serde_json::Value, ClientError> {
+    ) -> Result<serde_json::Value> {
        // Concurrent requests are not supported so reuse the same request id for all requests
        let request_id = 1;

--- a/client/src/rpc_request.rs
+++ b/client/src/rpc_request.rs
@ -1,5 +1,5 @@
 use serde_json::{json, Value};
-use std::{error, fmt};
+use thiserror::Error;

 #[derive(Debug, PartialEq, Eq, Hash)]
 pub enum RpcRequest {
@ -15,11 +15,14 @@ pub enum RpcRequest {
    GetEpochInfo,
    GetEpochSchedule,
    GetGenesisHash,
+    GetIdentity,
    GetInflation,
    GetLeaderSchedule,
    GetNumBlocksSinceSignatureConfirmation,
    GetProgramAccounts,
    GetRecentBlockhash,
+    GetFeeCalculatorForBlockhash,
+    GetFeeRateGovernor,
    GetSignatureStatus,
    GetSlot,
    GetSlotLeader,
@ -54,6 +57,7 @@ impl RpcRequest {
            RpcRequest::GetEpochInfo => "getEpochInfo",
            RpcRequest::GetEpochSchedule => "getEpochSchedule",
            RpcRequest::GetGenesisHash => "getGenesisHash",
+            RpcRequest::GetIdentity => "getIdentity",
            RpcRequest::GetInflation => "getInflation",
            RpcRequest::GetLeaderSchedule => "getLeaderSchedule",
            RpcRequest::GetNumBlocksSinceSignatureConfirmation => {
@ -61,6 +65,8 @@ impl RpcRequest {
            }
            RpcRequest::GetProgramAccounts => "getProgramAccounts",
            RpcRequest::GetRecentBlockhash => "getRecentBlockhash",
+            RpcRequest::GetFeeCalculatorForBlockhash => "getFeeCalculatorForBlockhash",
+            RpcRequest::GetFeeRateGovernor => "getFeeRateGovernor",
            RpcRequest::GetSignatureStatus => "getSignatureStatus",
            RpcRequest::GetSlot => "getSlot",
            RpcRequest::GetSlotLeader => "getSlotLeader",
@ -87,26 +93,16 @@ impl RpcRequest {
    }
 }

-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Error)]
 pub enum RpcError {
+    #[error("rpc reques error: {0}")]
    RpcRequestError(String),
-}
-
-impl fmt::Display for RpcError {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "invalid")
-    }
-}
-
-impl error::Error for RpcError {
-    fn description(&self) -> &str {
-        "invalid"
-    }
-
-    fn cause(&self) -> Option<&dyn error::Error> {
-        // Generic error, underlying cause isn't tracked.
-        None
-    }
+    #[error("parse error: expected {0}")]
+    ParseError(String), /* "expected" */
+    // Anything in a `ForUser` needs to die.  The caller should be
+    // deciding what to tell their user
+    #[error("{0}")]
+    ForUser(String), /* "direct-to-user message" */
 }

 #[cfg(test)]
@ -123,7 +119,7 @@ mod tests {
        assert_eq!(request["params"], json!([addr]));

        let test_request = RpcRequest::GetBalance;
-        let request = test_request.build_request_json(1, json!([addr]));
+        let request = test_request.build_request_json(1, json!([addr.clone()]));
        assert_eq!(request["method"], "getBalance");

        let test_request = RpcRequest::GetEpochInfo;
@ -138,6 +134,14 @@ mod tests {
        let request = test_request.build_request_json(1, Value::Null);
        assert_eq!(request["method"], "getRecentBlockhash");

+        let test_request = RpcRequest::GetFeeCalculatorForBlockhash;
+        let request = test_request.build_request_json(1, json!([addr.clone()]));
+        assert_eq!(request["method"], "getFeeCalculatorForBlockhash");
+
+        let test_request = RpcRequest::GetFeeRateGovernor;
+        let request = test_request.build_request_json(1, Value::Null);
+        assert_eq!(request["method"], "getFeeRateGovernor");
+
        let test_request = RpcRequest::GetSlot;
        let request = test_request.build_request_json(1, Value::Null);
        assert_eq!(request["method"], "getSlot");
--- a/client/src/rpc_response.rs
+++ b/client/src/rpc_response.rs
@ -1,18 +1,16 @@
-use crate::rpc_request::RpcError;
+use crate::{client_error, rpc_request::RpcError};
 use bincode::serialize;
-use jsonrpc_core::Result as JsonResult;
 use solana_sdk::{
    account::Account,
    clock::{Epoch, Slot},
-    fee_calculator::FeeCalculator,
+    fee_calculator::{FeeCalculator, FeeRateGovernor},
    message::MessageHeader,
    pubkey::Pubkey,
    transaction::{Result, Transaction},
 };
-use std::{collections::HashMap, io, net::SocketAddr, str::FromStr};
+use std::{collections::HashMap, net::SocketAddr, str::FromStr};

-pub type RpcResponseIn<T> = JsonResult<Response<T>>;
-pub type RpcResponse<T> = io::Result<Response<T>>;
+pub type RpcResult<T> = client_error::Result<Response<T>>;

 #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
 pub struct RpcResponseContext {
@ -152,6 +150,18 @@ pub struct RpcBlockhashFeeCalculator {
    pub fee_calculator: FeeCalculator,
 }

+#[derive(Serialize, Deserialize, Clone, Debug)]
+#[serde(rename_all = "camelCase")]
+pub struct RpcFeeCalculator {
+    pub fee_calculator: FeeCalculator,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug)]
+#[serde(rename_all = "camelCase")]
+pub struct RpcFeeRateGovernor {
+    pub fee_rate_governor: FeeRateGovernor,
+}
+
 #[derive(Serialize, Deserialize, Clone, Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct RpcKeyedAccount {
@ -235,6 +245,13 @@ pub struct RpcVersionInfo {
    pub solana_core: String,
 }

+#[derive(Serialize, Deserialize, Clone, Debug)]
+#[serde(rename_all = "kebab-case")]
+pub struct RpcIdentity {
+    /// The current node identity pubkey
+    pub identity: String,
+}
+
 #[derive(Serialize, Deserialize, Clone, Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct RpcVoteAccountStatus {
--- a/client/src/thin_client.rs
+++ b/client/src/thin_client.rs
@ -11,7 +11,7 @@ use solana_sdk::{
    client::{AsyncClient, Client, SyncClient},
    clock::MAX_PROCESSING_AGE,
    commitment_config::CommitmentConfig,
-    fee_calculator::FeeCalculator,
+    fee_calculator::{FeeCalculator, FeeRateGovernor},
    hash::Hash,
    instruction::Instruction,
    message::Message,
@ -26,7 +26,7 @@ use solana_sdk::{
 };
 use std::{
    io,
-    net::{SocketAddr, UdpSocket},
+    net::{IpAddr, Ipv4Addr, SocketAddr, UdpSocket},
    sync::{
        atomic::{AtomicBool, AtomicUsize, Ordering},
        RwLock,
@ -188,7 +188,7 @@ impl ThinClient {
        transaction: &mut Transaction,
        tries: usize,
        min_confirmed_blocks: usize,
-    ) -> io::Result<Signature> {
+    ) -> TransportResult<Signature> {
        self.send_and_confirm_transaction(&[keypair], transaction, tries, min_confirmed_blocks)
    }

@ -198,7 +198,7 @@ impl ThinClient {
        keypair: &Keypair,
        transaction: &mut Transaction,
        tries: usize,
-    ) -> io::Result<Signature> {
+    ) -> TransportResult<Signature> {
        self.send_and_confirm_transaction(&[keypair], transaction, tries, 0)
    }

@ -209,7 +209,7 @@ impl ThinClient {
        transaction: &mut Transaction,
        tries: usize,
        pending_confirmations: usize,
-    ) -> io::Result<Signature> {
+    ) -> TransportResult<Signature> {
        for x in 0..tries {
            let now = Instant::now();
            let mut buf = vec![0; serialized_size(&transaction).unwrap() as usize];
@ -243,13 +243,14 @@ impl ThinClient {
                }
            }
            info!("{} tries failed transfer to {}", x, self.tpu_addr());
-            let (blockhash, _fee_calculator) = self.rpc_client().get_recent_blockhash()?;
+            let (blockhash, _fee_calculator) = self.get_recent_blockhash()?;
            transaction.sign(keypairs, blockhash);
        }
        Err(io::Error::new(
            io::ErrorKind::Other,
            format!("retry_transfer failed in {} retries", tries),
-        ))
+        )
+        .into())
    }

    pub fn poll_balance_with_timeout_and_commitment(
@ -258,13 +259,15 @@ impl ThinClient {
        polling_frequency: &Duration,
        timeout: &Duration,
        commitment_config: CommitmentConfig,
-    ) -> io::Result<u64> {
-        self.rpc_client().poll_balance_with_timeout_and_commitment(
-            pubkey,
-            polling_frequency,
-            timeout,
-            commitment_config,
-        )
+    ) -> TransportResult<u64> {
+        self.rpc_client()
+            .poll_balance_with_timeout_and_commitment(
+                pubkey,
+                polling_frequency,
+                timeout,
+                commitment_config,
+            )
+            .map_err(|e| e.into())
    }

    pub fn poll_balance_with_timeout(
@ -272,8 +275,8 @@ impl ThinClient {
        pubkey: &Pubkey,
        polling_frequency: &Duration,
        timeout: &Duration,
-    ) -> io::Result<u64> {
-        self.rpc_client().poll_balance_with_timeout_and_commitment(
+    ) -> TransportResult<u64> {
+        self.poll_balance_with_timeout_and_commitment(
            pubkey,
            polling_frequency,
            timeout,
@ -281,18 +284,18 @@ impl ThinClient {
        )
    }

-    pub fn poll_get_balance(&self, pubkey: &Pubkey) -> io::Result<u64> {
-        self.rpc_client()
-            .poll_get_balance_with_commitment(pubkey, CommitmentConfig::default())
+    pub fn poll_get_balance(&self, pubkey: &Pubkey) -> TransportResult<u64> {
+        self.poll_get_balance_with_commitment(pubkey, CommitmentConfig::default())
    }

    pub fn poll_get_balance_with_commitment(
        &self,
        pubkey: &Pubkey,
        commitment_config: CommitmentConfig,
-    ) -> io::Result<u64> {
+    ) -> TransportResult<u64> {
        self.rpc_client()
            .poll_get_balance_with_commitment(pubkey, commitment_config)
+            .map_err(|e| e.into())
    }

    pub fn wait_for_balance(&self, pubkey: &Pubkey, expected_balance: Option<u64>) -> Option<u64> {
@ -321,9 +324,9 @@ impl ThinClient {
        signature: &Signature,
        commitment_config: CommitmentConfig,
    ) -> TransportResult<()> {
-        Ok(self
-            .rpc_client()
-            .poll_for_signature_with_commitment(signature, commitment_config)?)
+        self.rpc_client()
+            .poll_for_signature_with_commitment(signature, commitment_config)
+            .map_err(|e| e.into())
    }

    /// Check a signature in the bank. This method blocks
@ -332,16 +335,17 @@ impl ThinClient {
        self.rpc_client().check_signature(signature)
    }

-    pub fn validator_exit(&self) -> io::Result<bool> {
-        self.rpc_client().validator_exit()
+    pub fn validator_exit(&self) -> TransportResult<bool> {
+        self.rpc_client().validator_exit().map_err(|e| e.into())
    }

    pub fn get_num_blocks_since_signature_confirmation(
        &mut self,
        sig: &Signature,
-    ) -> io::Result<usize> {
+    ) -> TransportResult<usize> {
        self.rpc_client()
            .get_num_blocks_since_signature_confirmation(sig)
+            .map_err(|e| e.into())
    }
 }

@ -368,7 +372,7 @@ impl SyncClient for ThinClient {
        keypair: &Keypair,
        instruction: Instruction,
    ) -> TransportResult<Signature> {
-        let message = Message::new(vec![instruction]);
+        let message = Message::new(&[instruction]);
        self.send_message(&[keypair], message)
    }

@ -400,14 +404,14 @@ impl SyncClient for ThinClient {
        pubkey: &Pubkey,
        commitment_config: CommitmentConfig,
    ) -> TransportResult<Option<Account>> {
-        Ok(self
-            .rpc_client()
-            .get_account_with_commitment(pubkey, commitment_config)?
-            .value)
+        self.rpc_client()
+            .get_account_with_commitment(pubkey, commitment_config)
+            .map_err(|e| e.into())
+            .map(|r| r.value)
    }

    fn get_balance(&self, pubkey: &Pubkey) -> TransportResult<u64> {
-        Ok(self.rpc_client().get_balance(pubkey)?)
+        self.rpc_client().get_balance(pubkey).map_err(|e| e.into())
    }

    fn get_balance_with_commitment(
@ -415,10 +419,10 @@ impl SyncClient for ThinClient {
        pubkey: &Pubkey,
        commitment_config: CommitmentConfig,
    ) -> TransportResult<u64> {
-        let balance = self
-            .rpc_client()
-            .get_balance_with_commitment(pubkey, commitment_config)?;
-        Ok(balance.value)
+        self.rpc_client()
+            .get_balance_with_commitment(pubkey, commitment_config)
+            .map_err(|e| e.into())
+            .map(|r| r.value)
    }

    fn get_recent_blockhash(&self) -> TransportResult<(Hash, FeeCalculator)> {
@ -445,6 +449,22 @@ impl SyncClient for ThinClient {
        }
    }

+    fn get_fee_calculator_for_blockhash(
+        &self,
+        blockhash: &Hash,
+    ) -> TransportResult<Option<FeeCalculator>> {
+        self.rpc_client()
+            .get_fee_calculator_for_blockhash(blockhash)
+            .map_err(|e| e.into())
+    }
+
+    fn get_fee_rate_governor(&self) -> TransportResult<FeeRateGovernor> {
+        self.rpc_client()
+            .get_fee_rate_governor()
+            .map_err(|e| e.into())
+            .map(|r| r.value)
+    }
+
    fn get_signature_status(
        &self,
        signature: &Signature,
@ -540,23 +560,26 @@ impl SyncClient for ThinClient {
        signature: &Signature,
        min_confirmed_blocks: usize,
    ) -> TransportResult<usize> {
-        Ok(self
-            .rpc_client()
-            .poll_for_signature_confirmation(signature, min_confirmed_blocks)?)
+        self.rpc_client()
+            .poll_for_signature_confirmation(signature, min_confirmed_blocks)
+            .map_err(|e| e.into())
    }

    fn poll_for_signature(&self, signature: &Signature) -> TransportResult<()> {
-        Ok(self.rpc_client().poll_for_signature(signature)?)
+        self.rpc_client()
+            .poll_for_signature(signature)
+            .map_err(|e| e.into())
    }

    fn get_new_blockhash(&self, blockhash: &Hash) -> TransportResult<(Hash, FeeCalculator)> {
-        let new_blockhash = self.rpc_client().get_new_blockhash(blockhash)?;
-        Ok(new_blockhash)
+        self.rpc_client()
+            .get_new_blockhash(blockhash)
+            .map_err(|e| e.into())
    }
 }

 impl AsyncClient for ThinClient {
-    fn async_send_transaction(&self, transaction: Transaction) -> io::Result<Signature> {
+    fn async_send_transaction(&self, transaction: Transaction) -> TransportResult<Signature> {
        let mut buf = vec![0; serialized_size(&transaction).unwrap() as usize];
        let mut wr = std::io::Cursor::new(&mut buf[..]);
        serialize_into(&mut wr, &transaction)
@ -571,7 +594,7 @@ impl AsyncClient for ThinClient {
        keypairs: &T,
        message: Message,
        recent_blockhash: Hash,
-    ) -> io::Result<Signature> {
+    ) -> TransportResult<Signature> {
        let transaction = Transaction::new(keypairs, message, recent_blockhash);
        self.async_send_transaction(transaction)
    }
@ -580,8 +603,8 @@ impl AsyncClient for ThinClient {
        keypair: &Keypair,
        instruction: Instruction,
        recent_blockhash: Hash,
-    ) -> io::Result<Signature> {
-        let message = Message::new(vec![instruction]);
+    ) -> TransportResult<Signature> {
+        let message = Message::new(&[instruction]);
        self.async_send_message(&[keypair], message, recent_blockhash)
    }
    fn async_transfer(
@ -590,7 +613,7 @@ impl AsyncClient for ThinClient {
        keypair: &Keypair,
        pubkey: &Pubkey,
        recent_blockhash: Hash,
-    ) -> io::Result<Signature> {
+    ) -> TransportResult<Signature> {
        let transfer_instruction =
            system_instruction::transfer(&keypair.pubkey(), pubkey, lamports);
        self.async_send_instruction(keypair, transfer_instruction, recent_blockhash)
@ -598,7 +621,8 @@ impl AsyncClient for ThinClient {
 }

 pub fn create_client((rpc, tpu): (SocketAddr, SocketAddr), range: (u16, u16)) -> ThinClient {
-    let (_, transactions_socket) = solana_net_utils::bind_in_range(range).unwrap();
+    let (_, transactions_socket) =
+        solana_net_utils::bind_in_range(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), range).unwrap();
    ThinClient::new(rpc, tpu, transactions_socket)
 }

@ -607,7 +631,8 @@ pub fn create_client_with_timeout(
    range: (u16, u16),
    timeout: Duration,
 ) -> ThinClient {
-    let (_, transactions_socket) = solana_net_utils::bind_in_range(range).unwrap();
+    let (_, transactions_socket) =
+        solana_net_utils::bind_in_range(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), range).unwrap();
    ThinClient::new_socket_with_timeout(rpc, tpu, transactions_socket, timeout)
 }

--- a/core/Cargo.toml
+++ b/core/Cargo.toml
@ -1,7 +1,7 @@
 [package]
 name = "solana-core"
 description = "Blockchain, Rebuilt for Scale"
-version = "1.0.1"
+version = "1.0.8"
 documentation = "https://docs.rs/solana"
 homepage = "https://solana.com/"
 readme = "../README.md"
@ -15,6 +15,7 @@ codecov = { repository = "solana-labs/solana", branch = "master", service = "git

 [dependencies]
 bincode = "1.2.1"
+bv = { version = "0.11.1", features = ["serde"] }
 bs58 = "0.3.0"
 byteorder = "1.3.2"
 chrono = { version = "0.4.10", features = ["serde"] }
@ -41,26 +42,26 @@ regex = "1.3.4"
 serde = "1.0.104"
 serde_derive = "1.0.103"
 serde_json = "1.0.46"
-solana-budget-program = { path = "../programs/budget", version = "1.0.1" }
-solana-clap-utils = { path = "../clap-utils", version = "1.0.1" }
-solana-client = { path = "../client", version = "1.0.1" }
-solana-faucet = { path = "../faucet", version = "1.0.1" }
+solana-budget-program = { path = "../programs/budget", version = "1.0.8" }
+solana-clap-utils = { path = "../clap-utils", version = "1.0.8" }
+solana-client = { path = "../client", version = "1.0.8" }
+solana-faucet = { path = "../faucet", version = "1.0.8" }
 ed25519-dalek = "=1.0.0-pre.1"
-solana-ledger = { path = "../ledger", version = "1.0.1" }
-solana-logger = { path = "../logger", version = "1.0.1" }
-solana-merkle-tree = { path = "../merkle-tree", version = "1.0.1" }
-solana-metrics = { path = "../metrics", version = "1.0.1" }
-solana-measure = { path = "../measure", version = "1.0.1" }
-solana-net-utils = { path = "../net-utils", version = "1.0.1" }
-solana-chacha-cuda = { path = "../chacha-cuda", version = "1.0.1" }
-solana-perf = { path = "../perf", version = "1.0.1" }
-solana-runtime = { path = "../runtime", version = "1.0.1" }
-solana-sdk = { path = "../sdk", version = "1.0.1" }
-solana-stake-program = { path = "../programs/stake", version = "1.0.1" }
-solana-storage-program = { path = "../programs/storage", version = "1.0.1" }
-solana-vote-program = { path = "../programs/vote", version = "1.0.1" }
-solana-vote-signer = { path = "../vote-signer", version = "1.0.1" }
-solana-sys-tuner = { path = "../sys-tuner", version = "1.0.1" }
+solana-ledger = { path = "../ledger", version = "1.0.8" }
+solana-logger = { path = "../logger", version = "1.0.8" }
+solana-merkle-tree = { path = "../merkle-tree", version = "1.0.8" }
+solana-metrics = { path = "../metrics", version = "1.0.8" }
+solana-measure = { path = "../measure", version = "1.0.8" }
+solana-net-utils = { path = "../net-utils", version = "1.0.8" }
+solana-chacha-cuda = { path = "../chacha-cuda", version = "1.0.8" }
+solana-perf = { path = "../perf", version = "1.0.8" }
+solana-runtime = { path = "../runtime", version = "1.0.8" }
+solana-sdk = { path = "../sdk", version = "1.0.8" }
+solana-stake-program = { path = "../programs/stake", version = "1.0.8" }
+solana-storage-program = { path = "../programs/storage", version = "1.0.8" }
+solana-vote-program = { path = "../programs/vote", version = "1.0.8" }
+solana-vote-signer = { path = "../vote-signer", version = "1.0.8" }
+solana-sys-tuner = { path = "../sys-tuner", version = "1.0.8" }
 sys-info = "0.5.9"
 tempfile = "3.1.0"
 thiserror = "1.0"
@ -68,7 +69,7 @@ tokio = "0.1"
 tokio-codec = "0.1"
 tokio-fs = "0.1"
 tokio-io = "0.1"
-solana-rayon-threadlimit = { path = "../rayon-threadlimit", version = "1.0.1" }
+solana-rayon-threadlimit = { path = "../rayon-threadlimit", version = "1.0.8" }
 trees = "0.2.1"

 [dev-dependencies]
--- a/core/src/accounts_hash_verifier.rs
+++ b/core/src/accounts_hash_verifier.rs
@ -0,0 +1,200 @@
+// Service to verify accounts hashes with other trusted validator nodes.
+//
+// Each interval, publish the snapshat hash which is the full accounts state
+// hash on gossip. Monitor gossip for messages from validators in the --trusted-validators
+// set and halt the node if a mismatch is detected.
+
+use crate::cluster_info::ClusterInfo;
+use solana_ledger::{
+    snapshot_package::SnapshotPackage, snapshot_package::SnapshotPackageReceiver,
+    snapshot_package::SnapshotPackageSender,
+};
+use solana_sdk::{clock::Slot, hash::Hash, pubkey::Pubkey};
+use std::collections::{HashMap, HashSet};
+use std::{
+    sync::{
+        atomic::{AtomicBool, Ordering},
+        mpsc::RecvTimeoutError,
+        Arc, RwLock,
+    },
+    thread::{self, Builder, JoinHandle},
+    time::Duration,
+};
+
+pub struct AccountsHashVerifier {
+    t_accounts_hash_verifier: JoinHandle<()>,
+}
+
+impl AccountsHashVerifier {
+    pub fn new(
+        snapshot_package_receiver: SnapshotPackageReceiver,
+        snapshot_package_sender: Option<SnapshotPackageSender>,
+        exit: &Arc<AtomicBool>,
+        cluster_info: &Arc<RwLock<ClusterInfo>>,
+        trusted_validators: Option<HashSet<Pubkey>>,
+        halt_on_trusted_validators_accounts_hash_mismatch: bool,
+        fault_injection_rate_slots: u64,
+    ) -> Self {
+        let exit = exit.clone();
+        let cluster_info = cluster_info.clone();
+        let t_accounts_hash_verifier = Builder::new()
+            .name("solana-accounts-hash".to_string())
+            .spawn(move || {
+                let mut hashes = vec![];
+                loop {
+                    if exit.load(Ordering::Relaxed) {
+                        break;
+                    }
+
+                    match snapshot_package_receiver.recv_timeout(Duration::from_secs(1)) {
+                        Ok(snapshot_package) => {
+                            Self::process_snapshot(
+                                snapshot_package,
+                                &cluster_info,
+                                &trusted_validators,
+                                halt_on_trusted_validators_accounts_hash_mismatch,
+                                &snapshot_package_sender,
+                                &mut hashes,
+                                &exit,
+                                fault_injection_rate_slots,
+                            );
+                        }
+                        Err(RecvTimeoutError::Disconnected) => break,
+                        Err(RecvTimeoutError::Timeout) => (),
+                    }
+                }
+            })
+            .unwrap();
+        Self {
+            t_accounts_hash_verifier,
+        }
+    }
+
+    fn process_snapshot(
+        snapshot_package: SnapshotPackage,
+        cluster_info: &Arc<RwLock<ClusterInfo>>,
+        trusted_validators: &Option<HashSet<Pubkey>>,
+        halt_on_trusted_validator_accounts_hash_mismatch: bool,
+        snapshot_package_sender: &Option<SnapshotPackageSender>,
+        hashes: &mut Vec<(Slot, Hash)>,
+        exit: &Arc<AtomicBool>,
+        fault_injection_rate_slots: u64,
+    ) {
+        if fault_injection_rate_slots != 0
+            && snapshot_package.root % fault_injection_rate_slots == 0
+        {
+            // For testing, publish an invalid hash to gossip.
+            use rand::{thread_rng, Rng};
+            use solana_sdk::hash::extend_and_hash;
+            warn!("inserting fault at slot: {}", snapshot_package.root);
+            let rand = thread_rng().gen_range(0, 10);
+            let hash = extend_and_hash(&snapshot_package.hash, &[rand]);
+            hashes.push((snapshot_package.root, hash));
+        } else {
+            hashes.push((snapshot_package.root, snapshot_package.hash));
+        }
+
+        if halt_on_trusted_validator_accounts_hash_mismatch {
+            let mut slot_to_hash = HashMap::new();
+            for (slot, hash) in hashes.iter() {
+                slot_to_hash.insert(*slot, *hash);
+            }
+            if Self::should_halt(&cluster_info, trusted_validators, &mut slot_to_hash) {
+                exit.store(true, Ordering::Relaxed);
+            }
+        }
+        if let Some(sender) = snapshot_package_sender.as_ref() {
+            if sender.send(snapshot_package).is_err() {}
+        }
+
+        cluster_info
+            .write()
+            .unwrap()
+            .push_accounts_hashes(hashes.clone());
+    }
+
+    fn should_halt(
+        cluster_info: &Arc<RwLock<ClusterInfo>>,
+        trusted_validators: &Option<HashSet<Pubkey>>,
+        slot_to_hash: &mut HashMap<Slot, Hash>,
+    ) -> bool {
+        let mut verified_count = 0;
+        if let Some(trusted_validators) = trusted_validators.as_ref() {
+            for trusted_validator in trusted_validators {
+                let cluster_info_r = cluster_info.read().unwrap();
+                if let Some(accounts_hashes) =
+                    cluster_info_r.get_accounts_hash_for_node(trusted_validator)
+                {
+                    for (slot, hash) in accounts_hashes {
+                        if let Some(reference_hash) = slot_to_hash.get(slot) {
+                            if *hash != *reference_hash {
+                                error!("Trusted validator {} produced conflicting hashes for slot: {} ({} != {})",
+                                    trusted_validator,
+                                    slot,
+                                    hash,
+                                    reference_hash,
+                                );
+
+                                return true;
+                            } else {
+                                verified_count += 1;
+                            }
+                        } else {
+                            slot_to_hash.insert(*slot, *hash);
+                        }
+                    }
+                }
+            }
+        }
+        inc_new_counter_info!("accounts_hash_verifier-hashes_verified", verified_count);
+        false
+    }
+
+    pub fn join(self) -> thread::Result<()> {
+        self.t_accounts_hash_verifier.join()
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::cluster_info::make_accounts_hashes_message;
+    use crate::contact_info::ContactInfo;
+    use solana_sdk::{
+        hash::hash,
+        signature::{Keypair, Signer},
+    };
+
+    #[test]
+    fn test_should_halt() {
+        let keypair = Keypair::new();
+
+        let contact_info = ContactInfo::new_localhost(&keypair.pubkey(), 0);
+        let cluster_info = ClusterInfo::new_with_invalid_keypair(contact_info);
+        let cluster_info = Arc::new(RwLock::new(cluster_info));
+
+        let mut trusted_validators = HashSet::new();
+        let mut slot_to_hash = HashMap::new();
+        assert!(!AccountsHashVerifier::should_halt(
+            &cluster_info,
+            &Some(trusted_validators.clone()),
+            &mut slot_to_hash,
+        ));
+
+        let validator1 = Keypair::new();
+        let hash1 = hash(&[1]);
+        let hash2 = hash(&[2]);
+        {
+            let message = make_accounts_hashes_message(&validator1, vec![(0, hash1)]).unwrap();
+            let mut cluster_info_w = cluster_info.write().unwrap();
+            cluster_info_w.push_message(message);
+        }
+        slot_to_hash.insert(0, hash2);
+        trusted_validators.insert(validator1.pubkey());
+        assert!(AccountsHashVerifier::should_halt(
+            &cluster_info,
+            &Some(trusted_validators.clone()),
+            &mut slot_to_hash,
+        ));
+    }
+}
--- a/core/src/cluster_info.rs
+++ b/core/src/cluster_info.rs
@ -48,7 +48,7 @@ use solana_sdk::timing::duration_as_s;
 use solana_sdk::{
    clock::{Slot, DEFAULT_MS_PER_SLOT},
    pubkey::Pubkey,
-    signature::{Keypair, Signable, Signature},
+    signature::{Keypair, Signable, Signature, Signer},
    timing::{duration_as_ms, timestamp},
    transaction::Transaction,
 };
@ -180,6 +180,14 @@ struct PullData {
    pub filter: CrdsFilter,
 }

+pub fn make_accounts_hashes_message(
+    keypair: &Keypair,
+    accounts_hashes: Vec<(Slot, Hash)>,
+) -> Option<CrdsValue> {
+    let message = CrdsData::AccountsHashes(SnapshotHash::new(keypair.pubkey(), accounts_hashes));
+    Some(CrdsValue::new_signed(message, keypair))
+}
+
 // TODO These messages should go through the gpu pipeline for spam filtering
 #[derive(Serialize, Deserialize, Debug)]
 #[allow(clippy::large_enum_variant)]
@ -443,22 +451,36 @@ impl ClusterInfo {
            .process_push_message(&self.id(), vec![entry], now);
    }

-    pub fn push_snapshot_hashes(&mut self, snapshot_hashes: Vec<(Slot, Hash)>) {
-        if snapshot_hashes.len() > MAX_SNAPSHOT_HASHES {
+    pub fn push_message(&mut self, message: CrdsValue) {
+        let now = message.wallclock();
+        let id = message.pubkey();
+        self.gossip.process_push_message(&id, vec![message], now);
+    }
+
+    pub fn push_accounts_hashes(&mut self, accounts_hashes: Vec<(Slot, Hash)>) {
+        if accounts_hashes.len() > MAX_SNAPSHOT_HASHES {
            warn!(
-                "snapshot_hashes too large, ignored: {}",
-                snapshot_hashes.len()
+                "accounts hashes too large, ignored: {}",
+                accounts_hashes.len(),
            );
            return;
        }

-        let now = timestamp();
-        let entry = CrdsValue::new_signed(
-            CrdsData::SnapshotHash(SnapshotHash::new(self.id(), snapshot_hashes, now)),
-            &self.keypair,
-        );
-        self.gossip
-            .process_push_message(&self.id(), vec![entry], now);
+        let message = CrdsData::AccountsHashes(SnapshotHash::new(self.id(), accounts_hashes));
+        self.push_message(CrdsValue::new_signed(message, &self.keypair));
+    }
+
+    pub fn push_snapshot_hashes(&mut self, snapshot_hashes: Vec<(Slot, Hash)>) {
+        if snapshot_hashes.len() > MAX_SNAPSHOT_HASHES {
+            warn!(
+                "snapshot hashes too large, ignored: {}",
+                snapshot_hashes.len(),
+            );
+            return;
+        }
+
+        let message = CrdsData::SnapshotHashes(SnapshotHash::new(self.id(), snapshot_hashes));
+        self.push_message(CrdsValue::new_signed(message, &self.keypair));
    }

    pub fn push_vote(&mut self, tower_index: usize, vote: Transaction) {
@ -518,11 +540,19 @@ impl ClusterInfo {
            .collect()
    }

+    pub fn get_accounts_hash_for_node(&self, pubkey: &Pubkey) -> Option<&Vec<(Slot, Hash)>> {
+        self.gossip
+            .crds
+            .table
+            .get(&CrdsValueLabel::AccountsHashes(*pubkey))
+            .map(|x| &x.value.accounts_hash().unwrap().hashes)
+    }
+
    pub fn get_snapshot_hash_for_node(&self, pubkey: &Pubkey) -> Option<&Vec<(Slot, Hash)>> {
        self.gossip
            .crds
            .table
-            .get(&CrdsValueLabel::SnapshotHash(*pubkey))
+            .get(&CrdsValueLabel::SnapshotHashes(*pubkey))
            .map(|x| &x.value.snapshot_hash().unwrap().hashes)
    }

@ -1615,7 +1645,7 @@ impl ClusterInfo {
            .unwrap()
    }

-    fn gossip_contact_info(id: &Pubkey, gossip: SocketAddr) -> ContactInfo {
+    pub fn gossip_contact_info(id: &Pubkey, gossip: SocketAddr) -> ContactInfo {
        ContactInfo {
            id: *id,
            gossip,
@ -1635,8 +1665,9 @@ impl ClusterInfo {
        id: &Pubkey,
        gossip_addr: &SocketAddr,
    ) -> (ContactInfo, UdpSocket, Option<TcpListener>) {
+        let bind_ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
        let (port, (gossip_socket, ip_echo)) =
-            Node::get_gossip_port(gossip_addr, VALIDATOR_PORT_RANGE);
+            Node::get_gossip_port(gossip_addr, VALIDATOR_PORT_RANGE, bind_ip_addr);
        let contact_info = Self::gossip_contact_info(id, SocketAddr::new(gossip_addr.ip(), port));

        (contact_info, gossip_socket, Some(ip_echo))
@ -1644,7 +1675,8 @@ impl ClusterInfo {

    /// A Node with dummy ports to spy on gossip via pull requests
    pub fn spy_node(id: &Pubkey) -> (ContactInfo, UdpSocket, Option<TcpListener>) {
-        let (_, gossip_socket) = bind_in_range(VALIDATOR_PORT_RANGE).unwrap();
+        let bind_ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
+        let (_, gossip_socket) = bind_in_range(bind_ip_addr, VALIDATOR_PORT_RANGE).unwrap();
        let contact_info = Self::spy_contact_info(id);

        (contact_info, gossip_socket, None)
@ -1759,16 +1791,18 @@ impl Node {
        }
    }
    pub fn new_localhost_with_pubkey(pubkey: &Pubkey) -> Self {
+        let bind_ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
        let tpu = UdpSocket::bind("127.0.0.1:0").unwrap();
-        let (gossip_port, (gossip, ip_echo)) = bind_common_in_range((1024, 65535)).unwrap();
+        let (gossip_port, (gossip, ip_echo)) =
+            bind_common_in_range(bind_ip_addr, (1024, 65535)).unwrap();
        let gossip_addr = SocketAddr::new(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), gossip_port);
        let tvu = UdpSocket::bind("127.0.0.1:0").unwrap();
        let tvu_forwards = UdpSocket::bind("127.0.0.1:0").unwrap();
        let tpu_forwards = UdpSocket::bind("127.0.0.1:0").unwrap();
        let repair = UdpSocket::bind("127.0.0.1:0").unwrap();
-        let rpc_port = find_available_port_in_range((1024, 65535)).unwrap();
+        let rpc_port = find_available_port_in_range(bind_ip_addr, (1024, 65535)).unwrap();
        let rpc_addr = SocketAddr::new(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), rpc_port);
-        let rpc_pubsub_port = find_available_port_in_range((1024, 65535)).unwrap();
+        let rpc_pubsub_port = find_available_port_in_range(bind_ip_addr, (1024, 65535)).unwrap();
        let rpc_pubsub_addr =
            SocketAddr::new(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), rpc_pubsub_port);

@ -1811,45 +1845,52 @@ impl Node {
    fn get_gossip_port(
        gossip_addr: &SocketAddr,
        port_range: PortRange,
+        bind_ip_addr: IpAddr,
    ) -> (u16, (UdpSocket, TcpListener)) {
        if gossip_addr.port() != 0 {
            (
                gossip_addr.port(),
-                bind_common(gossip_addr.port(), false).unwrap_or_else(|e| {
+                bind_common(bind_ip_addr, gossip_addr.port(), false).unwrap_or_else(|e| {
                    panic!("gossip_addr bind_to port {}: {}", gossip_addr.port(), e)
                }),
            )
        } else {
-            bind_common_in_range(port_range).expect("Failed to bind")
+            bind_common_in_range(bind_ip_addr, port_range).expect("Failed to bind")
        }
    }
-    fn bind(port_range: PortRange) -> (u16, UdpSocket) {
-        bind_in_range(port_range).expect("Failed to bind")
+    fn bind(bind_ip_addr: IpAddr, port_range: PortRange) -> (u16, UdpSocket) {
+        bind_in_range(bind_ip_addr, port_range).expect("Failed to bind")
    }
+
    pub fn new_with_external_ip(
        pubkey: &Pubkey,
        gossip_addr: &SocketAddr,
        port_range: PortRange,
+        bind_ip_addr: IpAddr,
    ) -> Node {
-        let (gossip_port, (gossip, ip_echo)) = Self::get_gossip_port(gossip_addr, port_range);
+        let (gossip_port, (gossip, ip_echo)) =
+            Self::get_gossip_port(gossip_addr, port_range, bind_ip_addr);

-        let (tvu_port, tvu_sockets) = multi_bind_in_range(port_range, 8).expect("tvu multi_bind");
+        let (tvu_port, tvu_sockets) =
+            multi_bind_in_range(bind_ip_addr, port_range, 8).expect("tvu multi_bind");

        let (tvu_forwards_port, tvu_forwards_sockets) =
-            multi_bind_in_range(port_range, 8).expect("tvu_forwards multi_bind");
+            multi_bind_in_range(bind_ip_addr, port_range, 8).expect("tvu_forwards multi_bind");

-        let (tpu_port, tpu_sockets) = multi_bind_in_range(port_range, 32).expect("tpu multi_bind");
+        let (tpu_port, tpu_sockets) =
+            multi_bind_in_range(bind_ip_addr, port_range, 32).expect("tpu multi_bind");

        let (tpu_forwards_port, tpu_forwards_sockets) =
-            multi_bind_in_range(port_range, 8).expect("tpu_forwards multi_bind");
+            multi_bind_in_range(bind_ip_addr, port_range, 8).expect("tpu_forwards multi_bind");

        let (_, retransmit_sockets) =
-            multi_bind_in_range(port_range, 8).expect("retransmit multi_bind");
+            multi_bind_in_range(bind_ip_addr, port_range, 8).expect("retransmit multi_bind");

-        let (repair_port, repair) = Self::bind(port_range);
-        let (serve_repair_port, serve_repair) = Self::bind(port_range);
+        let (repair_port, repair) = Self::bind(bind_ip_addr, port_range);
+        let (serve_repair_port, serve_repair) = Self::bind(bind_ip_addr, port_range);

-        let (_, broadcast) = multi_bind_in_range(port_range, 4).expect("broadcast multi_bind");
+        let (_, broadcast) =
+            multi_bind_in_range(bind_ip_addr, port_range, 4).expect("broadcast multi_bind");

        let info = ContactInfo {
            id: *pubkey,
@ -1889,9 +1930,10 @@ impl Node {
        pubkey: &Pubkey,
        gossip_addr: &SocketAddr,
        port_range: PortRange,
+        bind_ip_addr: IpAddr,
    ) -> Node {
-        let mut new = Self::new_with_external_ip(pubkey, gossip_addr, port_range);
-        let (storage_port, storage_socket) = Self::bind(port_range);
+        let mut new = Self::new_with_external_ip(pubkey, gossip_addr, port_range, bind_ip_addr);
+        let (storage_port, storage_socket) = Self::bind(bind_ip_addr, port_range);

        new.info.storage_addr = SocketAddr::new(gossip_addr.ip(), storage_port);
        new.sockets.storage = Some(storage_socket);
@ -2025,6 +2067,7 @@ mod tests {
            &Pubkey::new_rand(),
            &socketaddr!(ip, 0),
            VALIDATOR_PORT_RANGE,
+            IpAddr::V4(ip),
        );

        check_node_sockets(&node, IpAddr::V4(ip), VALIDATOR_PORT_RANGE);
@ -2034,7 +2077,7 @@ mod tests {
    fn new_with_external_ip_test_gossip() {
        let ip = IpAddr::V4(Ipv4Addr::from(0));
        let port = {
-            bind_in_range(VALIDATOR_PORT_RANGE)
+            bind_in_range(ip, VALIDATOR_PORT_RANGE)
                .expect("Failed to bind")
                .0
        };
@ -2042,6 +2085,7 @@ mod tests {
            &Pubkey::new_rand(),
            &socketaddr!(0, port),
            VALIDATOR_PORT_RANGE,
+            ip,
        );

        check_node_sockets(&node, ip, VALIDATOR_PORT_RANGE);
@ -2056,6 +2100,7 @@ mod tests {
            &Pubkey::new_rand(),
            &socketaddr!(ip, 0),
            VALIDATOR_PORT_RANGE,
+            IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)),
        );

        let ip = IpAddr::V4(ip);
--- a/core/src/cluster_info_vote_listener.rs
+++ b/core/src/cluster_info_vote_listener.rs
@ -51,7 +51,8 @@ impl ClusterInfoVoteListener {
            if exit.load(Ordering::Relaxed) {
                return Ok(());
            }
-            if let Some(bank) = poh_recorder.lock().unwrap().bank() {
+            let poh_bank = poh_recorder.lock().unwrap().bank();
+            if let Some(bank) = poh_bank {
                let last_ts = bank.last_vote_sync.load(Ordering::Relaxed);
                let (votes, new_ts) = cluster_info.read().unwrap().get_votes(last_ts);
                bank.last_vote_sync
--- a/core/src/crds_value.rs
+++ b/core/src/crds_value.rs
@ -1,5 +1,6 @@
 use crate::contact_info::ContactInfo;
 use bincode::{serialize, serialized_size};
+use solana_sdk::timing::timestamp;
 use solana_sdk::{
    clock::Slot,
    hash::Hash,
@ -62,7 +63,8 @@ pub enum CrdsData {
    ContactInfo(ContactInfo),
    Vote(VoteIndex, Vote),
    EpochSlots(EpochSlotIndex, EpochSlots),
-    SnapshotHash(SnapshotHash),
+    SnapshotHashes(SnapshotHash),
+    AccountsHashes(SnapshotHash),
 }

 #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
@ -93,11 +95,11 @@ pub struct SnapshotHash {
 }

 impl SnapshotHash {
-    pub fn new(from: Pubkey, hashes: Vec<(Slot, Hash)>, wallclock: u64) -> Self {
+    pub fn new(from: Pubkey, hashes: Vec<(Slot, Hash)>) -> Self {
        Self {
            from,
            hashes,
-            wallclock,
+            wallclock: timestamp(),
        }
    }
 }
@ -156,7 +158,8 @@ pub enum CrdsValueLabel {
    ContactInfo(Pubkey),
    Vote(VoteIndex, Pubkey),
    EpochSlots(Pubkey),
-    SnapshotHash(Pubkey),
+    SnapshotHashes(Pubkey),
+    AccountsHashes(Pubkey),
 }

 impl fmt::Display for CrdsValueLabel {
@ -165,7 +168,8 @@ impl fmt::Display for CrdsValueLabel {
            CrdsValueLabel::ContactInfo(_) => write!(f, "ContactInfo({})", self.pubkey()),
            CrdsValueLabel::Vote(ix, _) => write!(f, "Vote({}, {})", ix, self.pubkey()),
            CrdsValueLabel::EpochSlots(_) => write!(f, "EpochSlots({})", self.pubkey()),
-            CrdsValueLabel::SnapshotHash(_) => write!(f, "SnapshotHash({})", self.pubkey()),
+            CrdsValueLabel::SnapshotHashes(_) => write!(f, "SnapshotHashes({})", self.pubkey()),
+            CrdsValueLabel::AccountsHashes(_) => write!(f, "AccountsHashes({})", self.pubkey()),
        }
    }
 }
@ -176,7 +180,8 @@ impl CrdsValueLabel {
            CrdsValueLabel::ContactInfo(p) => *p,
            CrdsValueLabel::Vote(_, p) => *p,
            CrdsValueLabel::EpochSlots(p) => *p,
-            CrdsValueLabel::SnapshotHash(p) => *p,
+            CrdsValueLabel::SnapshotHashes(p) => *p,
+            CrdsValueLabel::AccountsHashes(p) => *p,
        }
    }
 }
@ -202,7 +207,8 @@ impl CrdsValue {
            CrdsData::ContactInfo(contact_info) => contact_info.wallclock,
            CrdsData::Vote(_, vote) => vote.wallclock,
            CrdsData::EpochSlots(_, vote) => vote.wallclock,
-            CrdsData::SnapshotHash(hash) => hash.wallclock,
+            CrdsData::SnapshotHashes(hash) => hash.wallclock,
+            CrdsData::AccountsHashes(hash) => hash.wallclock,
        }
    }
    pub fn pubkey(&self) -> Pubkey {
@ -210,7 +216,8 @@ impl CrdsValue {
            CrdsData::ContactInfo(contact_info) => contact_info.id,
            CrdsData::Vote(_, vote) => vote.from,
            CrdsData::EpochSlots(_, slots) => slots.from,
-            CrdsData::SnapshotHash(hash) => hash.from,
+            CrdsData::SnapshotHashes(hash) => hash.from,
+            CrdsData::AccountsHashes(hash) => hash.from,
        }
    }
    pub fn label(&self) -> CrdsValueLabel {
@ -218,7 +225,8 @@ impl CrdsValue {
            CrdsData::ContactInfo(_) => CrdsValueLabel::ContactInfo(self.pubkey()),
            CrdsData::Vote(ix, _) => CrdsValueLabel::Vote(*ix, self.pubkey()),
            CrdsData::EpochSlots(_, _) => CrdsValueLabel::EpochSlots(self.pubkey()),
-            CrdsData::SnapshotHash(_) => CrdsValueLabel::SnapshotHash(self.pubkey()),
+            CrdsData::SnapshotHashes(_) => CrdsValueLabel::SnapshotHashes(self.pubkey()),
+            CrdsData::AccountsHashes(_) => CrdsValueLabel::AccountsHashes(self.pubkey()),
        }
    }
    pub fn contact_info(&self) -> Option<&ContactInfo> {
@ -250,7 +258,14 @@ impl CrdsValue {

    pub fn snapshot_hash(&self) -> Option<&SnapshotHash> {
        match &self.data {
-            CrdsData::SnapshotHash(slots) => Some(slots),
+            CrdsData::SnapshotHashes(slots) => Some(slots),
+            _ => None,
+        }
+    }
+
+    pub fn accounts_hash(&self) -> Option<&SnapshotHash> {
+        match &self.data {
+            CrdsData::AccountsHashes(slots) => Some(slots),
            _ => None,
        }
    }
@ -260,7 +275,8 @@ impl CrdsValue {
        let mut labels = vec![
            CrdsValueLabel::ContactInfo(*key),
            CrdsValueLabel::EpochSlots(*key),
-            CrdsValueLabel::SnapshotHash(*key),
+            CrdsValueLabel::SnapshotHashes(*key),
+            CrdsValueLabel::AccountsHashes(*key),
        ];
        labels.extend((0..MAX_VOTES).map(|ix| CrdsValueLabel::Vote(ix, *key)));
        labels
@ -310,14 +326,15 @@ mod test {

    #[test]
    fn test_labels() {
-        let mut hits = [false; 3 + MAX_VOTES as usize];
+        let mut hits = [false; 4 + MAX_VOTES as usize];
        // this method should cover all the possible labels
        for v in &CrdsValue::record_labels(&Pubkey::default()) {
            match v {
                CrdsValueLabel::ContactInfo(_) => hits[0] = true,
                CrdsValueLabel::EpochSlots(_) => hits[1] = true,
-                CrdsValueLabel::SnapshotHash(_) => hits[2] = true,
-                CrdsValueLabel::Vote(ix, _) => hits[*ix as usize + 3] = true,
+                CrdsValueLabel::SnapshotHashes(_) => hits[2] = true,
+                CrdsValueLabel::AccountsHashes(_) => hits[3] = true,
+                CrdsValueLabel::Vote(ix, _) => hits[*ix as usize + 4] = true,
            }
        }
        assert!(hits.iter().all(|x| *x));
--- a/core/src/gossip_service.rs
+++ b/core/src/gossip_service.rs
@ -9,7 +9,7 @@ use solana_ledger::bank_forks::BankForks;
 use solana_perf::recycler::Recycler;
 use solana_sdk::pubkey::Pubkey;
 use solana_sdk::signature::{Keypair, Signer};
-use std::net::{SocketAddr, TcpListener, UdpSocket};
+use std::net::{IpAddr, Ipv4Addr, SocketAddr, TcpListener, UdpSocket};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::mpsc::channel;
 use std::sync::{Arc, RwLock};
@ -163,7 +163,11 @@ pub fn get_multi_client(nodes: &[ContactInfo]) -> (ThinClient, usize) {
        .collect();
    let rpc_addrs: Vec<_> = addrs.iter().map(|addr| addr.0).collect();
    let tpu_addrs: Vec<_> = addrs.iter().map(|addr| addr.1).collect();
-    let (_, transactions_socket) = solana_net_utils::bind_in_range(VALIDATOR_PORT_RANGE).unwrap();
+    let (_, transactions_socket) = solana_net_utils::bind_in_range(
+        IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)),
+        VALIDATOR_PORT_RANGE,
+    )
+    .unwrap();
    let num_nodes = tpu_addrs.len();
    (
        ThinClient::new_from_addrs(rpc_addrs, tpu_addrs, transactions_socket),
--- a/core/src/lib.rs
+++ b/core/src/lib.rs
@ -5,6 +5,7 @@
 //! command-line tools to spin up validators and a Rust library
 //!

+pub mod accounts_hash_verifier;
 pub mod banking_stage;
 pub mod broadcast_stage;
 pub mod cluster_info_vote_listener;
--- a/core/src/local_vote_signer_service.rs
+++ b/core/src/local_vote_signer_service.rs
@ -15,9 +15,12 @@ pub struct LocalVoteSignerService {
 impl LocalVoteSignerService {
    #[allow(clippy::new_ret_no_self)]
    pub fn new(port_range: PortRange) -> (Self, SocketAddr) {
-        let addr = solana_net_utils::find_available_port_in_range(port_range)
-            .map(|port| SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), port))
-            .expect("Failed to find an available port for local vote signer service");
+        let ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
+        let addr = SocketAddr::new(
+            ip_addr,
+            solana_net_utils::find_available_port_in_range(ip_addr, port_range)
+                .expect("Failed to find an available port for local vote signer service"),
+        );
        let exit = Arc::new(AtomicBool::new(false));
        let thread_exit = exit.clone();
        let thread = Builder::new()
--- a/core/src/repair_service.rs
+++ b/core/src/repair_service.rs
@ -12,7 +12,8 @@ use solana_ledger::{
 use solana_sdk::clock::DEFAULT_SLOTS_PER_EPOCH;
 use solana_sdk::{clock::Slot, epoch_schedule::EpochSchedule, pubkey::Pubkey};
 use std::{
-    collections::BTreeSet,
+    collections::{BTreeSet, HashSet},
+    iter::Iterator,
    net::UdpSocket,
    ops::Bound::{Included, Unbounded},
    sync::atomic::{AtomicBool, Ordering},
@ -209,10 +210,8 @@ impl RepairService {
        // TODO: Incorporate gossip to determine priorities for repair?

        // Try to resolve orphans in blockstore
-        let mut orphans = blockstore.get_orphans(Some(MAX_ORPHANS));
-        orphans.retain(|x| *x > root);
-
-        Self::generate_repairs_for_orphans(&orphans[..], &mut repairs);
+        let orphans = blockstore.orphans_iterator(root + 1).unwrap();
+        Self::generate_repairs_for_orphans(orphans, &mut repairs);
        Ok(repairs)
    }

@ -240,8 +239,11 @@ impl RepairService {
        }
    }

-    fn generate_repairs_for_orphans(orphans: &[u64], repairs: &mut Vec<RepairType>) {
-        repairs.extend(orphans.iter().map(|h| RepairType::Orphan(*h)));
+    fn generate_repairs_for_orphans(
+        orphans: impl Iterator<Item = u64>,
+        repairs: &mut Vec<RepairType>,
+    ) {
+        repairs.extend(orphans.take(MAX_ORPHANS).map(RepairType::Orphan));
    }

    /// Repairs any fork starting at the input slot
@ -402,6 +404,20 @@ impl RepairService {
        }
    }

+    #[allow(dead_code)]
+    fn find_incomplete_slots(blockstore: &Blockstore, root: Slot) -> HashSet<Slot> {
+        blockstore
+            .live_slots_iterator(root)
+            .filter_map(|(slot, slot_meta)| {
+                if !slot_meta.is_full() {
+                    Some(slot)
+                } else {
+                    None
+                }
+            })
+            .collect()
+    }
+
    pub fn join(self) -> thread::Result<()> {
        self.t_repair.join()
    }
@ -914,4 +930,63 @@ mod test {
        );
        assert_eq!(stash.len(), 2);
    }
+
+    #[test]
+    fn test_find_incomplete_slots() {
+        let blockstore_path = get_tmp_ledger_path!();
+        {
+            let blockstore = Blockstore::open(&blockstore_path).unwrap();
+            let num_entries_per_slot = 100;
+            let (mut shreds, _) = make_slot_entries(0, 0, num_entries_per_slot);
+            assert!(shreds.len() > 1);
+            let (shreds4, _) = make_slot_entries(4, 0, num_entries_per_slot);
+            shreds.extend(shreds4);
+            blockstore.insert_shreds(shreds, None, false).unwrap();
+
+            // Nothing is incomplete
+            assert!(RepairService::find_incomplete_slots(&blockstore, 0).is_empty());
+
+            // Insert a slot 5 that chains to an incomplete orphan slot 3
+            let (shreds5, _) = make_slot_entries(5, 3, num_entries_per_slot);
+            blockstore.insert_shreds(shreds5, None, false).unwrap();
+            assert_eq!(
+                RepairService::find_incomplete_slots(&blockstore, 0),
+                vec![3].into_iter().collect()
+            );
+
+            // Insert another incomplete orphan slot 2 that is the parent of slot 3.
+            // Both should be incomplete
+            let (shreds3, _) = make_slot_entries(3, 2, num_entries_per_slot);
+            blockstore
+                .insert_shreds(shreds3[1..].to_vec(), None, false)
+                .unwrap();
+            assert_eq!(
+                RepairService::find_incomplete_slots(&blockstore, 0),
+                vec![2, 3].into_iter().collect()
+            );
+
+            // Insert a incomplete slot 6 that chains to the root 0,
+            // should also be incomplete
+            let (shreds6, _) = make_slot_entries(6, 0, num_entries_per_slot);
+            blockstore
+                .insert_shreds(shreds6[1..].to_vec(), None, false)
+                .unwrap();
+            assert_eq!(
+                RepairService::find_incomplete_slots(&blockstore, 0),
+                vec![2, 3, 6].into_iter().collect()
+            );
+
+            // Complete slot 3, should no longer be marked incomplete
+            blockstore
+                .insert_shreds(shreds3[..].to_vec(), None, false)
+                .unwrap();
+
+            assert_eq!(
+                RepairService::find_incomplete_slots(&blockstore, 0),
+                vec![2, 6].into_iter().collect()
+            );
+        }
+
+        Blockstore::destroy(&blockstore_path).expect("Expected successful database destruction");
+    }
 }
--- a/core/src/replay_stage.rs
+++ b/core/src/replay_stage.rs
@ -11,6 +11,7 @@ use crate::{
 };
 use solana_ledger::{
    bank_forks::BankForks,
+    block_error::BlockError,
    blockstore::Blockstore,
    blockstore_processor::{
        self, BlockstoreProcessorError, ConfirmationProgress, ConfirmationTiming,
@ -75,7 +76,7 @@ pub struct ReplayStageConfig {
    pub leader_schedule_cache: Arc<LeaderScheduleCache>,
    pub slot_full_senders: Vec<Sender<(u64, Pubkey)>>,
    pub latest_root_senders: Vec<Sender<Slot>>,
-    pub snapshot_package_sender: Option<SnapshotPackageSender>,
+    pub accounts_hash_sender: Option<SnapshotPackageSender>,
    pub block_commitment_cache: Arc<RwLock<BlockCommitmentCache>>,
    pub transaction_status_sender: Option<TransactionStatusSender>,
    pub rewards_recorder_sender: Option<RewardsRecorderSender>,
@ -178,7 +179,7 @@ impl ReplayStage {
            leader_schedule_cache,
            slot_full_senders,
            latest_root_senders,
-            snapshot_package_sender,
+            accounts_hash_sender,
            block_commitment_cache,
            transaction_status_sender,
            rewards_recorder_sender,
@ -333,7 +334,7 @@ impl ReplayStage {
                            &root_bank_sender,
                            total_staked,
                            &lockouts_sender,
-                            &snapshot_package_sender,
+                            &accounts_hash_sender,
                            &latest_root_senders,
                        )?;
                    }
@ -395,7 +396,8 @@ impl ReplayStage {
                            rewards_recorder_sender.clone(),
                        );

-                        if let Some(bank) = poh_recorder.lock().unwrap().bank() {
+                        let poh_bank = poh_recorder.lock().unwrap().bank();
+                        if let Some(bank) = poh_bank {
                            Self::log_leader_change(
                                &my_pubkey,
                                bank.slot(),
@ -566,11 +568,19 @@ impl ReplayStage {
            // errors related to the slot being purged
            let slot = bank.slot();
            warn!("Fatal replay error in slot: {}, err: {:?}", slot, err);
-            datapoint_error!(
-                "replay-stage-mark_dead_slot",
-                ("error", format!("error: {:?}", err), String),
-                ("slot", slot, i64)
-            );
+            if let BlockstoreProcessorError::InvalidBlock(BlockError::InvalidTickCount) = err {
+                datapoint_info!(
+                    "replay-stage-mark_dead_slot",
+                    ("error", format!("error: {:?}", err), String),
+                    ("slot", slot, i64)
+                );
+            } else {
+                datapoint_error!(
+                    "replay-stage-mark_dead_slot",
+                    ("error", format!("error: {:?}", err), String),
+                    ("slot", slot, i64)
+                );
+            }
            bank_progress.is_dead = true;
            blockstore
                .set_dead_slot(slot)
@ -595,7 +605,7 @@ impl ReplayStage {
        root_bank_sender: &Sender<Vec<Arc<Bank>>>,
        total_staked: u64,
        lockouts_sender: &Sender<CommitmentAggregationData>,
-        snapshot_package_sender: &Option<SnapshotPackageSender>,
+        accounts_hash_sender: &Option<SnapshotPackageSender>,
        latest_root_senders: &[Sender<Slot>],
    ) -> Result<()> {
        if bank.is_empty() {
@ -622,7 +632,7 @@ impl ReplayStage {
            blockstore
                .set_roots(&rooted_slots)
                .expect("Ledger set roots failed");
-            Self::handle_new_root(new_root, &bank_forks, progress, snapshot_package_sender);
+            Self::handle_new_root(new_root, &bank_forks, progress, accounts_hash_sender);
            latest_root_senders.iter().for_each(|s| {
                if let Err(e) = s.send(new_root) {
                    trace!("latest root send failed: {:?}", e);
@ -824,6 +834,7 @@ impl ReplayStage {
                stats.stake_lockouts = stake_lockouts;
                stats.block_height = bank.block_height();
                stats.computed = true;
+                new_stats.push(stats.slot);
            }
            stats.vote_threshold = tower.check_vote_stake_threshold(
                bank.slot(),
@ -833,7 +844,6 @@ impl ReplayStage {
            stats.is_locked_out = tower.is_locked_out(bank.slot(), &ancestors);
            stats.has_voted = tower.has_voted(bank.slot());
            stats.is_recent = tower.is_recent(bank.slot());
-            new_stats.push(stats.slot);
        }
        new_stats
    }
@ -949,12 +959,12 @@ impl ReplayStage {
        new_root: u64,
        bank_forks: &RwLock<BankForks>,
        progress: &mut HashMap<u64, ForkProgress>,
-        snapshot_package_sender: &Option<SnapshotPackageSender>,
+        accounts_hash_sender: &Option<SnapshotPackageSender>,
    ) {
        bank_forks
            .write()
            .unwrap()
-            .set_root(new_root, snapshot_package_sender);
+            .set_root(new_root, accounts_hash_sender);
        let r_bank_forks = bank_forks.read().unwrap();
        progress.retain(|k, _| r_bank_forks.get(*k).is_some());
    }
@ -964,6 +974,7 @@ impl ReplayStage {
        bank: Arc<Bank>,
        slot_full_senders: &[Sender<(u64, Pubkey)>],
    ) {
+        info!("bank frozen: {}", bank.slot());
        bank.freeze();
        slot_full_senders.iter().for_each(|sender| {
            if let Err(e) = sender.send((bank.slot(), *bank.collector_id())) {
@ -1057,7 +1068,6 @@ pub(crate) mod tests {
    use crossbeam_channel::unbounded;
    use solana_client::rpc_response::{RpcEncodedTransaction, RpcTransactionWithStatusMeta};
    use solana_ledger::{
-        block_error::BlockError,
        blockstore::make_slot_entries,
        blockstore::{entries_to_test_shreds, BlockstoreError},
        create_new_tmp_ledger,
@ -1080,7 +1090,10 @@ pub(crate) mod tests {
        transaction::TransactionError,
    };
    use solana_stake_program::stake_state;
-    use solana_vote_program::vote_state::{self, Vote, VoteState, VoteStateVersions};
+    use solana_vote_program::{
+        vote_state::{self, Vote, VoteState, VoteStateVersions},
+        vote_transaction,
+    };
    use std::{
        fs::remove_dir_all,
        iter,
@ -1909,6 +1922,119 @@ pub(crate) mod tests {
        Blockstore::destroy(&ledger_path).unwrap();
    }

+    #[test]
+    fn test_compute_bank_stats_confirmed() {
+        let node_keypair = Keypair::new();
+        let vote_keypair = Keypair::new();
+        let stake_keypair = Keypair::new();
+        let node_pubkey = node_keypair.pubkey();
+        let mut keypairs = HashMap::new();
+        keypairs.insert(
+            node_pubkey,
+            ValidatorVoteKeypairs::new(node_keypair, vote_keypair, stake_keypair),
+        );
+
+        let (bank_forks, mut progress) = initialize_state(&keypairs);
+        let bank0 = bank_forks.get(0).unwrap().clone();
+        let my_keypairs = keypairs.get(&node_pubkey).unwrap();
+        let vote_tx = vote_transaction::new_vote_transaction(
+            vec![0],
+            bank0.hash(),
+            bank0.last_blockhash(),
+            &my_keypairs.node_keypair,
+            &my_keypairs.vote_keypair,
+            &my_keypairs.vote_keypair,
+        );
+
+        let bank_forks = RwLock::new(bank_forks);
+        let bank1 = Bank::new_from_parent(&bank0, &node_pubkey, 1);
+        bank1.process_transaction(&vote_tx).unwrap();
+        bank1.freeze();
+
+        // Test confirmations
+        let ancestors = bank_forks.read().unwrap().ancestors();
+        let mut frozen_banks: Vec<_> = bank_forks
+            .read()
+            .unwrap()
+            .frozen_banks()
+            .values()
+            .cloned()
+            .collect();
+        let tower = Tower::new_for_tests(0, 0.67);
+        let newly_computed = ReplayStage::compute_bank_stats(
+            &node_pubkey,
+            &ancestors,
+            &mut frozen_banks,
+            &tower,
+            &mut progress,
+        );
+        assert_eq!(newly_computed, vec![0]);
+        // The only vote is in bank 1, and bank_forks does not currently contain
+        // bank 1, so no slot should be confirmed.
+        {
+            let fork_progress = progress.get(&0).unwrap();
+            let confirmed_forks = ReplayStage::confirm_forks(
+                &tower,
+                &fork_progress.fork_stats.stake_lockouts,
+                fork_progress.fork_stats.total_staked,
+                &progress,
+                &bank_forks,
+            );
+
+            assert!(confirmed_forks.is_empty())
+        }
+
+        // Insert the bank that contains a vote for slot 0, which confirms slot 0
+        bank_forks.write().unwrap().insert(bank1);
+        progress.insert(1, ForkProgress::new(bank0.last_blockhash()));
+        let ancestors = bank_forks.read().unwrap().ancestors();
+        let mut frozen_banks: Vec<_> = bank_forks
+            .read()
+            .unwrap()
+            .frozen_banks()
+            .values()
+            .cloned()
+            .collect();
+        let newly_computed = ReplayStage::compute_bank_stats(
+            &node_pubkey,
+            &ancestors,
+            &mut frozen_banks,
+            &tower,
+            &mut progress,
+        );
+
+        assert_eq!(newly_computed, vec![1]);
+        {
+            let fork_progress = progress.get(&1).unwrap();
+            let confirmed_forks = ReplayStage::confirm_forks(
+                &tower,
+                &fork_progress.fork_stats.stake_lockouts,
+                fork_progress.fork_stats.total_staked,
+                &progress,
+                &bank_forks,
+            );
+            assert_eq!(confirmed_forks, vec![0]);
+        }
+
+        let ancestors = bank_forks.read().unwrap().ancestors();
+        let mut frozen_banks: Vec<_> = bank_forks
+            .read()
+            .unwrap()
+            .frozen_banks()
+            .values()
+            .cloned()
+            .collect();
+        let newly_computed = ReplayStage::compute_bank_stats(
+            &node_pubkey,
+            &ancestors,
+            &mut frozen_banks,
+            &tower,
+            &mut progress,
+        );
+        // No new stats should have been computed
+        assert!(newly_computed.is_empty());
+    }
+
    #[test]
    fn test_child_bank_heavier() {
        let node_keypair = Keypair::new();
--- a/core/src/retransmit_stage.rs
+++ b/core/src/retransmit_stage.rs
@ -284,6 +284,7 @@ mod tests {
    use solana_ledger::create_new_tmp_ledger;
    use solana_net_utils::find_available_port_in_range;
    use solana_sdk::pubkey::Pubkey;
+    use std::net::{IpAddr, Ipv4Addr};

    #[test]
    fn test_skip_repair() {
@ -300,11 +301,12 @@ mod tests {
        let bank_forks = Arc::new(RwLock::new(bank_forks));

        let mut me = ContactInfo::new_localhost(&Pubkey::new_rand(), 0);
-        let port = find_available_port_in_range((8000, 10000)).unwrap();
+        let ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
+        let port = find_available_port_in_range(ip_addr, (8000, 10000)).unwrap();
        let me_retransmit = UdpSocket::bind(format!("127.0.0.1:{}", port)).unwrap();
        // need to make sure tvu and tpu are valid addresses
        me.tvu_forwards = me_retransmit.local_addr().unwrap();
-        let port = find_available_port_in_range((8000, 10000)).unwrap();
+        let port = find_available_port_in_range(ip_addr, (8000, 10000)).unwrap();
        me.tvu = UdpSocket::bind(format!("127.0.0.1:{}", port))
            .unwrap()
            .local_addr()
--- a/core/src/rpc.rs
+++ b/core/src/rpc.rs
@ -9,9 +9,10 @@ use jsonrpc_core::{Error, Metadata, Result};
 use jsonrpc_derive::rpc;
 use solana_client::rpc_response::{
    Response, RpcAccount, RpcBlockCommitment, RpcBlockhashFeeCalculator, RpcConfirmedBlock,
-    RpcContactInfo, RpcEpochInfo, RpcKeyedAccount, RpcLeaderSchedule, RpcResponseContext,
-    RpcSignatureConfirmation, RpcStorageTurn, RpcTransactionEncoding, RpcVersionInfo,
-    RpcVoteAccountInfo, RpcVoteAccountStatus,
+    RpcContactInfo, RpcEpochInfo, RpcFeeCalculator, RpcFeeRateGovernor, RpcIdentity,
+    RpcKeyedAccount, RpcLeaderSchedule, RpcResponseContext, RpcSignatureConfirmation,
+    RpcStorageTurn, RpcTransactionEncoding, RpcVersionInfo, RpcVoteAccountInfo,
+    RpcVoteAccountStatus,
 };
 use solana_faucet::faucet::request_airdrop_transaction;
 use solana_ledger::{
@ -33,6 +34,7 @@ use solana_vote_program::vote_state::{VoteState, MAX_LOCKOUT_HISTORY};
 use std::{
    collections::HashMap,
    net::{SocketAddr, UdpSocket},
+    str::FromStr,
    sync::{Arc, RwLock},
    thread::sleep,
    time::{Duration, Instant},
@ -48,7 +50,9 @@ fn new_response<T>(bank: &Bank, value: T) -> RpcResponse<T> {
 #[derive(Debug, Default, Clone)]
 pub struct JsonRpcConfig {
    pub enable_validator_exit: bool,
+    pub enable_set_log_filter: bool,
    pub enable_get_confirmed_block: bool,
+    pub identity_pubkey: Pubkey,
    pub faucet_addr: Option<SocketAddr>,
 }

@ -164,6 +168,29 @@ impl JsonRpcRequestProcessor {
        )
    }

+    fn get_fee_calculator_for_blockhash(
+        &self,
+        blockhash: &Hash,
+    ) -> RpcResponse<Option<RpcFeeCalculator>> {
+        let bank = &*self.bank(None);
+        let fee_calculator = bank.get_fee_calculator(blockhash);
+        new_response(
+            bank,
+            fee_calculator.map(|fee_calculator| RpcFeeCalculator { fee_calculator }),
+        )
+    }
+
+    fn get_fee_rate_governor(&self) -> RpcResponse<RpcFeeRateGovernor> {
+        let bank = &*self.bank(None);
+        let fee_rate_governor = bank.get_fee_rate_governor();
+        new_response(
+            bank,
+            RpcFeeRateGovernor {
+                fee_rate_governor: fee_rate_governor.clone(),
+            },
+        )
+    }
+
    pub fn confirm_transaction(
        &self,
        signature: Result<Signature>,
@ -313,6 +340,13 @@ impl JsonRpcRequestProcessor {
        Ok(pubkeys)
    }

+    pub fn set_log_filter(&self, filter: String) -> Result<()> {
+        if self.config.enable_set_log_filter {
+            solana_logger::setup_with(&filter);
+        }
+        Ok(())
+    }
+
    pub fn validator_exit(&self) -> Result<bool> {
        if self.config.enable_validator_exit {
            warn!("validator_exit request...");
@ -491,6 +525,16 @@ pub trait RpcSol {
        commitment: Option<CommitmentConfig>,
    ) -> RpcResponse<RpcBlockhashFeeCalculator>;

+    #[rpc(meta, name = "getFeeCalculatorForBlockhash")]
+    fn get_fee_calculator_for_blockhash(
+        &self,
+        meta: Self::Metadata,
+        blockhash: String,
+    ) -> RpcResponse<Option<RpcFeeCalculator>>;
+
+    #[rpc(meta, name = "getFeeRateGovernor")]
+    fn get_fee_rate_governor(&self, meta: Self::Metadata) -> RpcResponse<RpcFeeRateGovernor>;
+
    #[rpc(meta, name = "getSignatureStatus")]
    fn get_signature_status(
        &self,
@ -580,6 +624,9 @@ pub trait RpcSol {
        commitment: Option<CommitmentConfig>,
    ) -> Result<Option<RpcSignatureConfirmation>>;

+    #[rpc(meta, name = "getIdentity")]
+    fn get_identity(&self, meta: Self::Metadata) -> Result<RpcIdentity>;
+
    #[rpc(meta, name = "getVersion")]
    fn get_version(&self, meta: Self::Metadata) -> Result<RpcVersionInfo>;

@ -813,6 +860,28 @@ impl RpcSol for RpcSolImpl {
            .get_recent_blockhash(commitment)
    }

+    fn get_fee_calculator_for_blockhash(
+        &self,
+        meta: Self::Metadata,
+        blockhash: String,
+    ) -> RpcResponse<Option<RpcFeeCalculator>> {
+        debug!("get_fee_calculator_for_blockhash rpc request received");
+        let blockhash =
+            Hash::from_str(&blockhash).map_err(|e| Error::invalid_params(format!("{:?}", e)))?;
+        meta.request_processor
+            .read()
+            .unwrap()
+            .get_fee_calculator_for_blockhash(&blockhash)
+    }
+
+    fn get_fee_rate_governor(&self, meta: Self::Metadata) -> RpcResponse<RpcFeeRateGovernor> {
+        debug!("get_fee_rate_governor rpc request received");
+        meta.request_processor
+            .read()
+            .unwrap()
+            .get_fee_rate_governor()
+    }
+
    fn get_signature_status(
        &self,
        meta: Self::Metadata,
@ -1054,15 +1123,29 @@ impl RpcSol for RpcSolImpl {
        meta.request_processor.read().unwrap().validator_exit()
    }

+    fn get_identity(&self, meta: Self::Metadata) -> Result<RpcIdentity> {
+        Ok(RpcIdentity {
+            identity: meta
+                .request_processor
+                .read()
+                .unwrap()
+                .config
+                .identity_pubkey
+                .to_string(),
+        })
+    }
+
    fn get_version(&self, _: Self::Metadata) -> Result<RpcVersionInfo> {
        Ok(RpcVersionInfo {
            solana_core: solana_clap_utils::version!().to_string(),
        })
    }

-    fn set_log_filter(&self, _meta: Self::Metadata, filter: String) -> Result<()> {
-        solana_logger::setup_with(&filter);
-        Ok(())
+    fn set_log_filter(&self, meta: Self::Metadata, filter: String) -> Result<()> {
+        meta.request_processor
+            .read()
+            .unwrap()
+            .set_log_filter(filter)
    }

    fn get_confirmed_block(
@ -1247,6 +1330,7 @@ pub mod tests {
        let request_processor = Arc::new(RwLock::new(JsonRpcRequestProcessor::new(
            JsonRpcConfig {
                enable_get_confirmed_block: true,
+                identity_pubkey: *pubkey,
                ..JsonRpcConfig::default()
            },
            bank_forks.clone(),
@ -1770,8 +1854,80 @@ pub mod tests {
            "value":{
                "blockhash": blockhash.to_string(),
                "feeCalculator": {
-                    "burnPercent": DEFAULT_BURN_PERCENT,
                    "lamportsPerSignature": 0,
+                }
+            }},
+            "id": 1
+        });
+        let expected: Response =
+            serde_json::from_value(expected).expect("expected response deserialization");
+        let result: Response = serde_json::from_str(&res.expect("actual response"))
+            .expect("actual response deserialization");
+        assert_eq!(expected, result);
+    }
+
+    #[test]
+    fn test_rpc_get_fee_calculator_for_blockhash() {
+        let bob_pubkey = Pubkey::new_rand();
+        let RpcHandler { io, meta, bank, .. } = start_rpc_handler_with_tx(&bob_pubkey);
+
+        let (blockhash, fee_calculator) = bank.last_blockhash_with_fee_calculator();
+        let fee_calculator = RpcFeeCalculator { fee_calculator };
+
+        let req = format!(
+            r#"{{"jsonrpc":"2.0","id":1,"method":"getFeeCalculatorForBlockhash","params":["{:?}"]}}"#,
+            blockhash
+        );
+        let res = io.handle_request_sync(&req, meta.clone());
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "result": {
+                "context":{"slot":0},
+                "value":fee_calculator,
+            },
+            "id": 1
+        });
+        let expected: Response =
+            serde_json::from_value(expected).expect("expected response deserialization");
+        let result: Response = serde_json::from_str(&res.expect("actual response"))
+            .expect("actual response deserialization");
+        assert_eq!(expected, result);
+
+        // Expired (non-existent) blockhash
+        let req = format!(
+            r#"{{"jsonrpc":"2.0","id":1,"method":"getFeeCalculatorForBlockhash","params":["{:?}"]}}"#,
+            Hash::default()
+        );
+        let res = io.handle_request_sync(&req, meta.clone());
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "result": {
+                "context":{"slot":0},
+                "value":Value::Null,
+            },
+            "id": 1
+        });
+        let expected: Response =
+            serde_json::from_value(expected).expect("expected response deserialization");
+        let result: Response = serde_json::from_str(&res.expect("actual response"))
+            .expect("actual response deserialization");
+        assert_eq!(expected, result);
+    }
+
+    #[test]
+    fn test_rpc_get_fee_rate_governor() {
+        let bob_pubkey = Pubkey::new_rand();
+        let RpcHandler { io, meta, .. } = start_rpc_handler_with_tx(&bob_pubkey);
+
+        let req = format!(r#"{{"jsonrpc":"2.0","id":1,"method":"getFeeRateGovernor"}}"#);
+        let res = io.handle_request_sync(&req, meta);
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "result": {
+            "context":{"slot":0},
+            "value":{
+                "feeRateGovernor": {
+                    "burnPercent": DEFAULT_BURN_PERCENT,
                    "maxLamportsPerSignature": 0,
                    "minLamportsPerSignature": 0,
                    "targetLamportsPerSignature": 0,
@ -1950,6 +2106,27 @@ pub mod tests {
        assert_eq!(exit.load(Ordering::Relaxed), true);
    }

+    #[test]
+    fn test_rpc_get_identity() {
+        let bob_pubkey = Pubkey::new_rand();
+        let RpcHandler { io, meta, .. } = start_rpc_handler_with_tx(&bob_pubkey);
+
+        let req = format!(r#"{{"jsonrpc":"2.0","id":1,"method":"getIdentity"}}"#);
+        let res = io.handle_request_sync(&req, meta);
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "result": {
+                "identity": bob_pubkey.to_string()
+            },
+            "id": 1
+        });
+        let expected: Response =
+            serde_json::from_value(expected).expect("expected response deserialization");
+        let result: Response = serde_json::from_str(&res.expect("actual response"))
+            .expect("actual response deserialization");
+        assert_eq!(expected, result);
+    }
+
    #[test]
    fn test_rpc_get_version() {
        let bob_pubkey = Pubkey::new_rand();
--- a/core/src/rpc_service.rs
+++ b/core/src/rpc_service.rs
@ -262,9 +262,10 @@ mod tests {
        let cluster_info = Arc::new(RwLock::new(ClusterInfo::new_with_invalid_keypair(
            ContactInfo::default(),
        )));
+        let ip_addr = IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0));
        let rpc_addr = SocketAddr::new(
-            IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)),
-            solana_net_utils::find_available_port_in_range((10000, 65535)).unwrap(),
+            ip_addr,
+            solana_net_utils::find_available_port_in_range(ip_addr, (10000, 65535)).unwrap(),
        );
        let bank_forks = Arc::new(RwLock::new(BankForks::new(bank.slot(), bank)));
        let block_commitment_cache = Arc::new(RwLock::new(BlockCommitmentCache::default()));
--- a/core/src/snapshot_packager_service.rs
+++ b/core/src/snapshot_packager_service.rs
@ -1,7 +1,6 @@
 use crate::cluster_info::{ClusterInfo, MAX_SNAPSHOT_HASHES};
-use solana_ledger::{
-    snapshot_package::SnapshotPackageReceiver, snapshot_utils::archive_snapshot_package,
-};
+use solana_ledger::{snapshot_package::SnapshotPackageReceiver, snapshot_utils};
+use solana_sdk::{clock::Slot, hash::Hash};
 use std::{
    sync::{
        atomic::{AtomicBool, Ordering},
@ -19,15 +18,24 @@ pub struct SnapshotPackagerService {
 impl SnapshotPackagerService {
    pub fn new(
        snapshot_package_receiver: SnapshotPackageReceiver,
+        starting_snapshot_hash: Option<(Slot, Hash)>,
        exit: &Arc<AtomicBool>,
        cluster_info: &Arc<RwLock<ClusterInfo>>,
    ) -> Self {
        let exit = exit.clone();
        let cluster_info = cluster_info.clone();
+
        let t_snapshot_packager = Builder::new()
            .name("solana-snapshot-packager".to_string())
            .spawn(move || {
                let mut hashes = vec![];
+                if let Some(starting_snapshot_hash) = starting_snapshot_hash {
+                    hashes.push(starting_snapshot_hash);
+                }
+                cluster_info
+                    .write()
+                    .unwrap()
+                    .push_snapshot_hashes(hashes.clone());
                loop {
                    if exit.load(Ordering::Relaxed) {
                        break;
@ -35,24 +43,26 @@ impl SnapshotPackagerService {

                    match snapshot_package_receiver.recv_timeout(Duration::from_secs(1)) {
                        Ok(mut snapshot_package) => {
-                            hashes.push((snapshot_package.root, snapshot_package.hash));
                            // Only package the latest
                            while let Ok(new_snapshot_package) =
                                snapshot_package_receiver.try_recv()
                            {
                                snapshot_package = new_snapshot_package;
-                                hashes.push((snapshot_package.root, snapshot_package.hash));
                            }
-                            if let Err(err) = archive_snapshot_package(&snapshot_package) {
+                            if let Err(err) =
+                                snapshot_utils::archive_snapshot_package(&snapshot_package)
+                            {
                                warn!("Failed to create snapshot archive: {}", err);
+                            } else {
+                                hashes.push((snapshot_package.root, snapshot_package.hash));
+                                while hashes.len() > MAX_SNAPSHOT_HASHES {
+                                    hashes.remove(0);
+                                }
+                                cluster_info
+                                    .write()
+                                    .unwrap()
+                                    .push_snapshot_hashes(hashes.clone());
                            }
-                            while hashes.len() > MAX_SNAPSHOT_HASHES {
-                                hashes.remove(0);
-                            }
-                            cluster_info
-                                .write()
-                                .unwrap()
-                                .push_snapshot_hashes(hashes.clone());
                        }
                        Err(RecvTimeoutError::Disconnected) => break,
                        Err(RecvTimeoutError::Timeout) => (),
--- a/core/src/storage_stage.rs
+++ b/core/src/storage_stage.rs
@ -312,7 +312,7 @@ impl StorageStage {
        }

        let signer_keys = vec![keypair.as_ref(), storage_keypair.as_ref()];
-        let message = Message::new_with_payer(vec![instruction], Some(&signer_keys[0].pubkey()));
+        let message = Message::new_with_payer(&[instruction], Some(&signer_keys[0].pubkey()));
        let transaction = Transaction::new(&signer_keys, message, blockhash);
        // try sending the transaction upto 5 times
        for _ in 0..5 {
--- a/core/src/streamer.rs
+++ b/core/src/streamer.rs
@ -133,7 +133,7 @@ pub fn responder(name: &'static str, sock: Arc<UdpSocket>, r: PacketReceiver) ->
                match e {
                    StreamerError::RecvTimeoutError(RecvTimeoutError::Disconnected) => break,
                    StreamerError::RecvTimeoutError(RecvTimeoutError::Timeout) => (),
-                    _ => warn!("{} responder error: {:?}", name, e),
+                    _ => info!("{} responder error: {:?}", name, e),
                }
            }
        })
--- a/core/src/transaction_status_service.rs
+++ b/core/src/transaction_status_service.rs
@ -1,7 +1,10 @@
 use crossbeam_channel::{Receiver, RecvTimeoutError};
 use solana_client::rpc_response::RpcTransactionStatus;
 use solana_ledger::{blockstore::Blockstore, blockstore_processor::TransactionStatusBatch};
-use solana_runtime::bank::{Bank, HashAgeKind};
+use solana_runtime::{
+    bank::{Bank, HashAgeKind},
+    nonce_utils,
+};
 use std::{
    sync::{
        atomic::{AtomicBool, Ordering},
@ -59,14 +62,13 @@ impl TransactionStatusService {
            .zip(balances.post_balances)
        {
            if Bank::can_commit(&status) && !transaction.signatures.is_empty() {
-                let fee_hash = if let Some(HashAgeKind::DurableNonce(_, _)) = hash_age_kind {
-                    bank.last_blockhash()
-                } else {
-                    transaction.message().recent_blockhash
-                };
-                let fee_calculator = bank
-                    .get_fee_calculator(&fee_hash)
-                    .expect("FeeCalculator must exist");
+                let fee_calculator = match hash_age_kind {
+                    Some(HashAgeKind::DurableNonce(_, account)) => {
+                        nonce_utils::fee_calculator_of(&account)
+                    }
+                    _ => bank.get_fee_calculator(&transaction.message().recent_blockhash),
+                }
+                .expect("FeeCalculator must exist");
                let fee = fee_calculator.calculate_fee(transaction.message());
                blockstore
                    .write_transaction_status(
--- a/core/src/tvu.rs
+++ b/core/src/tvu.rs
@ -2,6 +2,7 @@
 //! validation pipeline in software.

 use crate::{
+    accounts_hash_verifier::AccountsHashVerifier,
    blockstream_service::BlockstreamService,
    cluster_info::ClusterInfo,
    commitment::BlockCommitmentCache,
@ -14,7 +15,6 @@ use crate::{
    shred_fetch_stage::ShredFetchStage,
    sigverify_shreds::ShredSigVerifier,
    sigverify_stage::{DisabledSigVerifier, SigVerifyStage},
-    snapshot_packager_service::SnapshotPackagerService,
    storage_stage::{StorageStage, StorageState},
 };
 use crossbeam_channel::unbounded;
@ -23,11 +23,13 @@ use solana_ledger::{
    bank_forks::BankForks,
    blockstore::{Blockstore, CompletedSlotsReceiver},
    blockstore_processor::TransactionStatusSender,
+    snapshot_package::SnapshotPackageSender,
 };
 use solana_sdk::{
    pubkey::Pubkey,
    signature::{Keypair, Signer},
 };
+use std::collections::HashSet;
 use std::{
    net::UdpSocket,
    path::PathBuf,
@ -47,7 +49,7 @@ pub struct Tvu {
    blockstream_service: Option<BlockstreamService>,
    ledger_cleanup_service: Option<LedgerCleanupService>,
    storage_stage: StorageStage,
-    snapshot_packager_service: Option<SnapshotPackagerService>,
+    accounts_hash_verifier: AccountsHashVerifier,
 }

 pub struct Sockets {
@ -57,6 +59,16 @@ pub struct Sockets {
    pub forwards: Vec<UdpSocket>,
 }

+#[derive(Default)]
+pub struct TvuConfig {
+    pub max_ledger_slots: Option<u64>,
+    pub sigverify_disabled: bool,
+    pub shred_version: u16,
+    pub halt_on_trusted_validators_accounts_hash_mismatch: bool,
+    pub trusted_validators: Option<HashSet<Pubkey>>,
+    pub accounts_hash_fault_injection_slots: u64,
+}
+
 impl Tvu {
    /// This service receives messages from a leader in the network and processes the transactions
    /// on the bank state.
@ -75,7 +87,6 @@ impl Tvu {
        blockstore: Arc<Blockstore>,
        storage_state: &StorageState,
        blockstream_unix_socket: Option<&PathBuf>,
-        max_ledger_slots: Option<u64>,
        ledger_signal_receiver: Receiver<bool>,
        subscriptions: &Arc<RpcSubscriptions>,
        poh_recorder: &Arc<Mutex<PohRecorder>>,
@ -83,11 +94,11 @@ impl Tvu {
        exit: &Arc<AtomicBool>,
        completed_slots_receiver: CompletedSlotsReceiver,
        block_commitment_cache: Arc<RwLock<BlockCommitmentCache>>,
-        sigverify_disabled: bool,
        cfg: Option<Arc<AtomicBool>>,
-        shred_version: u16,
        transaction_status_sender: Option<TransactionStatusSender>,
        rewards_recorder_sender: Option<RewardsRecorderSender>,
+        snapshot_package_sender: Option<SnapshotPackageSender>,
+        tvu_config: TvuConfig,
    ) -> Self {
        let keypair: Arc<Keypair> = cluster_info
            .read()
@ -117,7 +128,7 @@ impl Tvu {
        );

        let (verified_sender, verified_receiver) = unbounded();
-        let sigverify_stage = if !sigverify_disabled {
+        let sigverify_stage = if !tvu_config.sigverify_disabled {
            SigVerifyStage::new(
                fetch_receiver,
                verified_sender,
@ -143,23 +154,22 @@ impl Tvu {
            completed_slots_receiver,
            *bank_forks.read().unwrap().working_bank().epoch_schedule(),
            cfg,
-            shred_version,
+            tvu_config.shred_version,
        );

        let (blockstream_slot_sender, blockstream_slot_receiver) = channel();
        let (ledger_cleanup_slot_sender, ledger_cleanup_slot_receiver) = channel();
-        let (snapshot_packager_service, snapshot_package_sender) = {
-            let snapshot_config = { bank_forks.read().unwrap().snapshot_config().clone() };
-            if snapshot_config.is_some() {
-                // Start a snapshot packaging service
-                let (sender, receiver) = channel();
-                let snapshot_packager_service =
-                    SnapshotPackagerService::new(receiver, exit, &cluster_info.clone());
-                (Some(snapshot_packager_service), Some(sender))
-            } else {
-                (None, None)
-            }
-        };
+
+        let (accounts_hash_sender, accounts_hash_receiver) = channel();
+        let accounts_hash_verifier = AccountsHashVerifier::new(
+            accounts_hash_receiver,
+            snapshot_package_sender,
+            exit,
+            cluster_info,
+            tvu_config.trusted_validators.clone(),
+            tvu_config.halt_on_trusted_validators_accounts_hash_mismatch,
+            tvu_config.accounts_hash_fault_injection_slots,
+        );

        let replay_stage_config = ReplayStageConfig {
            my_pubkey: keypair.pubkey(),
@ -170,7 +180,7 @@ impl Tvu {
            leader_schedule_cache: leader_schedule_cache.clone(),
            slot_full_senders: vec![blockstream_slot_sender],
            latest_root_senders: vec![ledger_cleanup_slot_sender],
-            snapshot_package_sender,
+            accounts_hash_sender: Some(accounts_hash_sender),
            block_commitment_cache,
            transaction_status_sender,
            rewards_recorder_sender,
@ -197,7 +207,7 @@ impl Tvu {
            None
        };

-        let ledger_cleanup_service = max_ledger_slots.map(|max_ledger_slots| {
+        let ledger_cleanup_service = tvu_config.max_ledger_slots.map(|max_ledger_slots| {
            LedgerCleanupService::new(
                ledger_cleanup_slot_receiver,
                blockstore.clone(),
@ -225,7 +235,7 @@ impl Tvu {
            blockstream_service,
            ledger_cleanup_service,
            storage_stage,
-            snapshot_packager_service,
+            accounts_hash_verifier,
        }
    }

@ -241,9 +251,7 @@ impl Tvu {
            self.ledger_cleanup_service.unwrap().join()?;
        }
        self.replay_stage.join()?;
-        if let Some(s) = self.snapshot_packager_service {
-            s.join()?;
-        }
+        self.accounts_hash_verifier.join()?;
        Ok(())
    }
 }
@ -304,7 +312,6 @@ pub mod tests {
            blockstore,
            &StorageState::default(),
            None,
-            None,
            l_receiver,
            &Arc::new(RpcSubscriptions::new(&exit)),
            &poh_recorder,
@ -312,11 +319,11 @@ pub mod tests {
            &exit,
            completed_slots_receiver,
            block_commitment_cache,
-            false,
-            None,
-            0,
            None,
            None,
+            None,
+            None,
+            TvuConfig::default(),
        );
        exit.store(true, Ordering::Relaxed);
        tvu.join().unwrap();
--- a/core/src/validator.rs
+++ b/core/src/validator.rs
@ -16,10 +16,11 @@ use crate::{
    serve_repair::ServeRepair,
    serve_repair_service::ServeRepairService,
    sigverify,
+    snapshot_packager_service::SnapshotPackagerService,
    storage_stage::StorageState,
    tpu::Tpu,
    transaction_status_service::TransactionStatusService,
-    tvu::{Sockets, Tvu},
+    tvu::{Sockets, Tvu, TvuConfig},
 };
 use crossbeam_channel::unbounded;
 use solana_ledger::{
@ -50,7 +51,7 @@ use std::{
    process,
    sync::atomic::{AtomicBool, Ordering},
    sync::mpsc::Receiver,
-    sync::{Arc, Mutex, RwLock},
+    sync::{mpsc::channel, Arc, Mutex, RwLock},
    thread::{sleep, Result},
    time::Duration,
 };
@ -72,9 +73,11 @@ pub struct ValidatorConfig {
    pub broadcast_stage_type: BroadcastStageType,
    pub enable_partition: Option<Arc<AtomicBool>>,
    pub fixed_leader_schedule: Option<FixedSchedule>,
-    pub wait_for_supermajority: bool,
+    pub wait_for_supermajority: Option<Slot>,
    pub new_hard_forks: Option<Vec<Slot>>,
    pub trusted_validators: Option<HashSet<Pubkey>>, // None = trust all
+    pub halt_on_trusted_validators_accounts_hash_mismatch: bool,
+    pub accounts_hash_fault_injection_slots: u64, // 0 = no fault injection
 }

 impl Default for ValidatorConfig {
@ -95,9 +98,11 @@ impl Default for ValidatorConfig {
            broadcast_stage_type: BroadcastStageType::Standard,
            enable_partition: None,
            fixed_leader_schedule: None,
-            wait_for_supermajority: false,
+            wait_for_supermajority: None,
            new_hard_forks: None,
            trusted_validators: None,
+            halt_on_trusted_validators_accounts_hash_mismatch: false,
+            accounts_hash_fault_injection_slots: 0,
        }
    }
 }
@ -127,6 +132,7 @@ pub struct Validator {
    rewards_recorder_service: Option<RewardsRecorderService>,
    gossip_service: GossipService,
    serve_repair_service: ServeRepairService,
+    snapshot_packager_service: Option<SnapshotPackagerService>,
    poh_recorder: Arc<Mutex<PohRecorder>>,
    poh_service: PohService,
    tpu: Tpu,
@ -141,7 +147,7 @@ impl Validator {
        keypair: &Arc<Keypair>,
        ledger_path: &Path,
        vote_account: &Pubkey,
-        voting_keypair: &Arc<Keypair>,
+        authorized_voter: &Arc<Keypair>,
        storage_keypair: &Arc<Keypair>,
        entrypoint_info_option: Option<&ContactInfo>,
        poh_verify: bool,
@ -150,8 +156,9 @@ impl Validator {
        let id = keypair.pubkey();
        assert_eq!(id, node.info.id);

-        warn!("identity pubkey: {:?}", id);
-        warn!("vote pubkey: {:?}", vote_account);
+        warn!("identity: {}", id);
+        warn!("vote account: {}", vote_account);
+        warn!("authorized voter: {}", authorized_voter.pubkey());
        report_target_features();

        info!("entrypoint: {:?}", entrypoint_info_option);
@ -355,48 +362,19 @@ impl Validator {
                .set_entrypoint(entrypoint_info.clone());
        }

-        if let Some(snapshot_hash) = snapshot_hash {
-            if let Some(ref trusted_validators) = config.trusted_validators {
-                let mut trusted = false;
-                for _ in 0..10 {
-                    trusted = cluster_info
-                        .read()
-                        .unwrap()
-                        .get_snapshot_hash(snapshot_hash.0)
-                        .iter()
-                        .any(|(pubkey, hash)| {
-                            trusted_validators.contains(pubkey) && snapshot_hash.1 == *hash
-                        });
-                    if trusted {
-                        break;
-                    }
-                    sleep(Duration::from_secs(1));
-                }
-
-                if !trusted {
-                    error!(
-                        "The snapshot hash for slot {} is not published by your trusted validators: {:?}",
-                        snapshot_hash.0, trusted_validators
-                    );
-                    process::exit(1);
-                }
-            }
-
-            // If the node was loaded from a snapshot, advertise it in gossip
-            cluster_info
-                .write()
-                .unwrap()
-                .push_snapshot_hashes(vec![snapshot_hash]);
-        }
+        let (snapshot_packager_service, snapshot_package_sender) =
+            if config.snapshot_config.is_some() {
+                // Start a snapshot packaging service
+                let (sender, receiver) = channel();
+                let snapshot_packager_service =
+                    SnapshotPackagerService::new(receiver, snapshot_hash, &exit, &cluster_info);
+                (Some(snapshot_packager_service), Some(sender))
+            } else {
+                (None, None)
+            };

        wait_for_supermajority(config, &bank, &cluster_info);

-        let voting_keypair = if config.voting_disabled {
-            None
-        } else {
-            Some(voting_keypair.clone())
-        };
-
        let poh_service = PohService::new(poh_recorder.clone(), &poh_config, &exit);
        assert_eq!(
            blockstore.new_shreds_signals.len(),
@ -406,7 +384,11 @@ impl Validator {

        let tvu = Tvu::new(
            vote_account,
-            voting_keypair,
+            if config.voting_disabled {
+                None
+            } else {
+                Some(authorized_voter.clone())
+            },
            storage_keypair,
            &bank_forks,
            &cluster_info,
@ -438,7 +420,6 @@ impl Validator {
            blockstore.clone(),
            &storage_state,
            config.blockstream_unix_socket.as_ref(),
-            config.max_ledger_slots,
            ledger_signal_receiver,
            &subscriptions,
            &poh_recorder,
@ -446,11 +427,19 @@ impl Validator {
            &exit,
            completed_slots_receiver,
            block_commitment_cache,
-            config.dev_sigverify_disabled,
            config.enable_partition.clone(),
-            node.info.shred_version,
            transaction_status_sender.clone(),
            rewards_recorder_sender,
+            snapshot_package_sender,
+            TvuConfig {
+                max_ledger_slots: config.max_ledger_slots,
+                sigverify_disabled: config.dev_sigverify_disabled,
+                halt_on_trusted_validators_accounts_hash_mismatch: config
+                    .halt_on_trusted_validators_accounts_hash_mismatch,
+                shred_version: node.info.shred_version,
+                trusted_validators: config.trusted_validators.clone(),
+                accounts_hash_fault_injection_slots: config.accounts_hash_fault_injection_slots,
+            },
        );

        if config.dev_sigverify_disabled {
@ -480,6 +469,7 @@ impl Validator {
            rpc_service,
            transaction_status_service,
            rewards_recorder_service,
+            snapshot_packager_service,
            tpu,
            tvu,
            poh_service,
@ -541,6 +531,10 @@ impl Validator {
            rewards_recorder_service.join()?;
        }

+        if let Some(s) = self.snapshot_packager_service {
+            s.join()?;
+        }
+
        self.gossip_service.join()?;
        self.serve_repair_service.join()?;
        self.tpu.join()?;
@ -637,19 +631,19 @@ fn wait_for_supermajority(
    bank: &Arc<Bank>,
    cluster_info: &Arc<RwLock<ClusterInfo>>,
 ) {
-    if !config.wait_for_supermajority {
+    if config.wait_for_supermajority != Some(bank.slot()) {
        return;
    }

    info!(
-        "Waiting for more than 75% of activated stake at slot {} to be in gossip...",
+        "Waiting for 80% of activated stake at slot {} to be in gossip...",
        bank.slot()
    );
    loop {
        let gossip_stake_percent = get_stake_percent_in_gossip(&bank, &cluster_info);

        info!("{}% of activated stake in gossip", gossip_stake_percent,);
-        if gossip_stake_percent > 75 {
+        if gossip_stake_percent >= 80 {
            break;
        }
        sleep(Duration::new(1, 0));
@ -687,7 +681,7 @@ impl TestValidator {

    pub fn run_with_options(options: TestValidatorOptions) -> Self {
        use crate::genesis_utils::{create_genesis_config_with_leader_ex, GenesisConfigInfo};
-        use solana_sdk::fee_calculator::FeeCalculator;
+        use solana_sdk::fee_calculator::FeeRateGovernor;

        let TestValidatorOptions {
            fees,
@ -713,7 +707,7 @@ impl TestValidator {

        genesis_config.rent.lamports_per_byte_year = 1;
        genesis_config.rent.exemption_threshold = 1.0;
-        genesis_config.fee_calculator = FeeCalculator::new(fees, 0);
+        genesis_config.fee_rate_governor = FeeRateGovernor::new(fees, 0);

        let (ledger_path, blockhash) = create_new_tmp_ledger!(&genesis_config);

--- a/core/tests/bank_forks.rs
+++ b/core/tests/bank_forks.rs
@ -317,7 +317,7 @@ mod tests {
        )));

        let snapshot_packager_service =
-            SnapshotPackagerService::new(receiver, &exit, &cluster_info);
+            SnapshotPackagerService::new(receiver, None, &exit, &cluster_info);

        // Close the channel so that the package service will exit after reading all the
        // packages off the channel
--- a/core/tests/storage_stage.rs
+++ b/core/tests/storage_stage.rs
@ -120,7 +120,7 @@ mod tests {
            None,
        )
        .unwrap();
-        let message = Message::new_with_payer(vec![mining_proof_ix], Some(&mint_keypair.pubkey()));
+        let message = Message::new_with_payer(&[mining_proof_ix], Some(&mint_keypair.pubkey()));
        let mining_proof_tx = Transaction::new(
            &[&mint_keypair, archiver_keypair.as_ref()],
            message,
--- a/crate-features/Cargo.toml
+++ b/crate-features/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "solana-crate-features"
-version = "1.0.1"
+version = "1.0.8"
 description = "Solana Crate Features"
 authors = ["Solana Maintainers <maintainers@solana.com>"]
 repository = "https://github.com/solana-labs/solana"
--- a/docs/makefile
+++ b/docs/makefile
@ -8,6 +8,7 @@ TARGET=html/index.html
 TEST_STAMP=src/tests.ok

 all: $(TARGET)
+	./set-solana-release-tag.sh

 svg: $(SVG_IMGS)

--- a/docs/offline-cmd-md-links.sh
+++ b/docs/offline-cmd-md-links.sh
@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+CLI_USAGE_RELPATH="../cli/usage.md"
+
+SED_OMIT_NONMATCHING=$'\nt\nd'
+SED_CMD="s:^#### solana-(.*):* [\`\\1\`](${CLI_USAGE_RELPATH}#solana-\\1):${SED_OMIT_NONMATCHING}"
+
+OFFLINE_CMDS=$(grep -E '#### solana-|--signer ' src/cli/usage.md | grep -B1 -- --signer | sed -Ee "$SED_CMD")
+
+# Omit deprecated
+grep -vE '\b(pay)\b' <<<"$OFFLINE_CMDS"
--- a/docs/set-solana-release-tag.sh
+++ b/docs/set-solana-release-tag.sh
@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -e
+cd "$(dirname "$0")"
+
+if [[ -n $CI_TAG ]]; then
+  LATEST_SOLANA_RELEASE_VERSION=$CI_TAG
+else
+  LATEST_SOLANA_RELEASE_VERSION=$(\
+    curl -sSfL https://api.github.com/repos/solana-labs/solana/releases/latest \
+    | grep -m 1 tag_name \
+    | sed -ne 's/^ *"tag_name": "\([^"]*\)",$/\1/p' \
+  )
+fi
+
+set -x
+find html/ -name \*.html -exec sed -i "s/LATEST_SOLANA_RELEASE_VERSION/$LATEST_SOLANA_RELEASE_VERSION/g" {} \;
+if [[ -n $CI ]]; then
+  find src/ -name \*.md -exec sed -i "s/LATEST_SOLANA_RELEASE_VERSION/$LATEST_SOLANA_RELEASE_VERSION/g" {} \;
+fi
--- a/docs/src/SUMMARY.md
+++ b/docs/src/SUMMARY.md
@ -1,23 +1,26 @@
 # Table of contents

 * [Introduction](introduction.md)
-* [Using Solana from the Command-line](cli/README.md)
-  * [Command-line Usage](cli/usage.md)
-  * [Remote Wallet](remote-wallet/README.md)
+* [Install the Solana Tool Suite](install-solana.md)
+* [Command-line Guide](cli/README.md)
+  * [Choose a Wallet](cli/choose-a-wallet.md)
+  * [Hardware Wallets](remote-wallet/README.md)
    * [Ledger Hardware Wallet](remote-wallet/ledger.md)
  * [Paper Wallet](paper-wallet/README.md)
-    * [Installation](paper-wallet/installation.md)
    * [Paper Wallet Usage](paper-wallet/usage.md)
+  * [Generate Keys](cli/generate-keys.md)
+  * [Send and Receive Tokens](cli/transfer-tokens.md)
  * [Offline Signing](offline-signing/README.md)
    * [Durable Transaction Nonces](offline-signing/durable-nonce.md)
-* [Developing Applications](apps/README.md)
+  * [Command-line Reference](cli/usage.md)
+* [Develop Applications](apps/README.md)
  * [Example: Web Wallet](apps/webwallet.md)
  * [Example: Tic-Tac-Toe](apps/tictactoe.md)
  * [Drones](apps/drones.md)
  * [Anatomy of a Transaction](transaction.md)
  * [JSON RPC API](apps/jsonrpc-api.md)
  * [JavaScript API](apps/javascript-api.md)
-* [Participating in Tour de SOL](tour-de-sol/README.md)
+* [Participate in Tour de SOL](tour-de-sol/README.md)
  * [Useful Links & Discussion](tour-de-sol/useful-links.md)
  * [Registration](tour-de-sol/registration/README.md)
    * [How To Register](tour-de-sol/registration/how-to-register.md)
@ -37,18 +40,15 @@
      * [Staking](tour-de-sol/participation/steps-to-create-a-validator/delegating-stake.md)
      * [Publish information about your validator](tour-de-sol/participation/steps-to-create-a-validator/publishing-information-about-your-validator.md)
    * [Dry Run 6](tour-de-sol/participation/dry-run-6.md)
-  * [Submitting Bugs](tour-de-sol/submitting-bugs.md)
-* [Running a Validator](running-validator/README.md)
+  * [Submit Bug Reports](tour-de-sol/submitting-bugs.md)
+* [Run a Validator](running-validator/README.md)
  * [Validator Requirements](running-validator/validator-reqs.md)
-  * [Choosing a Testnet](running-validator/validator-testnet.md)
-  * [Installing the Validator Software](running-validator/validator-software.md)
-  * [Starting a Validator](running-validator/validator-start.md)
-  * [Staking](running-validator/validator-stake.md)
-  * [Monitoring a Validator](running-validator/validator-monitor.md)
-  * [Publishing Validator Info](running-validator/validator-info.md)
-  * [Troubleshooting](running-validator/validator-troubleshoot.md)
-* [Running an Archiver](running-archiver.md)
-* [Understanding Solana's Architecture](cluster/README.md)
+  * [Start a Validator](running-validator/validator-start.md)
+  * [Stake](running-validator/validator-stake.md)
+  * [Monitor a Validator](running-validator/validator-monitor.md)
+  * [Publish Validator Info](running-validator/validator-info.md)
+  * [Troubleshoot](running-validator/validator-troubleshoot.md)
+* [Solana's Architecture](cluster/README.md)
  * [Synchronization](cluster/synchronization.md)
  * [Leader Rotation](cluster/leader-rotation.md)
  * [Fork Generation](cluster/fork-generation.md)
@ -64,8 +64,9 @@
  * [Blockstore](validator/blockstore.md)
  * [Gossip Service](validator/gossip.md)
  * [The Runtime](validator/runtime.md)
-* [Building from Source](building-from-source.md)
+* [Build from Source](building-from-source.md)
 * [Terminology](terminology.md)
+* [History](history.md)
 * [Implemented Design Proposals](implemented-proposals/README.md)
  * [Cluster Software Installation and Updates](implemented-proposals/installer.md)
  * [Cluster Economics](implemented-proposals/ed_overview/README.md)
--- a/docs/src/apps/jsonrpc-api.md
+++ b/docs/src/apps/jsonrpc-api.md
@ -24,7 +24,10 @@ To interact with a Solana node inside a JavaScript application, use the [solana-
 * [getConfirmedBlocks](jsonrpc-api.md#getconfirmedblocks)
 * [getEpochInfo](jsonrpc-api.md#getepochinfo)
 * [getEpochSchedule](jsonrpc-api.md#getepochschedule)
+* [getFeeCalculatorForBlockhash](jsonrpc-api.md#getfeecalculatorforblockhash)
+* [getFeeRateGovernor](jsonrpc-api.md#getfeerategovernor)
 * [getGenesisHash](jsonrpc-api.md#getgenesishash)
+* [getIdentity](jsonrpc-api.md#getidentity)
 * [getInflation](jsonrpc-api.md#getinflation)
 * [getLeaderSchedule](jsonrpc-api.md#getleaderschedule)
 * [getMinimumBalanceForRentExemption](jsonrpc-api.md#getminimumbalanceforrentexemption)
@ -314,13 +317,13 @@ The result field will be an object with the following fields:
 curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc": "2.0","id":1,"method":"getConfirmedBlock","params":[430, "json"]}' localhost:8899

 // Result
-{"jsonrpc":"2.0","result":{"blockhash":"Gp3t5bfDsJv1ovP8cB1SuRhXVuoTqDv7p3tymyubYg5","parentSlot":429,"previousBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA","transactions":[{"transaction":{"message":{"accountKeys":["6H94zdiaYfRfPfKjYLjyr2VFBg6JHXygy84r3qhc3NsC","39UAy8hsoYPywGPGdmun747omSr79zLSjqvPJN3zetoH","SysvarS1otHashes111111111111111111111111111","SysvarC1ock11111111111111111111111111111111","Vote111111111111111111111111111111111111111"],"header":{"numReadonlySignedAccounts":0,"numReadonlyUnsignedAccounts":3,"numRequiredSignatures":2},"instructions":[{"accounts":[1,2,3],"data":"29z5mr1JoRmJYQ6ynmk3pf31cGFRziAF1M3mT3L6sFXf5cKLdkEaMXMT8AqLpD4CpcupHmuMEmtZHpomrwfdZetSomNy3d","programIdIndex":4}],"recentBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA"},"signatures":["35YGay1Lwjwgxe9zaH6APSHbt9gYQUCtBWTNL3aVwVGn9xTFw2fgds7qK5AL29mP63A9j3rh8KpN1TgSR62XCaby","4vANMjSKiwEchGSXwVrQkwHnmsbKQmy9vdrsYxWdCup1bLsFzX8gKrFTSVDCZCae2dbxJB9mPNhqB2sD1vvr4sAD"]},"meta":{"fee":1.0.1,"postBalances":[499999972500,15298080,1,1,1],"preBalances":[499999990500,15298080,1,1,1],"status":{"Ok":null}}}]},"id":1}
+{"jsonrpc":"2.0","result":{"blockhash":"Gp3t5bfDsJv1ovP8cB1SuRhXVuoTqDv7p3tymyubYg5","parentSlot":429,"previousBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA","transactions":[{"transaction":{"message":{"accountKeys":["6H94zdiaYfRfPfKjYLjyr2VFBg6JHXygy84r3qhc3NsC","39UAy8hsoYPywGPGdmun747omSr79zLSjqvPJN3zetoH","SysvarS1otHashes111111111111111111111111111","SysvarC1ock11111111111111111111111111111111","Vote111111111111111111111111111111111111111"],"header":{"numReadonlySignedAccounts":0,"numReadonlyUnsignedAccounts":3,"numRequiredSignatures":2},"instructions":[{"accounts":[1,2,3],"data":"29z5mr1JoRmJYQ6ynmk3pf31cGFRziAF1M3mT3L6sFXf5cKLdkEaMXMT8AqLpD4CpcupHmuMEmtZHpomrwfdZetSomNy3d","programIdIndex":4}],"recentBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA"},"signatures":["35YGay1Lwjwgxe9zaH6APSHbt9gYQUCtBWTNL3aVwVGn9xTFw2fgds7qK5AL29mP63A9j3rh8KpN1TgSR62XCaby","4vANMjSKiwEchGSXwVrQkwHnmsbKQmy9vdrsYxWdCup1bLsFzX8gKrFTSVDCZCae2dbxJB9mPNhqB2sD1vvr4sAD"]},"meta":{"fee":1000,"postBalances":[499999972500,15298080,1,1,1],"preBalances":[499999990500,15298080,1,1,1],"status":{"Ok":null}}}]},"id":1}

 // Request
 curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc": "2.0","id":1,"method":"getConfirmedBlock","params":[430, "binary"]}' localhost:8899

 // Result
-{"jsonrpc":"2.0","result":{"blockhash":"Gp3t5bfDsJv1ovP8cB1SuRhXVuoTqDv7p3tymyubYg5","parentSlot":429,"previousBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA","transactions":[{"transaction":"81UZJt4dh4Do66jDhrgkQudS8J2N6iG3jaVav7gJrqJSFY4Ug53iA9JFJZh2gxKWcaFdLJwhHx9mRdg9JwDAWB4ywiu5154CRwXV4FMdnPLg7bhxRLwhhYaLsVgMF5AyNRcTzjCVoBvqFgDU7P8VEKDEiMvD3qxzm1pLZVxDG1LTQpT3Dz4Uviv4KQbFQNuC22KupBoyHFB7Zh6KFdMqux4M9PvhoqcoJsJKwXjWpKu7xmEKnnrSbfLadkgjBmmjhW3fdTrFvnhQdTkhtdJxUL1xS9GMuJQer8YgSKNtUXB1eXZQwXU8bU2BjYkZE6Q5Xww8hu9Z4E4Mo4QsooVtHoP6BM3NKw8zjVbWfoCQqxTrwuSzrNCWCWt58C24LHecH67CTt2uXbYSviixvrYkK7A3t68BxTJcF1dXJitEPTFe2ceTkauLJqrJgnER4iUrsjr26T8YgWvpY9wkkWFSviQW6wV5RASTCUasVEcrDiaKj8EQMkgyDoe9HyKitSVg67vMWJFpUXpQobseWJUs5FTWWzmfHmFp8FZ","meta":{"fee":1.0.1,"postBalances":[499999972500,15298080,1,1,1],"preBalances":[499999990500,15298080,1,1,1],"status":{"Ok":null}}}]},"id":1}
+{"jsonrpc":"2.0","result":{"blockhash":"Gp3t5bfDsJv1ovP8cB1SuRhXVuoTqDv7p3tymyubYg5","parentSlot":429,"previousBlockhash":"EFejToxii1L5aUF2NrK9dsbAEmZSNyN5nsipmZHQR1eA","transactions":[{"transaction":"81UZJt4dh4Do66jDhrgkQudS8J2N6iG3jaVav7gJrqJSFY4Ug53iA9JFJZh2gxKWcaFdLJwhHx9mRdg9JwDAWB4ywiu5154CRwXV4FMdnPLg7bhxRLwhhYaLsVgMF5AyNRcTzjCVoBvqFgDU7P8VEKDEiMvD3qxzm1pLZVxDG1LTQpT3Dz4Uviv4KQbFQNuC22KupBoyHFB7Zh6KFdMqux4M9PvhoqcoJsJKwXjWpKu7xmEKnnrSbfLadkgjBmmjhW3fdTrFvnhQdTkhtdJxUL1xS9GMuJQer8YgSKNtUXB1eXZQwXU8bU2BjYkZE6Q5Xww8hu9Z4E4Mo4QsooVtHoP6BM3NKw8zjVbWfoCQqxTrwuSzrNCWCWt58C24LHecH67CTt2uXbYSviixvrYkK7A3t68BxTJcF1dXJitEPTFe2ceTkauLJqrJgnER4iUrsjr26T8YgWvpY9wkkWFSviQW6wV5RASTCUasVEcrDiaKj8EQMkgyDoe9HyKitSVg67vMWJFpUXpQobseWJUs5FTWWzmfHmFp8FZ","meta":{"fee":1000,"postBalances":[499999972500,15298080,1,1,1],"preBalances":[499999990500,15298080,1,1,1],"status":{"Ok":null}}}]},"id":1}
 ```

 ### getConfirmedBlocks
@ -403,6 +406,58 @@ curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "m
 {"jsonrpc":"2.0","result":{"firstNormalEpoch":8,"firstNormalSlot":8160,"leaderScheduleSlotOffset":8192,"slotsPerEpoch":8192,"warmup":true},"id":1}
 ```

+### getFeeCalculatorForBlockhash
+
+Returns the fee calculator associated with the query blockhash, or `null` if the blockhash has expired
+
+#### Parameters:
+
+* `blockhash: <string>`, query blockhash as a Base58 encoded string
+
+#### Results:
+
+The `result` field will be `null` if the query blockhash has expired, otherwise an `object` with the following fields:
+
+* `feeCalculator: <object>`, `FeeCalculator` object describing the cluster fee rate at the queried blockhash
+
+#### Example:
+
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getFeeCalculatorForBlockhash", "params":["GJxqhuxcgfn5Tcj6y3f8X4FeCDd2RQ6SnEMo1AAxrPRZ"]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":{"context":{"slot":221},"value":{"feeCalculator":{"lamportsPerSignature":5000}}},"id":1}
+```
+
+### getFeeRateGovernor
+
+Returns the fee rate governor information from the root bank
+
+#### Parameters:
+
+None
+
+#### Results:
+
+The `result` field will be an `object` with the following fields:
+
+* `burnPercent: <u8>`, Percentage of fees collected to be destroyed
+* `maxLamportsPerSignature: <u64>`, Largest value `lamportsPerSignature` can attain for the next slot
+* `minLamportsPerSignature: <u64>`, Smallest value `lamportsPerSignature` can attain for the next slot
+* `targetLamportsPerSignature: <u64>`, Desired fee rate for the cluster
+* `targetSignaturesPerSlot: <u64>`, Desired signature rate for the cluster
+
+#### Example:
+
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getFeeRateGovernor"}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":{"context":{"slot":54},"value":{"feeRateGovernor":{"burnPercent":50,"maxLamportsPerSignature":100000,"minLamportsPerSignature":5000,"targetLamportsPerSignature":10000,"targetSignaturesPerSlot":20000}}},"id":1}
+```
+
 ### getGenesisHash

 Returns the genesis hash
@ -425,6 +480,29 @@ curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "m
 {"jsonrpc":"2.0","result":"GH7ome3EiwEr7tu9JuTh2dpYWBJK3z69Xm1ZE3MEE6JC","id":1}
 ```

+### getIdentity
+
+Returns the identity pubkey for the current node
+
+#### Parameters:
+
+None
+
+#### Results:
+
+The result field will be a JSON object with the following fields:
+
+* `identity`, the identity pubkey of the current node \(as a base-58 encoded string\)
+
+#### Example:
+
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getIdentity"}' http://localhost:8899
+// Result
+{"jsonrpc":"2.0","result":{"identity": "2r1F4iWqVcb8M1DbAjQuFpebkQHY9hcVU4WuW2DJBppN"},"id":1}
+```
+
 ### getInflation

 Returns the inflation configuration of the cluster
@ -579,7 +657,7 @@ An RpcResponse containing a JSON object consisting of a string blockhash and Fee
 curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getRecentBlockhash"}' http://localhost:8899

 // Result
-{"jsonrpc":"2.0","result":{"context":{"slot":1},"value":{"blockhash":"CSymwgTNX1j3E4qhKfJAUE41nBWEwXufoYryPbkde5RR","feeCalculator":{"burnPercent":50,"lamportsPerSignature":5000,"maxLamportsPerSignature":1.0.10,"minLamportsPerSignature":5000,"targetLamportsPerSignature":1.0.1,"targetSignaturesPerSlot":20000}}},"id":1}
+{"jsonrpc":"2.0","result":{"context":{"slot":1},"value":{"blockhash":"CSymwgTNX1j3E4qhKfJAUE41nBWEwXufoYryPbkde5RR","feeCalculator":{"burnPercent":50,"lamportsPerSignature":5000,"maxLamportsPerSignature":10000,"minLamportsPerSignature":5000,"targetLamportsPerSignature":1000,"targetSignaturesPerSlot":20000}}},"id":1}
 ```

 ### getSignatureConfirmation
@ -830,7 +908,7 @@ The result field will be a JSON object with the following fields:
 // Request
 curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getVersion"}' http://localhost:8899
 // Result
-{"jsonrpc":"2.0","result":{"solana-core": "1.0.1"},"id":1}
+{"jsonrpc":"2.0","result":{"solana-core": "1.0.8"},"id":1}
 ```

 ### getVoteAccounts
@ -916,7 +994,7 @@ Creates new transaction

 #### Parameters:

-* `<array>` - array of octets containing a fully-signed Transaction
+* `<string>` - fully-signed Transaction, as base-58 encoded string

 #### Results:

--- a/docs/src/building-from-source.md
+++ b/docs/src/building-from-source.md
@ -52,7 +52,7 @@ $ NDEBUG=1 ./multinode-demo/faucet.sh

 ### Singlenode Testnet

-Before you start a validator, make sure you know the IP address of the machine you want to be the bootstrap validator for the demo, and make sure that udp ports 8000-1.0.1 are open on all the machines you want to test with.
+Before you start a validator, make sure you know the IP address of the machine you want to be the bootstrap validator for the demo, and make sure that udp ports 8000-10000 are open on all the machines you want to test with.

 Now start the bootstrap validator in a separate shell:

@ -151,7 +151,7 @@ The stream will output a series of JSON objects:

 ## Public Testnet

-In this example the client connects to our public testnet. To run validators on the testnet you would need to open udp ports `8000-1.0.1`.
+In this example the client connects to our public testnet. To run validators on the testnet you would need to open udp ports `8000-10000`.

 ```bash
 $ NDEBUG=1 ./multinode-demo/bench-tps.sh --entrypoint devnet.solana.com:8001 --faucet devnet.solana.com:9900 --duration 60 --tx_count 50
--- a/docs/src/cli/README.md
+++ b/docs/src/cli/README.md
@ -1,4 +1,4 @@
-# Using Solana from the Command-line
+# Command-line Guide

 This section describes the command-line tools for interacting with Solana. One
 could use these tools to send payments, stake validators, and check account
--- a/docs/src/cli/choose-a-wallet.md
+++ b/docs/src/cli/choose-a-wallet.md
@ -0,0 +1,79 @@
+# Choose a Wallet
+
+Keypairs are stored in *wallets* and wallets come in many forms. A wallet might
+be a directory in your computer's file system, a piece of paper, or a
+specialized device called a *hardware wallet*. Some wallets are easier to use
+than others.  Some are more secure than others. In this section, we'll compare
+and contrast different types of wallets and help you choose the wallet that
+best fits your needs.
+
+## File System Wallet
+
+A *file system wallet*, aka an FS wallet, is a directory in your computer's
+file system. Each file in the directory holds a keypair.
+
+### FS Wallet Security
+
+An FS wallet is the most convenient and least secure form of wallet. It is
+convenient because the keypair is stored in a simple file. You can generate as
+many keys as you'd like and trivially back them up by copying the files. It is
+insecure because the keypair files are **unencrypted**. If you are the only
+user of your computer and you are confident it is free of malware, an FS wallet
+is a fine solution for small amounts of cryptocurrency. If, however, your
+computer contains malware and is connected to the Internet, that malware may
+upload your keys and use them to take your tokens. Likewise, because the
+keypairs are stored on your computer as files, a skilled hacker with physical
+access to your computer may be able to access it. Using an encrypted hard
+drive, such as FileVault on MacOS, minimizes that risk.
+
+## Paper Wallet
+
+A *paper wallet* is a collection of *seed phrases* written on paper. A seed
+phrase is some number of words (typically 12 or 24) that can be used to
+regenerate a keypair on demand.
+
+### Paper Wallet Security
+
+In terms of convenience versus security, a paper wallet sits at the opposite
+side of the spectrum from an FS wallet. It is terribly inconvenient to use, but
+offers excellent security. That high security is further amplified when paper
+wallets are used in conjunction with
+[offline signing](../offline-signing/index.md). Custody services such as
+[Coinbase Custody](https://custody.coinbase.com/) use this combination.  Paper wallets
+and custody services are an excellent way to secure a large number of tokens
+for a long period of time.
+
+## Hardware Wallet
+
+A hardware wallet is a small handheld device that stores keypairs and provides
+some interface for signing transactions.
+
+### Hardware Wallet Security
+
+A hardware wallet, such as the
+[Ledger hardware wallet](https://www.ledger.com/), offers a great blend of
+security and convenience for cryptocurrencies. It effectively automates the
+process of offline signing while retaining nearly all the convenience of an FS
+wallet.  In contrast to offline signing with paper wallets, which we regard as
+highly secure, offline signing with hardware wallets presents some security
+concerns:
+
+* Keys could be leaked by a malicious app on the hardware wallet
+* Keys could be stolen by a malicious client via a bug in the hardware wallet's
+  operating system
+* Keys could be read from storage if hardware wallet is lost or stolen
+
+To keep your hardware wallet tokens safe, we suggest:
+
+* Only install apps using the vendor's app manager
+* Keep the hardware wallet's firmware up to date
+* Put keys for large amounts of tokens into their own hardware wallets. Store
+  in a secure location.
+
+## Which Wallet is Best?
+
+Different people will have different needs, but if you are still unsure what's
+best for you after reading the comparisons above, go with a
+[Ledger Nano S](https://shop.ledger.com/products/ledger-nano-s). The
+[Nano S is well-integrated into Solana's tool suite](../remote-wallet/ledger)
+and offers an outstanding blend of security and convenience.
--- a/docs/src/cli/generate-keys.md
+++ b/docs/src/cli/generate-keys.md
@ -0,0 +1,90 @@
+# Generate a Keypair and its Public Key
+
+In this section, we'll generate a keypair, query it for its public key,
+and verify you control its private key. Before you begin, you'll need
+to:
+
+* [Install the Solana Tool Suite](../install-solana.md)
+* [Choose a wallet](choose-a-wallet.md)
+
+## Generate an FS Wallet Keypair
+
+Use Solana's command-line tool `solana-keygen` to generate keypair files. For
+example, run the following from a command-line shell:
+
+```bash
+mkdir ~/my-solana-wallet
+solana-keygen new -o ~/my-solana-wallet/my-keypair.json
+```
+
+If you view the file, you will see a long list of numbers, such as:
+
+```text
+[42,200,155,187,52,228,32,9,179,129,192,196,149,41,177,47,87,228,5,19,70,82,170,6,142,114,68,85,124,34,165,216,110,186,177,254,198,143,235,59,173,59,17,250,142,32,66,162,130,62,53,252,48,33,148,38,149,17,81,154,95,178,163,164]
+```
+
+This file contains your **unencrypted** keypair. In fact, even if you specify
+a password, that password applies to the recovery seed phrase, not the file. Do
+not share this file with others. Anyone with access to this file will have access
+to all tokens sent to its public key. Instead, you should share only its public
+key. To display its public key, run:
+
+```bash
+solana-keygen pubkey ~/my-solana-wallet/my-keypair.json
+```
+
+It will output a string of characters, such as:
+
+```text
+ErRr1caKzK8L8nn4xmEWtimYRiTCAZXjBtVphuZ5vMKy
+```
+
+This is the public key corresponding to the keypair in `~/my-solana-wallet/my-keypair.json`.
+To verify you hold the private key for a given public key, use `solana-keygen verify`:
+
+```bash
+solana-keygen verify <PUBKEY> ~/my-solana-wallet/my-keypair.json
+```
+
+where `<PUBKEY>` is the public key output from the previous command.
+The command will output "Success" if the given public key matches the
+the one in your keypair file, and "Failed" otherwise.
+
+## Generate a Paper Wallet Seed Phrase
+
+See [Creating a Paper Wallet](../paper-wallet/usage.md#creating-a-paper-wallet).
+
+To verify you control the private key of that public key, use `solana-keygen verify`:
+
+```bash
+solana-keygen verify <PUBKEY> ASK
+```
+
+where `<PUBKEY>` is the keypair's public key and they keyword `ASK` tells the
+command to prompt you for the keypair's seed phrase. Note that for security
+reasons, your seed phrase will not be displayed as you type. After entering your
+seed phrase, the command will output "Success" if the given public key matches the
+keypair generated from your seed phrase, and "Failed" otherwise.
+
+## Generate a Hardware Wallet Keypair
+
+Keypairs are automatically derived when you query a hardware wallet with a
+[keypair URL](../remote-wallet#specify-a-hardware-wallet-key).
+
+Once you have your keypair URL, use `solana-keygen pubkey` to query the hardware
+wallet for the keypair's public key:
+
+```bash
+solana-keygen pubkey <KEYPAIR>
+```
+
+where `<KEYPAIR>` is the keypair URL.
+
+To verify you control the private key of that public key, use `solana-keygen verify`:
+
+```bash
+solana-keygen verify <PUBKEY> <KEYPAIR>
+```
+
+The command will output "Success" if the given public key matches the
+the one at your keypair URL, and "Failed" otherwise.
--- a/docs/src/cli/transfer-tokens.md
+++ b/docs/src/cli/transfer-tokens.md
@ -0,0 +1,116 @@
+# Send and Receive Tokens
+
+## Receive Tokens
+
+To receive tokens, you will need an address for others to send tokens to. In
+Solana, an address is the public key of a keypair. There are a variety
+of techniques for generating keypairs. The method you choose will depend on how
+you choose to store keypairs.  Keypairs are stored in wallets. Before receiving
+tokens, you'll need to [choose a wallet](choose-a-wallet.md) and
+[generate keys](generate-keys.md). Once completed, you should have a public key
+for each keypair you generated. The public key is a long string of base58
+characters. Its length varies from 32 to 44 characters.
+
+### Using Solana CLI
+
+Before running any Solana CLI commands, let's go over some conventions that
+you will see across all commands. First, the Solana CLI is actually a collection
+of different commands for each action you might want to take. You can view the list
+of all possible commands by running:
+
+```bash
+solana --help
+```
+
+To zoom in on how to use a particular command, run:
+
+```bash
+solana <COMMAND> --help
+```
+
+where you replace the text `<COMMAND>` with the name of the command you want
+to learn more about.
+
+The command's usage message will typically contain words such as `<NUMBER>`,
+`<PUBKEY>` or `<KEYPAIR>`. Each word is a placeholder for the *type* of text
+you can execute the command with. For example, you can replace `<NUMBER>`
+with a number such as `42` or `100.42`. You can replace `<PUBKEY>` with the
+base58 encoding of your public key. For `<KEYPAIR>`, it depends on what type
+of wallet you chose. If you chose an fs wallet, that path might be
+`~/my-solana-wallet/my-keypair.json`.  If you chose a paper wallet, use the
+keyword `ASK`, and the Solana CLI will prompt you for your seed phrase. If
+you chose a hardware wallet, use your USB URL, such as `usb://ledger?key=0`.
+
+### Test-drive your Public Keys
+
+Before sharing your public key with others, you may want to first ensure the
+key is valid and that you indeed hold the corresponding private key.
+
+Try and *airdrop* yourself some play tokens on the developer testnet, called
+Devnet:
+
+```bash
+solana airdrop 10 <PUBKEY> --url http://devnet.solana.com
+```
+
+where you replace the text `<PUBKEY>` with your base58 public key.
+
+Confirm the airdrop was successful by checking the account's balance.
+It should output `10 SOL`:
+
+```bash
+solana balance <PUBKEY> --url http://devnet.solana.com
+```
+
+Next, prove that you own those tokens by transferring them. The Solana cluster
+will only accept the transfer if you sign the transaction with the private
+key corresponding to the sender's public key in the transaction.
+
+First, we'll need a public key to receive our tokens. Create a second
+keypair and record its pubkey:
+
+```bash
+solana-keygen new --no-passphrase --no-outfile
+```
+
+The output will contain the public key after the text `pubkey:`. Copy the
+public key. We'll use it in the next step.
+
+```text
+============================================================================
+pubkey: GKvqsuNcnwWqPzzuhLmGi4rzzh55FhJtGizkhHaEJqiV
+============================================================================
+```
+
+```bash
+solana transfer --keypair=<KEYPAIR> <PUBKEY> 5 --url http://devnet.solana.com
+```
+
+where you replace `<KEYPAIR>` with the path to a keypair in your wallet,
+and replace `<PUBKEY>` with the output of `solana-keygen new` above.
+
+Confirm the updated balances with `solana balance`:
+
+```bash
+solana balance <PUBKEY> --url http://devnet.solana.com
+```
+
+where `<PUBKEY>` is either the public key from your keypair or the
+recipient's public key.
+
+## Send Tokens
+
+If you already hold SOL and want to send tokens to someone, you will need
+a path to your keypair, their base58-encoded public key, and a number of
+tokens to transfer. Once you have that collected, you can transfer tokens
+with the `solana transfer` command:
+
+```bash
+solana transfer --keypair=<KEYPAIR> <PUBKEY> <NUMBER>
+```
+
+Confirm the updated balances with `solana balance`:
+
+```bash
+solana balance <PUBKEY>
+```
--- a/docs/src/cli/usage.md
+++ b/docs/src/cli/usage.md
--- a/docs/src/cluster/stake-delegation-and-rewards.md
+++ b/docs/src/cluster/stake-delegation-and-rewards.md
@ -166,14 +166,14 @@ Rewards are paid against the "effective" portion of the stake for that epoch.

 #### Warmup example

-Consider the situation of a single stake of 1.0.1 activated at epoch N, with network warmup rate of 20%, and a quiescent total network stake at epoch N of 2,000.
+Consider the situation of a single stake of 1000 activated at epoch N, with network warmup rate of 20%, and a quiescent total network stake at epoch N of 2,000.

 At epoch N+1, the amount available to be activated for the network is 400 \(20% of 200\), and at epoch N, this example stake is the only stake activating, and so is entitled to all of the warmup room available.

 | epoch | effective | activating | total effective | total activating |
 | :--- | ---: | ---: | ---: | ---: |
 | N-1 |  |  | 2,000 | 0 |
-| N | 0 | 1.0.1 | 2,000 | 1.0.1 |
+| N | 0 | 1000 | 2,000 | 1000 |
 | N+1 | 400 | 600 | 2,400 | 600 |
 | N+2 | 880 | 120 | 2,880 | 120 |
 | N+3 | 1000 | 0 | 3,000 | 0 |
@ -183,7 +183,7 @@ Were 2 stakes \(X and Y\) to activate at epoch N, they would be awarded a portio
 | epoch | X eff | X act | Y eff | Y act | total effective | total activating |
 | :--- | ---: | ---: | ---: | ---: | ---: | ---: |
 | N-1 |  |  |  |  | 2,000 | 0 |
-| N | 0 | 1.0.1 | 0 | 200 | 2,000 | 1,200 |
+| N | 0 | 1000 | 0 | 200 | 2,000 | 1,200 |
 | N+1 | 333 | 667 | 67 | 133 | 2,400 | 800 |
 | N+2 | 733 | 267 | 146 | 54 | 2,880 | 321 |
 | N+3 | 1000 | 0 | 200 | 0 | 3,200 | 0 |
--- a/docs/src/history.md
+++ b/docs/src/history.md
@ -0,0 +1,58 @@
+# History of the Solana Codebase
+
+In November of 2017, Anatoly Yakovenko published a whitepaper describing Proof
+of History, a technique for keeping time between computers that do not trust
+one another. From Anatoly's previous experience designing distributed systems
+at Qualcomm, Mesosphere and Dropbox, he knew that a reliable clock makes
+network synchronization very simple. When synchronization is simple the
+resulting network can be blazing fast, bound only by network bandwidth.
+
+Anatoly watched as blockchain systems without clocks, such as Bitcoin and
+Ethereum, struggled to scale beyond 15 transactions per second worldwide when
+centralized payment systems such as Visa required peaks of 65,000 tps. Without
+a clock, it was clear they'd never graduate to being the global payment system
+or global supercomputer most had dreamed them to be. When Anatoly solved the
+problem of getting computers that don’t trust each other to agree on time, he
+knew he had the key to bring 40 years of distributed systems research to the
+world of blockchain. The resulting cluster wouldn't be just 10 times faster, or
+a 100 times, or a 1,000 times, but 10,000 times faster, right out of the gate!
+
+Anatoly's implementation began in a private codebase and was implemented in the
+C programming language. Greg Fitzgerald, who had previously worked with Anatoly
+at semiconductor giant Qualcomm Incorporated, encouraged him to reimplement the
+project in the Rust programming language. Greg had worked on the LLVM compiler
+infrastructure, which underlies both the Clang C/C++ compiler as well as the
+Rust compiler. Greg claimed that the language's safety guarantees would improve
+software productivity and that its lack of a garbage collector would allow
+programs to perform as well as those written in C. Anatoly gave it a shot and
+just two weeks later, had migrated his entire codebase to Rust. Sold. With
+plans to weave all the world's transactions together on a single, scalable
+blockchain, Anatoly called the project Loom.
+
+On February 13th of 2018, Greg began prototyping the first open source
+implementation of Anatoly's whitepaper. The project was published to GitHub
+under the name Silk in the loomprotocol organization. On February 28th, Greg
+made his first release, demonstrating 10 thousand signed transactions could be
+verified and processed in just over half a second. Shortly after, another
+former Qualcomm cohort, Stephen Akridge, demonstrated throughput could be
+massively improved by offloading signature verification to graphics processors.
+Anatoly recruited Greg, Stephen and three others to co-found a company, then
+called Loom.
+
+Around the same time, Ethereum-based project Loom Network sprung up and many
+people were confused about whether they were the same project. The Loom team
+decided it would rebrand. They chose the name Solana, a nod to a small beach
+town North of San Diego called Solana Beach, where Anatoly, Greg and Stephen
+lived and surfed for three years when they worked for Qualcomm. On March 28th,
+the team created the Solana Labs GitHub organization and renamed Greg's
+prototype Silk to Solana.
+
+In June of 2018, the team scaled up the technology to run on cloud-based
+networks and on July 19th, published a 50-node, permissioned, public testnet
+consistently supporting bursts of 250,000 transactions per second. In a later
+release in December, called v0.10 Pillbox, the team published a permissioned
+testnet running 150 nodes on a gigabit network and demonstrated soak tests
+processing an _average_ of 200 thousand transactions per second with bursts
+over 500 thousand. The project was also extended to support on-chain programs
+written in the C programming language and run concurrently in a safe execution
+environment called BPF.
--- a/docs/src/implemented-proposals/installer.md
+++ b/docs/src/implemented-proposals/installer.md
@ -154,7 +154,7 @@ FLAGS:

 OPTIONS:
    -d, --data_dir <PATH>    Directory to store install data [default: .../Library/Application Support/solana]
-    -u, --url <URL>          JSON RPC URL for the solana cluster [default: http://devnet.solana.com:8899]
+    -u, --url <URL>          JSON RPC URL for the solana cluster [default: http://devnet.solana.com]
    -p, --pubkey <PUBKEY>    Public key of the update manifest [default: 9XX329sPuskWhH4DQh6k16c87dHKhXLBZTL3Gxmve8Gp]
 ```

--- a/docs/src/running-validator/validator-software.md
+++ b/docs/src/running-validator/validator-software.md
@ -1,14 +1,14 @@
-# Installing the Validator Software
+# Installing Solana

 Install the Solana release
-[v1.0.0](https://github.com/solana-labs/solana/releases/tag/v1.0.0) on your
+[LATEST_SOLANA_RELEASE_VERSION](https://github.com/solana-labs/solana/releases/tag/LATEST_SOLANA_RELEASE_VERSION) on your
 machine by running:

 ```bash
-curl -sSf https://raw.githubusercontent.com/solana-labs/solana/v1.0.0/install/solana-install-init.sh | sh -s - 1.0.0
+curl -sSf https://raw.githubusercontent.com/solana-labs/solana/LATEST_SOLANA_RELEASE_VERSION/install/solana-install-init.sh | sh -s - LATEST_SOLANA_RELEASE_VERSION
 ```

-If you are connecting to a different testnet, you can replace `1.0.0` with the
+If you are connecting to a different testnet, you can replace `LATEST_SOLANA_RELEASE_VERSION` with the
 release tag matching the software version of your desired testnet, or replace it
 with the named channel `stable`, `beta`, or `edge`.

@ -16,11 +16,11 @@ The following output indicates a successful update:

 ```text
 looking for latest release
-downloading v1.0.0 installer
+downloading LATEST_SOLANA_RELEASE_VERSION installer
 Configuration: /home/solana/.config/solana/install/config.yml
 Active release directory: /home/solana/.local/share/solana/install/active_release
-* Release version: 1.0.0
-* Release URL: https://github.com/solana-labs/solana/releases/download/v1.0.0/solana-release-x86_64-unknown-linux-gnu.tar.bz2
+* Release version: LATEST_SOLANA_RELEASE_VERSION
+* Release URL: https://github.com/solana-labs/solana/releases/download/LATEST_SOLANA_RELEASE_VERSION/solana-release-x86_64-unknown-linux-gnu.tar.bz2
 Update successful
 ```

@ -77,3 +77,55 @@ prebuilt binaries:
 ```bash
 solana-install init
 ```
+
+# Choosing a Cluster
+
+Solana maintains several clusters, each featuring a Solana-owned validator
+that serves as an entrypoint to the cluster.
+
+Current cluster entrypoints:
+
+* Devnet: devnet.solana.com
+* Tour de SOL: tds.solana.com
+
+Application developers should target Devnet. Key differences
+between Devnet and what will be Mainnet:
+
+* Devnet tokens are not real
+* Devnet includes a token faucet for application testing
+* Devnet may be subject to ledger resets
+* Devnet typically runs a newer software version than mainnet
+* Devnet may be maintained by different validators than mainnet
+
+## Configure the Command-line
+
+You can check what cluster the Solana CLI is currently targeting by
+running the following command:
+
+```bash
+solana config get
+```
+
+Use the `solana config set` command to target a different cluster.
+For example, for Devnet, use:
+
+```bash
+solana config set --url http://devnet.solana.com
+```
+
+## Ensure Versions Match
+
+Though not strictly necessary, the CLI will generally work best when its version
+matches the software version running on the cluster. To get the CLI version, run:
+
+```bash
+solana --version
+```
+
+To get the cluster version, run:
+
+```bash
+solana cluster-version
+```
+
+Ensure the CLI version is greater than or equal to the cluster version.
--- a/docs/src/introduction.md
+++ b/docs/src/introduction.md
@ -4,30 +4,20 @@

 Solana is an open source project implementing a new, high-performance, permissionless blockchain. Solana is also the name of a company headquartered in San Francisco that maintains the open source project.

+## Why Solana?
+
+It's possible for a centralized database to process 710,000 transactions per second on a standard gigabit network if the transactions are, on average, no more than 176 bytes. A centralized database can also replicate itself and maintain high availability without significantly compromising that transaction rate using the distributed system technique known as Optimistic Concurrency Control [\[H.T.Kung, J.T.Robinson (1981)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.4735). At Solana, we're demonstrating that these same theoretical limits apply just as well to blockchain on an adversarial network. The key ingredient? Finding a way to share time when nodes can't trust one-another. Once nodes can trust time, suddenly ~40 years of distributed systems research becomes applicable to blockchain!
+
+> Perhaps the most striking difference between algorithms obtained by our method and ones based upon timeout is that using timeout produces a traditional distributed algorithm in which the processes operate asynchronously, while our method produces a globally synchronous one in which every process does the same thing at (approximately) the same time. Our method seems to contradict the whole purpose of distributed processing, which is to permit different processes to operate independently and perform different functions. However, if a distributed system is really a single system, then the processes must be synchronized in some way. Conceptually, the easiest way to synchronize processes is to get them all to do the same thing at the same time. Therefore, our method is used to implement a kernel that performs the necessary synchronization--for example, making sure that two different processes do not try to modify a file at the same time. Processes might spend only a small fraction of their time executing the synchronizing kernel; the rest of the time, they can operate independently--e.g., accessing different files. This is an approach we have advocated even when fault-tolerance is not required. The method's basic simplicity makes it easier to understand the precise properties of a system, which is crucial if one is to know just how fault-tolerant the system is. [\[L.Lamport (1984)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.71.1078)
+
+Furthermore, and much to our surprise, it can be implemented using a mechanism that has existed in Bitcoin since day one. The Bitcoin feature is called nLocktime and it can be used to postdate transactions using block height instead of a timestamp. As a Bitcoin client, you'd use block height instead of a timestamp if you don't trust the network. Block height turns out to be an instance of what's being called a Verifiable Delay Function in cryptography circles. It's a cryptographically secure way to say time has passed. In Solana, we use a far more granular verifiable delay function, a SHA 256 hash chain, to checkpoint the ledger and coordinate consensus. With it, we implement Optimistic Concurrency Control and are now well en route towards that theoretical limit of 710,000 transactions per second.
+
 ## Documentation Overview

 The Solana docs describe the Solana open source project, a blockchain built from the ground up for scale. They cover why Solana is useful, how to use it, how it works, and why it will continue to work long after the company Solana closes its doors. The goal of the Solana architecture is to demonstrate there exists a set of software algorithms that when used in combination to implement a blockchain, removes software as a performance bottleneck, allowing transaction throughput to scale proportionally with network bandwidth. The architecture goes on to satisfy all three desirable properties of a proper blockchain: it is scalable, secure and decentralized.

 The architecture describes a theoretical upper bound of 710 thousand transactions per second \(tps\) on a standard gigabit network and 28.4 million tps on 40 gigabit. Furthermore, the architecture supports safe, concurrent execution of programs authored in general purpose programming languages such as C or Rust.

-## Disclaimer
-
-All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the author's best effort. It is up to the reader to check and validate their accuracy and truthfulness. Furthermore, nothing in this project constitutes a solicitation for investment.
-
-## History of the Solana Codebase
-
-In November of 2017, Anatoly Yakovenko published a whitepaper describing Proof of History, a technique for keeping time between computers that do not trust one another. From Anatoly's previous experience designing distributed systems at Qualcomm, Mesosphere and Dropbox, he knew that a reliable clock makes network synchronization very simple. When synchronization is simple the resulting network can be blazing fast, bound only by network bandwidth.
-
-Anatoly watched as blockchain systems without clocks, such as Bitcoin and Ethereum, struggled to scale beyond 15 transactions per second worldwide when centralized payment systems such as Visa required peaks of 65,000 tps. Without a clock, it was clear they'd never graduate to being the global payment system or global supercomputer most had dreamed them to be. When Anatoly solved the problem of getting computers that don’t trust each other to agree on time, he knew he had the key to bring 40 years of distributed systems research to the world of blockchain. The resulting cluster wouldn't be just 10 times faster, or a 100 times, or a 1.0.1 times, but 10,000 times faster, right out of the gate!
-
-Anatoly's implementation began in a private codebase and was implemented in the C programming language. Greg Fitzgerald, who had previously worked with Anatoly at semiconductor giant Qualcomm Incorporated, encouraged him to reimplement the project in the Rust programming language. Greg had worked on the LLVM compiler infrastructure, which underlies both the Clang C/C++ compiler as well as the Rust compiler. Greg claimed that the language's safety guarantees would improve software productivity and that its lack of a garbage collector would allow programs to perform as well as those written in C. Anatoly gave it a shot and just two weeks later, had migrated his entire codebase to Rust. Sold. With plans to weave all the world's transactions together on a single, scalable blockchain, Anatoly called the project Loom.
-
-On February 13th of 2018, Greg began prototyping the first open source implementation of Anatoly's whitepaper. The project was published to GitHub under the name Silk in the loomprotocol organization. On February 28th, Greg made his first release, demonstrating 10 thousand signed transactions could be verified and processed in just over half a second. Shortly after, another former Qualcomm cohort, Stephen Akridge, demonstrated throughput could be massively improved by offloading signature verification to graphics processors. Anatoly recruited Greg, Stephen and three others to co-found a company, then called Loom.
-
-Around the same time, Ethereum-based project Loom Network sprung up and many people were confused about whether they were the same project. The Loom team decided it would rebrand. They chose the name Solana, a nod to a small beach town North of San Diego called Solana Beach, where Anatoly, Greg and Stephen lived and surfed for three years when they worked for Qualcomm. On March 28th, the team created the Solana Labs GitHub organization and renamed Greg's prototype Silk to Solana.
-
-In June of 2018, the team scaled up the technology to run on cloud-based networks and on July 19th, published a 50-node, permissioned, public testnet consistently supporting bursts of 250,000 transactions per second. In a later release in December, called v0.10 Pillbox, the team published a permissioned testnet running 150 nodes on a gigabit network and demonstrated soak tests processing an _average_ of 200 thousand transactions per second with bursts over 500 thousand. The project was also extended to support on-chain programs written in the C programming language and run concurrently in a safe execution environment called BPF.
-
 ## What is a Solana Cluster?

 A cluster is a set of computers that work together and can be viewed from the outside as a single system. A Solana cluster is a set of independently owned computers working together \(and sometimes against each other\) to verify the output of untrusted, user-submitted programs. A Solana cluster can be utilized any time a user wants to preserve an immutable record of events in time or programmatic interpretations of those events. One use is to track which of the computers did meaningful work to keep the cluster running. Another use might be to track the possession of real-world assets. In each case, the cluster produces a record of events called the ledger. It will be preserved for the lifetime of the cluster. As long as someone somewhere in the world maintains a copy of the ledger, the output of its programs \(which may contain a record of who possesses what\) will forever be reproducible, independent of the organization that launched it.
@ -35,3 +25,7 @@ A cluster is a set of computers that work together and can be viewed from the ou
 ## What are SOLs?

 A SOL is the name of Solana's native token, which can be passed to nodes in a Solana cluster in exchange for running an on-chain program or validating its output. The system may perform micropayments of fractional SOLs, which are called _lamports_. They are named in honor of Solana's biggest technical influence, [Leslie Lamport](https://en.wikipedia.org/wiki/Leslie_Lamport). A lamport has a value of 0.000000001 SOL.
+
+## Disclaimer
+
+All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the author's best effort. It is up to the reader to check and validate their accuracy and truthfulness. Furthermore, nothing in this project constitutes a solicitation for investment.
--- a/docs/src/offline-signing/README.md
+++ b/docs/src/offline-signing/README.md
@ -14,9 +14,15 @@ transaction.
 ## Commands Supporting Offline Signing

 At present, the following commands support offline signing:
-  * [`delegate-stake`](../api-reference/cli.md#solana-delegate-stake)
-  * [`deactivate-stake`](../api-reference/cli.md#solana-deactivate-stake)
-  * [`pay`](../api-reference/cli.md#solana-pay)
+* [`create-stake-account`](../cli/usage.md#solana-create-stake-account)
+* [`deactivate-stake`](../cli/usage.md#solana-deactivate-stake)
+* [`delegate-stake`](../cli/usage.md#solana-delegate-stake)
+* [`split-stake`](../cli/usage.md#solana-split-stake)
+* [`stake-authorize-staker`](../cli/usage.md#solana-stake-authorize-staker)
+* [`stake-authorize-withdrawer`](../cli/usage.md#solana-stake-authorize-withdrawer)
+* [`stake-set-lockup`](../cli/usage.md#solana-stake-set-lockup)
+* [`transfer`](../cli/usage.md#solana-transfer)
+* [`withdraw-stake`](../cli/usage.md#solana-withdraw-stake)

 ## Signing Transactions Offline

@ -76,6 +82,72 @@ Output
 4vC38p4bz7XyiXrk6HtaooUqwxTWKocf45cstASGtmrD398biNJnmTcUCVEojE7wVQvgdYbjHJqRFZPpzfCQpmUN
 ```

+## Offline Signing Over Multiple Sessions
+
+Offline signing can also take place over multiple sessions. In this scenario,
+pass the absent signer's public key for each role. All pubkeys that were specified,
+but no signature was generated for will be listed as absent in the offline signing
+output
+
+### Example: Transfer with Two Offline Signing Sessions
+
+Command (Offline Session #1)
+
+```text
+solana@offline1$ solana transfer Fdri24WUGtrCXZ55nXiewAj6RM18hRHPGAjZk3o6vBut 10 \
+    --blockhash 7ALDjLv56a8f6sH6upAZALQKkXyjAwwENH9GomyM8Dbc \
+    --sign-only \
+    --keypair fee_payer.json \
+    --from 674RgFMgdqdRoVtMqSBg7mHFbrrNm1h1r721H1ZMquHL
+```
+
+Output (Offline Session #1)
+
+```text
+Blockhash: 7ALDjLv56a8f6sH6upAZALQKkXyjAwwENH9GomyM8Dbc
+Signers (Pubkey=Signature):
+  3bo5YiRagwmRikuH6H1d2gkKef5nFZXE3gJeoHxJbPjy=ohGKvpRC46jAduwU9NW8tP91JkCT5r8Mo67Ysnid4zc76tiiV1Ho6jv3BKFSbBcr2NcPPCarmfTLSkTHsJCtdYi
+Absent Signers (Pubkey):
+  674RgFMgdqdRoVtMqSBg7mHFbrrNm1h1r721H1ZMquHL
+```
+
+Command (Offline Session #2)
+
+```text
+solana@offline2$ solana transfer Fdri24WUGtrCXZ55nXiewAj6RM18hRHPGAjZk3o6vBut 10 \
+    --blockhash 7ALDjLv56a8f6sH6upAZALQKkXyjAwwENH9GomyM8Dbc \
+    --sign-only \
+    --keypair from.json \
+    --fee-payer 3bo5YiRagwmRikuH6H1d2gkKef5nFZXE3gJeoHxJbPjy
+```
+
+Output (Offline Session #2)
+
+```text
+Blockhash: 7ALDjLv56a8f6sH6upAZALQKkXyjAwwENH9GomyM8Dbc
+Signers (Pubkey=Signature):
+  674RgFMgdqdRoVtMqSBg7mHFbrrNm1h1r721H1ZMquHL=3vJtnba4dKQmEAieAekC1rJnPUndBcpvqRPRMoPWqhLEMCty2SdUxt2yvC1wQW6wVUa5putZMt6kdwCaTv8gk7sQ
+Absent Signers (Pubkey):
+  3bo5YiRagwmRikuH6H1d2gkKef5nFZXE3gJeoHxJbPjy
+```
+
+Command (Online Submission)
+
+```text
+solana@online$ solana transfer Fdri24WUGtrCXZ55nXiewAj6RM18hRHPGAjZk3o6vBut 10 \
+    --blockhash 7ALDjLv56a8f6sH6upAZALQKkXyjAwwENH9GomyM8Dbc \
+    --from 674RgFMgdqdRoVtMqSBg7mHFbrrNm1h1r721H1ZMquHL \
+    --signer 674RgFMgdqdRoVtMqSBg7mHFbrrNm1h1r721H1ZMquHL=3vJtnba4dKQmEAieAekC1rJnPUndBcpvqRPRMoPWqhLEMCty2SdUxt2yvC1wQW6wVUa5putZMt6kdwCaTv8gk7sQ \
+    --fee-payer 3bo5YiRagwmRikuH6H1d2gkKef5nFZXE3gJeoHxJbPjy \
+    --signer 3bo5YiRagwmRikuH6H1d2gkKef5nFZXE3gJeoHxJbPjy=ohGKvpRC46jAduwU9NW8tP91JkCT5r8Mo67Ysnid4zc76tiiV1Ho6jv3BKFSbBcr2NcPPCarmfTLSkTHsJCtdYi
+```
+
+Output (Online Submission)
+
+```text
+ohGKvpRC46jAduwU9NW8tP91JkCT5r8Mo67Ysnid4zc76tiiV1Ho6jv3BKFSbBcr2NcPPCarmfTLSkTHsJCtdYi
+```
+
 ## Buying More Time to Sign

 Typically a Solana transaction must be signed and accepted by the network within
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Michael Vines	2a617f2d07	v1.0: Backport of #8939 (#8957 ) automerge	2020-03-19 02:08:36 -07:00
mergify[bot]	6af3c6ecbc	CLI: Add multi-session signing support (#8927 ) (#8953 ) * SDK: Add `NullSigner` implementation * SDK: Split `Transaction::verify()` to gain access to results * CLI: Minor refactor of --sign_only result parsing * CLI: Enable paritial signing Signers specified by pubkey, but without a matching --signer arg supplied fall back to a `NullSigner` when --sign-only is in effect. This allows their pubkey to be used for TX construction as usual, but leaves their `sign_message()` a NOP. As such, with --sign-only in effect, signing and verification must be done separately, with the latter's per-signature results considered * CLI: Surface/report missing/bad signers to user * CLI: Suppress --sign-only JSON output * nits * Docs for multi-session offline signing (cherry picked from commit `98228c392e`) Co-authored-by: Trent Nelson <trent@solana.com>	2020-03-18 23:39:44 -07:00
mergify[bot]	a5938e5a21	Bump bv from 0.11.0 to 0.11.1 (bp #8952 ) (#8955 ) automerge	2020-03-18 22:33:05 -07:00
mergify[bot]	8eaa8d8788	Add docs on wallets and generating keys (bp #8905 ) (#8946 ) automerge	2020-03-18 19:15:34 -07:00
mergify[bot]	51940eec9b	Delete broken link (#8950 ) (#8951 ) automerge	2020-03-18 18:20:36 -07:00
mergify[bot]	d1e16b2bc4	Remove product string from device keypair URL (#8942 ) (#8945 ) automerge	2020-03-18 14:11:41 -07:00
mergify[bot]	97051c87b4	Document account/signer requirements for vote instructions (#8941 ) automerge	2020-03-18 12:20:02 -07:00
mergify[bot]	2521913654	Add counter for accounts hash verification. (#8928 ) (#8934 ) automerge	2020-03-18 09:57:38 -07:00
mergify[bot]	803c87b4bd	Add docs for --trusted-validator options (#8911 ) (#8933 ) automerge	2020-03-18 08:37:15 -07:00
mergify[bot]	8ff9ee3a06	Cli: add spinner progress bar when waiting for transaction confirmation (#8916 ) (#8920 ) automerge	2020-03-17 20:06:01 -07:00
mergify[bot]	25bf2c6062	Extend local-cluster CI timeout (#8921 ) (#8923 ) automerge	2020-03-17 19:48:57 -07:00
mergify[bot]	fc80b77fc4	Increase buffer on low SOL fault to over a week (#8903 ) (#8904 ) automerge	2020-03-17 10:32:28 -07:00
mergify[bot]	5a7707362c	Sort device paths for select (#8896 ) (#8897 ) automerge	2020-03-16 19:43:11 -07:00
mergify[bot]	0102ee3fa9	Hoist USB URL docs (#8894 ) (#8895 ) automerge	2020-03-16 16:31:35 -07:00
mergify[bot]	d29cb19a73	Cli: enable flexible flexible signer paths for pubkey args (#8892 ) (#8893 ) automerge	2020-03-16 16:16:58 -07:00
sakridge	1cc66f0cd7	Add Accounts hash consistency halting (#8772 ) (#8889 ) * Accounts hash consistency halting * Add option to inject account hash faults for testing. Enable option in local cluster test to see that node halts.	2020-03-16 14:29:44 -07:00
mergify[bot]	e2cfc513eb	Add genesis token counter test to system test (#8824 ) (#8891 ) automerge	2020-03-16 13:32:58 -07:00
mergify[bot]	8115a962e9	Cleanup CLI types (#8888 ) (#8890 ) automerge	2020-03-16 12:28:22 -07:00
mergify[bot]	0c804e2ef2	Use types for CLI value names (#8878 ) (#8886 ) automerge	2020-03-16 09:23:15 -07:00
mergify[bot]	cbe36a7a63	Lower error level of InvalidTickCount (bp #8880 ) (#8885 ) automerge	2020-03-16 08:53:33 -07:00
mergify[bot]	174825fecf	Fix faucet command in run.sh (#8883 ) (#8884 ) automerge	2020-03-16 05:38:31 -07:00
Michael Vines	c7e80bebdc	Bump version to 1.0.8	2020-03-15 21:50:06 -07:00
Michael Vines	57abc370fa	Quietly re-introduce legacy --voting-keypair/--identity-keypair args for v1.0.6 compatibility (cherry picked from commit `49706172f3`)	2020-03-15 20:21:23 -07:00
mergify[bot]	42ab421a87	Rename leader to validator, drop _keypair/-keypair suffix (#8876 ) (#8877 ) automerge	2020-03-15 14:14:32 -07:00
mergify[bot]	9ab27291f5	Validators now run a full gossip node while looking for a snapshot (#8872 ) automerge	2020-03-15 10:29:13 -07:00
mergify[bot]	27e4e9cb8d	Cli: Add resolve-signer subcommand (#8859 ) (#8870 ) automerge	2020-03-14 22:14:24 -07:00
mergify[bot]	b0cf65dfc8	Refactor system tests dir structure (#8865 ) (#8869 ) automerge	2020-03-14 19:38:19 -07:00
Dan Albert	bfc97c682c	Apply s/faucet-keypair/faucet renaming to net scripts (#8868 ) automerge	2020-03-14 18:14:49 -07:00
mergify[bot]	231c9b25d1	Rework validator vote account defaults to half voting fees (#8858 ) automerge	2020-03-13 21:47:32 -07:00
Michael Vines	f536d805ed	Rework cluster metrics dashboard to support the modern clusters (cherry picked from commit `5f5824d78d`) # Conflicts: # system-test/automation_utils.sh	2020-03-13 20:18:06 -07:00
Michael Vines	cb6e7426a4	Drop :8899 port from http://devnet.solana.com references (cherry picked from commit `9e0a26628b`)	2020-03-13 20:14:02 -07:00
mergify[bot]	71f391ae04	Enable any signer in various cli subcommands (#8844 ) (#8856 ) automerge	2020-03-13 18:11:05 -07:00
mergify[bot]	12bf34f059	Remove holding Poh lock (#8838 ) (#8850 ) automerge	2020-03-13 16:56:22 -07:00
Grimes	a3a14d6b5b	Docs: Use correct flag in keypair verification instructions (#8677 ) automerge (cherry picked from commit `542691c4e4`)	2020-03-13 16:00:33 -07:00
Michael Vines	5e22db017a	Surface the missing pubkey (cherry picked from commit `ce88602ced`)	2020-03-13 16:00:01 -07:00
mergify[bot]	2cd09957b4	Cli: add subcommand to withdraw from vote account (#8550 ) (#8840 ) automerge	2020-03-13 15:31:47 -07:00
mergify[bot]	d1ec6c0b8b	Upgrade to Rust 1.42 (#8836 ) (#8839 ) automerge	2020-03-13 14:29:18 -07:00
Michael Vines	7722723400	Bump version to 1.0.7	2020-03-13 08:10:09 -07:00
Trent Nelson	4a42cfc42a	Cli error cleanup 1.0 (#8834 ) * Don't use move semantics if not needed (#8793) * SDK: Deboilerplate `TransportError` with thiserror * Enable interchange between `TransportError` and `ClientError` * SDK: Retval consistency between `Client` and `AsyncClient` traits * Client: Introduce/use `Result` type * Client: Remove unused `RpcResponseIn` type * Client: Rename `RpcResponse` to more appropriate `RpcResult` * Client: Death to `io::Result` return types * Client: Struct-ify `ClientError` * Client: Add optional `command` parameter to `ClientError` * RpcClient: Stop abusing `io::Error` (low-fruit) * ClientError: Use `thiserror`'s `Display` impl * Extend `RpcError`'s utility * RpcClient: Stop abusing `io::Error` (the rest) * CLI: Shim `main()` so we can `Display` format errors * claputils: format input validator errors with `Display` They are intended to be displayed to users * SDK: `thiserror` for hash and sig parse erros * Keygen: Shim main to format errors with `Display` * SDK: `thiserror` for `InstructionError` * CLI: `thiserror` for `CliError` * CLI: Format user messages with `Display` * Client: Tweak `Display` for `ClientError` * RpcClient: Improve messaging when TX cannot be confirmed * fu death io res retval * CLI/Keygen - fix shell return value on error * Tweak `InstructionError` `Display` messages as per review * Cleanup hackjob return code fix * Embrace that which you hate most * Too much... Co-authored-by: Jack May <jack@solana.com>	2020-03-13 07:42:25 -06:00
mergify[bot]	976d744b0d	Enable conservative out-of-bound snapshot cleaning (#8811 ) (#8832 ) automerge	2020-03-12 23:40:17 -07:00
mergify[bot]	62de02c8d4	Avoid early clean and bad snapshot by ref-counting (#8724 ) (#8831 ) automerge	2020-03-12 23:09:45 -07:00
mergify[bot]	2741a5ce3b	Move history out of intro (bp #8825 ) (#8826 ) automerge	2020-03-12 18:21:56 -07:00
mergify[bot]	0c818acd90	Move intro out of README (#8735 ) (#8827 ) automerge (cherry picked from commit `c0fd017906`) Co-authored-by: Greg Fitzgerald <greg@solana.com>	2020-03-12 18:49:51 -06:00
Michael Vines	4d04915302	Update source markdown in CI	2020-03-12 14:56:00 -07:00
Michael Vines	7576411c59	Don't tell users to install unreleased software versions	2020-03-12 14:55:46 -07:00
Michael Vines	ab2bed6e8f	Add all of docs/src	2020-03-12 14:45:48 -07:00
mergify[bot]	f66a5ba579	Update keys (#8821 ) (#8822 ) automerge	2020-03-12 14:15:32 -07:00
Dan Albert	9253d786f8	Revert over-zealous versioning text (#8819 ) automerge	2020-03-12 09:49:26 -07:00
mergify[bot]	d1be1ee49e	Fix malformed doc link (#8817 ) (#8818 ) automerge	2020-03-12 09:46:26 -07:00
mergify[bot]	65833eacd8	Update keys (#8814 ) (#8816 ) automerge	2020-03-12 09:39:31 -07:00
Dan Albert	921994e588	Restrict which nodes can run stable and coverage (#8807 ) automerge	2020-03-11 19:18:10 -07:00
mergify[bot]	91dfd962e5	Update keys (#8800 ) (#8806 ) automerge	2020-03-11 19:04:46 -07:00
Trent Nelson	18067dcb55	CLI: Plumb nonce-stored fees (#8750 ) automerge (cherry picked from commit `0422af2aae`)	2020-03-11 13:09:40 -07:00
Greg Fitzgerald	7501e1b0f0	Update keys (#8791 ) (cherry picked from commit `a0d0d4c0e9`)	2020-03-11 13:08:48 -07:00
mergify[bot]	1bd2c1de20	Notify when validator balance goes below 1 SOL (#8792 ) automerge	2020-03-11 11:47:08 -07:00
mergify[bot]	a9ef20d43f	Update keys (#8783 ) (#8784 ) automerge	2020-03-10 21:39:34 -07:00
mergify[bot]	00a9d66fed	Improve install messaging (#8477 ) (#8785 ) automerge	2020-03-10 20:30:39 -07:00
mergify[bot]	7508ffe703	Add checkmark (#8781 ) (#8782 ) automerge	2020-03-10 18:32:53 -07:00
Michael Vines	6c2368bfc9	Permit fee-payer/split-stake accounts to be the same when using --seed (cherry picked from commit `775ce3a03f`)	2020-03-10 16:16:26 -07:00
Michael Vines	6bcb797260	Revert to a computed `websocket_url` value when `json_rpc_url` is changed (cherry picked from commit `f655372b08`)	2020-03-10 16:12:23 -07:00
mergify[bot]	329945e56f	Print approved msg after Ledger interaction (#8771 ) (#8775 ) automerge	2020-03-10 15:06:43 -07:00
mergify[bot]	1f80346d97	watchtower: Add --monitor-active-stake flag (bp #8765 ) (#8769 ) automerge	2020-03-10 13:27:19 -07:00
mergify[bot]	38e661d7ba	CLI Nonce account access dereplicode (#8743 ) (#8767 ) automerge	2020-03-10 13:15:18 -07:00
mergify[bot]	592c4efd17	Configure the cluster right after installing it (#8761 ) (#8762 ) automerge	2020-03-10 10:14:55 -07:00
mergify[bot]	1629745bd3	Move docs to imperative mood (bp #8643 ) (#8763 ) automerge	2020-03-10 09:50:59 -07:00
mergify[bot]	02e078c22e	Fix Gitbook's markdown rendering (#8759 ) (#8760 ) automerge	2020-03-10 08:09:51 -07:00
Michael Vines	ea9e7c710a	Bump version to 1.0.6	2020-03-09 22:38:57 -07:00
Michael Vines	ee5aa0c1a2	Support monitoring multiple validators	2020-03-09 21:07:32 -07:00
HM	55dee2901e	watchtower: flag to suppress duplicate notifications (#8549 ) * watchtower: send error message as notification * watchtower: send all clear notification when ok again * watchtower: add twilio sms notifications * watchtower: flag to suppress duplicate notifications * remove trailing space character * changes as per suggestion on PR * all changes together * cargo fmt	2020-03-09 21:07:32 -07:00
Michael Vines	2b0824d18b	watchtower now uses cli-config/ (cherry picked from commit `74e7da214a`)	2020-03-09 20:40:18 -07:00
Michael Vines	b0709ea0ac	Move cli-config default out of cli/ into cli-config/ (cherry picked from commit `756ba07b16`)	2020-03-09 20:40:18 -07:00
Michael Vines	81b5499f7a	Rename 'url' to 'json_rpc_url' (cherry picked from commit `5c236fd06c`)	2020-03-09 20:40:18 -07:00
Michael Vines	c96ce99705	Wait for 80% of the active stake instead of 75%	2020-03-09 20:31:44 -07:00
mergify[bot]	8dcd2d11e1	Docs: Fix missing CLI `usage.md` (#8745 ) (#8749 ) automerge	2020-03-09 20:05:24 -07:00
mergify[bot]	777aae9059	Remove --derivation-path option (#8741 ) (#8747 ) automerge	2020-03-09 19:17:14 -07:00
mergify[bot]	4dd1340236	Limit waiting-message to single- or last-chunk apdus (#8730 ) (#8733 ) automerge	2020-03-09 15:44:17 -07:00
mergify[bot]	889b06e1d4	Allow passing of program_id to programs (bp #8639 ) (#8670 ) automerge	2020-03-09 12:36:34 -07:00
mergify[bot]	f511296ee8	Fix account tests (#8615 ) (#8729 ) automerge	2020-03-09 11:19:14 -07:00
mergify[bot]	c19eb717b4	Update rust-bpf to include matching cargo (#8598 ) (#8727 ) automerge	2020-03-09 10:42:19 -07:00
mergify[bot]	dd54369e1b	Cli: Fix create-with-seed (#8706 ) (#8723 ) automerge	2020-03-09 00:16:29 -07:00
Michael Vines	bb563b4835	Permit --no-untrusted-rpc without any --trusted-validators	2020-03-08 22:34:53 -07:00
mergify[bot]	d061fadede	Add purge function to ledger-tool (#8719 ) (#8720 ) (cherry picked from commit `de34187db0`) Co-authored-by: sakridge <sakridge@gmail.com>	2020-03-08 21:38:38 -07:00
mergify[bot]	577cd2bd3a	Remove unnecessary snapshot hash verification (#8711 ) (#8714 ) (cherry picked from commit `f992ee3140`) Co-authored-by: Michael Vines <mvines@gmail.com>	2020-03-07 14:41:45 -07:00
mergify[bot]	9d1c8657e2	Groom ledger-tool bounds output (#8710 ) (#8715 ) (cherry picked from commit `acb23e8ef0`) Co-authored-by: Michael Vines <mvines@gmail.com>	2020-03-07 14:15:50 -07:00
mergify[bot]	67216ac7f5	Split staker infos (#8683 ) automerge	2020-03-06 23:44:06 -08:00
mergify[bot]	e63b24c39f	Remove ask-seed-phrase arg from validator, archiver (#8697 ) (#8713 ) automerge	2020-03-06 23:34:20 -08:00
Greg Fitzgerald	d963f7afb4	Set withdrawer keys (#8707 ) automerge	2020-03-06 21:21:00 -08:00
mergify[bot]	a07bf4870a	Fix Ledger docs (#8705 ) (#8708 ) automerge	2020-03-06 21:03:15 -08:00
mergify[bot]	8422d4b3fb	Disable setLogFilter RPC API by default (#8693 ) (#8699 ) automerge	2020-03-06 18:16:04 -08:00
mergify[bot]	ff4731cce2	RPC: Add `getFeeCalculatorForBlockhash` method call (#8687 ) (#8698 ) automerge	2020-03-06 17:25:33 -08:00
mergify[bot]	659aaafff6	Ledger: return specific error if ledger-app-solana is not running (#8684 ) (#8695 ) automerge	2020-03-06 16:28:53 -08:00
mergify[bot]	175651c497	Add shred version support to net/ (#8689 ) (#8694 ) automerge	2020-03-06 15:41:16 -08:00
mergify[bot]	085e773f27	Properly escape current version (#8686 ) (#8688 ) (cherry picked from commit `a78a339407`) Co-authored-by: Michael Vines <mvines@gmail.com>	2020-03-06 14:37:41 -07:00
Michael Vines	5d3140c040	Cargo.lock	2020-03-06 14:25:54 -07:00
Michael Vines	d8d7238920	Bump version to 1.0.5	2020-03-06 14:14:53 -07:00
mergify[bot]	418c3cd4cf	Delete Archiver installation docs (#8665 ) (#8669 ) automerge	2020-03-06 12:49:52 -08:00
Michael Vines	9f532cb50f	Publish initial snapshot hash in gossip on validator startup (#8678 )	2020-03-05 23:01:35 -07:00
Michael Vines	c35f4927cd	Bump version to 1.0.4	2020-03-05 16:10:24 -07:00
Michael Vines	2d0f4b5c8c	Bump version to 1.0.3	2020-03-05 13:05:12 -07:00
Grimes	fe59ee61e6	Add find_incomplete_slots (#8654 ) (#8671 ) automerge	2020-03-05 11:52:20 -08:00
Michael Vines	bda2acb06d	SDK: Allow `RecentBlockhashes` to hold the entire `BlockhashQueue` (#8632 ) (#8672 ) automerge (cherry picked from commit `9d667db634`) Co-authored-by: Grimes <39311140+solana-grimes@users.noreply.github.com>	2020-03-05 12:09:13 -07:00
Grimes	ac3fe1da02	Fix docs build (#8663 ) (#8667 ) automerge	2020-03-05 10:25:43 -08:00
Michael Vines	57813041d2	Remove solana-archiver from release artifacts	2020-03-05 11:02:18 -07:00
Grimes	7e446da82c	Choose a cluster before checking balances (#8666 ) (#8668 ) automerge	2020-03-05 10:00:53 -08:00
Grimes	d94f5c94a3	Nonce fees 1.0 (#8664 ) automerge	2020-03-05 09:41:45 -08:00
Michael Vines	4d9aee4794	Always and fully normalize stored 0-lamport accts. (#8657 ) (#8661 ) (cherry picked from commit `f146c92e88`) Co-authored-by: Michael Vines <mvines@gmail.com>	2020-03-05 09:49:26 -07:00
Grimes	f32c152bce	genesis: Add support for multiple bootstrap validators (#8656 ) (#8658 ) automerge	2020-03-05 00:53:40 -08:00
Grimes	5caf9110e0	Add --bind-address and --rpc-bind-address validator arguments (#8628 ) (#8655 ) automerge	2020-03-04 22:39:38 -08:00
Grimes	d1c80143ea	Add NextSlotsIterator (#8652 ) (#8653 ) automerge	2020-03-04 21:59:04 -08:00
Grimes	bb132df121	Add orphan iterator (#8636 ) (#8651 ) automerge	2020-03-04 20:02:46 -08:00
Grimes	b3af1c7e57	Connect partition flag to validators (#8622 ) (#8646 ) automerge	2020-03-04 18:16:54 -08:00
Grimes	14cba53338	Install Solana before using it (#8638 ) (#8644 ) automerge	2020-03-04 16:08:25 -08:00
Grimes	dc8abbe9e3	`solana catchup` now detects when you try to catchup to yourself (#8635 ) (#8641 ) automerge	2020-03-04 16:00:20 -08:00
carllin	dd06001ed8	compute_bank_stats needs to return newly computed ForkStats (#8608 ) (#8634 ) * Fix broken confirmation, add test (cherry picked from commit `f23dc11a86`) Co-authored-by: carllin <wumu727@gmail.com>	2020-03-04 14:28:17 -08:00
Grimes	298b7de2e2	`catchup` now supports an optional RPC URL argument for validators with private RPC (#8629 ) (#8633 ) automerge	2020-03-04 12:48:18 -08:00
Grimes	74cbc6953f	Expose executable and rent_epoch in AccountInfo (#8619 ) (#8631 ) automerge	2020-03-04 12:09:14 -08:00
mergify[bot]	27e5203078	Fix sendTransaction doc (#8625 ) (#8626 ) automerge	2020-03-04 08:53:30 -08:00
mergify[bot]	73787e162c	Keep GenesisConfig binary compatible with v0.23 (#8617 ) (#8620 ) automerge	2020-03-04 02:02:28 -08:00
mergify[bot]	74ae40be41	Check transaction signatures in entry verify (#8596 ) (#8614 ) automerge	2020-03-03 22:10:35 -08:00
mergify[bot]	8dd58e9cea	Remove accounts hack and correctly restore accounts store counts (#8569 ) (#8613 ) automerge	2020-03-03 22:05:50 -08:00
mergify[bot]	7d86179c60	Split signature throughput tracking out of `FeeCalculator` (#8447 ) (#8610 ) automerge	2020-03-03 20:36:52 -08:00
mergify[bot]	8115cf1360	Docs: Update CLI offline cmds (#8548 ) (#8558 ) automerge	2020-03-03 20:26:28 -08:00
Michael Vines	3e5d45053d	Cargo.lock	2020-03-03 21:14:00 -07:00
mergify[bot]	061319f35a	Add commitment flag to `vote-account` and `validators` commands (#8597 ) (#8606 ) automerge	2020-03-03 17:47:14 -08:00
mergify[bot]	dc75837500	Use fs::rename which is much faster than move_items (#8579 ) (#8595 ) automerge	2020-03-03 11:23:11 -08:00
mergify[bot]	dfe26f5275	Add Ledger wallet installation instructions (#8581 ) (#8592 ) automerge	2020-03-03 08:29:12 -08:00
mergify[bot]	f4385f7ad2	Do periodic inbound cleaning for rooted slots (#8436 ) (#8583 ) automerge	2020-03-02 23:04:57 -08:00
Michael Vines	8df4cf2895	Don't advertise the snapshot that the node was loaded from snapshot_packager_service will remove this snapshot hash from gossip when it starts	2020-03-02 19:16:06 -07:00
mergify[bot]	dad62e132e	Remove granularity from genesis (bp #8514 ) (#8518 ) automerge	2020-03-02 15:42:46 -08:00
Michael Vines	0d4131ae68	Bump version to 1.0.2	2020-03-02 15:38:26 -07:00
mergify[bot]	a2539e1892	Allow stake lockup fields to be updated independently (#8568 ) (#8574 ) automerge	2020-03-02 14:19:18 -08:00
Michael Vines	210659e6c3	Only gossip packaged snapshots (cherry picked from commit `42c5c59800`)	2020-03-02 14:21:04 -07:00
Michael Vines	15a0fb1fa9	--wait-for-supermajority now requires a SLOT (cherry picked from commit `13551885c2`)	2020-03-02 13:40:52 -07:00
Michael Vines	4db31f5b48	Add ---no-untrusted-rpc flag (cherry picked from commit `d677e83ed4`)	2020-03-02 11:53:15 -07:00
mergify[bot]	b38a535c63	Hack to skip cleanup_dead_slots upon snapshot load (#8562 ) automerge	2020-03-02 10:40:41 -08:00
Michael Vines	218b02aaf8	Demote gossip responder error log messages to info!	2020-03-01 10:42:32 -07:00
mergify[bot]	d6e7cbd4e8	feat: implement websocket_url as a get/set-able global parameter w/ value computation (#8553 ) automerge	2020-03-01 01:09:09 -08:00