fix: Clear draft when leaving a group or when Self is removed.

Fix #6175. This is not a very bad bug (even WhatsApp has the same bug, and WhatsApp rarely has any bugs at all!), so I think it's fine not to add regression tests. I did test that it works on an Android phone. Clearing the draft when a different device leaves the group or when Self is removed from the group works. What doesn't work is clearing the draft when leaving a group from this device, because after leaving, the UI still has the draft in the now-hidden input bar, and calls set_draft() when the user leaves the activity, re-adding the draft. We could fix this by loading the chat in do_set_draft(), calling, `is_self_in_chat()`, and not setting the draft if self isn't in the chat. This is two extra database calls everytime the user leaves a group and goes back to the chat list - not a big deal, but I'm nonetheless not sure it's worth it for this super arcane bug. What do you think?
2026-04-06 23:52:11 +03:00 · 2024-11-05 20:41:22 +01:00
86 changed files with 2498 additions and 3110 deletions
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -1,104 +0,0 @@
-name: Test Nix flake
-
-on:
-  pull_request:
-    paths:
-      - flake.nix
-      - flake.lock
-  push:
-    paths:
-      - flake.nix
-      - flake.lock
-    branches:
-      - main
-
-jobs:
-  format:
-    name: check flake formatting
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          show-progress: false
-      - uses: DeterminateSystems/nix-installer-action@main
-      - uses: DeterminateSystems/magic-nix-cache-action@main
-      - run: nix fmt
-
-      # Check that formatting does not change anything.
-      - run: git diff --exit-code
-
-  build:
-    name: nix build
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        installable:
-          # Ensure `nix develop` will work.
-          - devShells.x86_64-linux.default
-
-          - deltachat-python
-          - deltachat-repl
-          - deltachat-repl-aarch64-linux
-          - deltachat-repl-arm64-v8a-android
-          - deltachat-repl-armeabi-v7a-android
-          - deltachat-repl-armv6l-linux
-          - deltachat-repl-armv7l-linux
-          - deltachat-repl-i686-linux
-          - deltachat-repl-win32
-          - deltachat-repl-win64
-          - deltachat-repl-x86_64-linux
-          - deltachat-rpc-client
-          - deltachat-rpc-server
-          - deltachat-rpc-server-aarch64-linux
-          - deltachat-rpc-server-aarch64-linux-wheel
-          - deltachat-rpc-server-arm64-v8a-android
-          - deltachat-rpc-server-armeabi-v7a-android
-          - deltachat-rpc-server-armv6l-linux
-          - deltachat-rpc-server-armv6l-linux-wheel
-          - deltachat-rpc-server-armv7l-linux
-          - deltachat-rpc-server-armv7l-linux-wheel
-          - deltachat-rpc-server-i686-linux
-          - deltachat-rpc-server-i686-linux-wheel
-          - deltachat-rpc-server-source
-          - deltachat-rpc-server-win32
-          - deltachat-rpc-server-win32-wheel
-          - deltachat-rpc-server-win64
-          - deltachat-rpc-server-win64-wheel
-          - deltachat-rpc-server-x86_64-linux
-          - deltachat-rpc-server-x86_64-linux-wheel
-          - docs
-          - libdeltachat
-          - python-docs
-
-          # Fails to build
-          #- deltachat-repl-x86_64-android
-          #- deltachat-repl-x86-android
-          #- deltachat-rpc-server-x86_64-android
-          #- deltachat-rpc-server-x86-android
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          show-progress: false
-      - uses: DeterminateSystems/nix-installer-action@main
-      - uses: DeterminateSystems/magic-nix-cache-action@main
-      - run: nix build .#${{ matrix.installable }}
-
-  build-macos:
-    name: nix build on macOS
-    runs-on: macos-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        installable:
-          - deltachat-rpc-server-aarch64-darwin
-
-          # Fails to bulid
-          # - deltachat-rpc-server-x86_64-darwin
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          show-progress: false
-      - uses: DeterminateSystems/nix-installer-action@main
-      - uses: DeterminateSystems/magic-nix-cache-action@main
-      - run: nix build .#${{ matrix.installable }}
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,115 +1,5 @@
 # Changelog

-## [1.151.1] - 2024-11-24
-
-### Build system
-
- nix: Fix deltachat-rpc-server-source installable.
-
-### CI
-
- Test building nix targets to avoid regressions.
-
-## [1.151.0] - 2024-11-23
-
-### Features / Changes
-
- Trim whitespace from scanned QR codes.
- Use privacy-preserving webxdc addresses ([#6237](https://github.com/deltachat/deltachat-core-rust/pull/6237)).
- Webxdc notify ([#6230](https://github.com/deltachat/deltachat-core-rust/pull/6230)).
- `update.href` api ([#6248](https://github.com/deltachat/deltachat-core-rust/pull/6248)).
-
-### Fixes
-
- Never notify SELF ([#6251](https://github.com/deltachat/deltachat-core-rust/pull/6251)).
-
-### Build system
-
- Use underscores in deltachat-rpc-server source package filename.
- Remove imap_tools from dependencies ([#6238](https://github.com/deltachat/deltachat-core-rust/pull/6238)).
- cargo: Update Rustls from 0.23.14 to 0.23.18.
- deps: Bump curve25519-dalek from 3.2.0 to 4.1.3 in /fuzz.
-
-### Documentation
-
- Move style guide into a separate document.
- Clarify DC_EVENT_INCOMING_WEBXDC_NOTIFY documentation ([#6249](https://github.com/deltachat/deltachat-core-rust/pull/6249)).
-
-### Tests
-
- After AEAP, 1:1 chat isn't available for sending, but unprotected groups are ([#6222](https://github.com/deltachat/deltachat-core-rust/pull/6222)).
-
-## [1.150.0] - 2024-11-21
-
-### API-Changes
-
- Correct `DC_CERTCK_ACCEPT_*` values and docs ([#6176](https://github.com/deltachat/deltachat-core-rust/pull/6176)).
-
-### Features / Changes
-
- Use Rustls for connections with strict TLS ([#6186](https://github.com/deltachat/deltachat-core-rust/pull/6186)).
- Experimental header protection for Autocrypt.
- Tune down io-not-started info in connectivity-html.
- Clear config cache in start_io() ([#6228](https://github.com/deltachat/deltachat-core-rust/pull/6228)).
- Line-before-quote may be up to 120 character long instead of 80.
- Use i.delta.chat in qr codes ([#6223](https://github.com/deltachat/deltachat-core-rust/pull/6223)).
-
-### Fixes
-
- Prevent accidental wrong-password-notifications ([#6122](https://github.com/deltachat/deltachat-core-rust/pull/6122)).
- Remove footers from "Show Full Message...".
- `send_msg_to_smtp`: Return Ok if `smtp` row is deleted in parallel.
- Only add "member added/removed" messages if they actually do that ([#5992](https://github.com/deltachat/deltachat-core-rust/pull/5992)).
- Do not fail to load chatlist summary if the message got removed.
- deltachat-jsonrpc: Do not fail `get_chatlist_items_by_entries` if the message got deleted.
- deltachat-jsonrpc: Do not fail `get_draft` if draft is deleted.
- `markseen_msgs`: Limit not yet downloaded messages state to `InNoticed` ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
- Update state of message when fully downloading it.
- Dont overwrite equal drafts ([#6212](https://github.com/deltachat/deltachat-core-rust/pull/6212)).
-
-### Build system
-
- Silence RUSTSEC-2024-0384.
- cargo: Update rPGP from 0.13.2 to 0.14.0.
- cargo: Update futures-concurrency from 7.6.1 to 7.6.2.
- Update flake.nix ([#6200](https://github.com/deltachat/deltachat-core-rust/pull/6200))
-
-### CI
-
- Ensure flake is formatted.
-
-### Documentation
-
- Scanned proxies are added and normalized.
-
-### Refactor
-
- Fix nightly clippy warnings.
- Remove slicing from `is_file_in_use`.
- Remove unnecessary `allow(clippy::indexing_slicing)`.
- Don't use slicing in `remove_nonstandard_footer`.
- Do not use slicing in `qr` module.
- Eliminate indexing in `compute_mailinglist_name`.
- Remove unused `allow(clippy::indexing_slicing)`.
- Remove indexing/slicing from `remove_message_footer`.
- Remove indexing/slicing from `squash_attachment_parts`.
- Remove unused allow(clippy::indexing_slicing) for heuristically_parse_ndn.
- Remove indexing/slicing from `parse_message_ids`.
- Remove slicing from `remove_bottom_quote`.
- Get rid of slicing in `remove_top_quote`.
- Remove unused allow(clippy::indexing_slicing) from 'truncate'.
- Forbid clippy::indexing_slicing.
- Forbid clippy::string_slice.
- Delete chat in a transaction.
- Fix typo in `context.rs`.
-
-### Tests
-
- Remove all calls to print() from deltachat-rpc-client tests.
- Reply to protected group from MUA.
- Mark not downloaded message as seen ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
- Mark `receive_imf()` as only for tests and "internals" feature ([#6235](https://github.com/deltachat/deltachat-core-rust/pull/6235)).
-
 ## [1.149.0] - 2024-11-05

 ### Build system
@@ -4591,10 +4481,14 @@ Bugfix release attempting to fix the [iOS build error](https://github.com/deltac

 - new qr-code type `DC_QR_WEBRTC` #1779

+- new `dc_chatlist_get_summary2()` api #1771
+
 - tweak smtp-timeout for larger mails #1782

 - optimize read-receipts #1765

+- Allow http scheme for DCACCOUNT URLs #1770
+
 - improve tests #1769

 - bug fixes #1766 #1772 #1773 #1775 #1776 #1777
@@ -5339,6 +5233,3 @@ https://github.com/deltachat/deltachat-core-rust/pulls?q=is%3Apr+is%3Aclosed
 [1.148.6]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.5..v1.148.6
 [1.148.7]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.6..v1.148.7
 [1.149.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.7..v1.149.0
-[1.150.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.149.0..v1.150.0
-[1.151.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.150.0..v1.151.0
-[1.151.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.0..v1.151.1
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,6 +1,6 @@
-# Contributing to Delta Chat
+# Contributing guidelines

-## Bug reports
+## Reporting bugs

 If you found a bug, [report it on GitHub](https://github.com/deltachat/deltachat-core-rust/issues).
 If the bug you found is specific to
@@ -9,114 +9,178 @@ If the bug you found is specific to
 [Desktop](https://github.com/deltachat/deltachat-desktop/issues),
 report it to the corresponding repository.

-## Feature proposals
+## Proposing features

 If you have a feature request, create a new topic on the [forum](https://support.delta.chat/).

-## Code contributions
+## Contributing code

-If you want to contribute a code, follow this guide.
+If you want to contribute a code, [open a Pull Request](https://github.com/deltachat/deltachat-core-rust/pulls).

-1. **Select an issue to work on.**
-
-   If you have an write access to the repository, assign the issue to yourself.
-   Otherwise state in the comment that you are going to work on the issue
-   to avoid duplicate work.
-
-   If the issue does not exist yet, create it first.
-
-2. **Write the code.**
-
-   Follow the [coding conventions](STYLE.md) when writing the code.
-
-3. **Commit the code.**
-
-   If you have write access to the repository,
-   push a branch named `<username>/<feature>`
-   so it is clear who is responsible for the branch,
-   and open a PR proposing to merge the change.
-   Otherwise fork the repository and create a branch in your fork.
-
-   Commit messages follow the [Conventional Commits] notation.
-   We use [git-cliff] to generate the changelog from commit messages before the release.
-
-   With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
-
-   The following prefix types are used:
-   - `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
-   - `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
-   - `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
-   - `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
-   - `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
-   - `test`: Test changes and improvements to the testing framework.
-   - `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
-   - `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
-   - `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
-   - `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
-
-   Release preparation commits are marked as "chore(release): prepare for X.Y.Z"
-   as described in [releasing guide](RELEASE.md).
-
-   Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
-
-   Alternatively, breaking changes can go into the commit description, e.g.:
-
-   ```
-   fix: Fix race condition and db corruption when a message was received during backup
-
-   BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
-   ```
-
-4. [**Open a Pull Request**](https://github.com/deltachat/deltachat-core-rust/pulls).
-
-   Refer to the corresponding issue.
-
-   If you intend to squash merge the PR from the web interface,
-   make sure the PR title follows the conventional commits notation
-   as it will end up being a commit title.
-   Otherwise make sure each commit title follows the conventional commit notation.
-
-5. **Make sure all CI checks succeed.**
-
-   CI runs the tests and checks code formatting.
-
-   While it is running, self-review your PR to make sure all the changes you expect are there
-   and there are no accidentally commited unrelated changes and files.
-
-   Push the necessary fixup commits or force-push to your branch if needed.
-
-6. **Ask for review.**
-
-   Use built-in GitHub feature to request a review from suggested reviewers.
-
-   If you do not have write access to the repository, ask for review in the comments.
-
-7. **Merge the PR.**
-
-   Once a PR has an approval and passes CI, it can be merged.
-
-   PRs from a branch created in the main repository,
-   i.e. authored by those who have write access, are merged by their authors.
-
-   This is to ensure that PRs are merged as intended by the author,
-   e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
-
-   If you have multiple changes in one PR, do a rebase merge.
-   Otherwise, you should usually do a squash merge.
-
-   If PR author does not have write access to the repository,
-   maintainers who reviewed the PR can merge it.
-
-   If you do not have access to the repository and created a PR from a fork,
-   ask the maintainers to merge the PR and say how it should be merged.
-
-## Other ways to contribute
-
-For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).
+If you have write access to the repository,
+push a branch named `<username>/<feature>`
+so it is clear who is responsible for the branch,
+and open a PR proposing to merge the change.
+Otherwise fork the repository and create a branch in your fork.

 You can find the list of good first issues
 and a link to this guide
 on the contributing page: <https://github.com/deltachat/deltachat-core-rust/contribute>

+### Coding conventions
+
+We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
+Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
+
+### SQL
+
+Multi-line SQL statements should be formatted using string literals,
+for example
+```
+    sql.execute(
+        "CREATE TABLE messages (
+id INTEGER PRIMARY KEY AUTOINCREMENT,
+text TEXT DEFAULT '' NOT NULL -- message text
+) STRICT",
+    )
+    .await?;
+```
+
+Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
+or [`indoc!](https://docs.rs/indoc).
+Do not escape newlines like this:
+```
+    sql.execute(
+        "CREATE TABLE messages ( \
+id INTEGER PRIMARY KEY AUTOINCREMENT, \
+text TEXT DEFAULT '' NOT NULL \
+) STRICT",
+    )
+    .await?;
+```
+Escaping newlines
+is prone to errors like this if space before backslash is missing:
+```
+"SELECT foo\
+ FROM bar"
+```
+Literal above results in `SELECT fooFROM bar` string.
+This style also does not allow using `--` comments.
+
+---
+
+Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
+to make SQLite check column types.
+
+Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
+This avoids reuse of the row IDs and can avoid dangerous bugs
+like forwarding wrong message because the message was deleted
+and another message took its row ID.
+
+Declare all new columns as `NOT NULL`
+and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
+Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
+If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
+Use `HAVING COUNT(*) > 0` clause
+to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
+
+Don't delete unused columns too early, but maybe after several months/releases, unused columns are
+still used by older versions, so deleting them breaks downgrading the core or importing a backup in
+an older version. Also don't change the column type, consider adding a new column with another name
+instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
+keyword doesn't help here.
+
+### Commit messages
+
+Commit messages follow the [Conventional Commits] notation.
+We use [git-cliff] to generate the changelog from commit messages before the release.
+
+With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
+
+The following prefix types are used:
+- `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
+- `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
+- `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
+- `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
+- `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
+- `test`: Test changes and improvements to the testing framework.
+- `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
+- `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
+- `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
+- `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
+
+Release preparation commits are marked as "chore(release): prepare for vX.Y.Z".
+
+If you intend to squash merge the PR from the web interface,
+make sure the PR title follows the conventional commits notation
+as it will end up being a commit title.
+Otherwise make sure each commit title follows the conventional commit notation.
+
+#### Breaking Changes
+
+Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
+
+Alternatively, breaking changes can go into the commit description, e.g.:
+
+```
+fix: Fix race condition and db corruption when a message was received during backup
+
+BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
+```
+
+#### Multiple Changes in one PR
+
+If you have multiple changes in one PR, create multiple conventional commits, and then do a rebase merge. Otherwise, you should usually do a squash merge.
+
+[Clippy]: https://doc.rust-lang.org/clippy/
 [Conventional Commits]: https://www.conventionalcommits.org/
 [git-cliff]: https://git-cliff.org/
+
+### Errors
+
+Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
+When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
+capitalize it but do not add a full stop as the contexts will be separated by `:`.
+For example:
+```
+.with_context(|| format!("Unable to trash message {msg_id}"))
+```
+
+All errors should be handled in one of these ways:
+- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
+- With `.log_err().ok()`.
+- Bubbled up with `?`.
+
+`backtrace` feature is enabled for `anyhow` crate
+and `debug = 1` option is set in the test profile.
+This allows to run `RUST_BACKTRACE=1 cargo test`
+and get a backtrace with line numbers in resultified tests
+which return `anyhow::Result`.
+
+### Logging
+
+For logging, use `info!`, `warn!` and `error!` macros.
+Log messages should be capitalized and have a full stop in the end. For example:
+```
+info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
+```
+
+Format anyhow errors with `{:#}` to print all the contexts like this:
+```
+error!(context, "Failed to set selfavatar timestamp: {err:#}.");
+```
+
+### Reviewing
+
+Once a PR has an approval and passes CI, it can be merged.
+
+PRs from a branch created in the main repository, i.e. authored by those who have write access, are merged by their authors.
+This is to ensure that PRs are merged as intended by the author,
+e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
+
+If you do not have access to the repository and created a PR from a fork,
+ask the maintainers to merge the PR and say how it should be merged.
+
+## Other ways to contribute
+
+For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -53,15 +53,6 @@ dependencies = [
 "subtle",
 ]

-[[package]]
-name = "aes-kw"
-version = "0.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "69fa2b352dcefb5f7f3a5fb840e02665d311d878955380515e4fd50095dd3d8c"
-dependencies = [
- "aes",
-]
-
 [[package]]
 name = "ahash"
 version = "0.8.11"
@@ -560,6 +551,18 @@ version = "2.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"

+[[package]]
+name = "bitvec"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1bc2832c24239b0141d5674bb9174f9d68a8b5b3f2753311927c172ca46f7e9c"
+dependencies = [
+ "funty",
+ "radium",
+ "tap",
+ "wyz",
+]
+
 [[package]]
 name = "blake2"
 version = "0.10.6"
@@ -1224,7 +1227,7 @@ dependencies = [
 "cpufeatures",
 "curve25519-dalek-derive",
 "digest",
- "fiat-crypto 0.2.6",
+ "fiat-crypto",
 "rustc_version",
 "subtle",
 "zeroize",
@@ -1306,7 +1309,7 @@ dependencies = [

 [[package]]
 name = "deltachat"
-version = "1.151.1"
+version = "1.149.0"
 dependencies = [
 "anyhow",
 "async-broadcast",
@@ -1372,7 +1375,6 @@ dependencies = [
 "serde_json",
 "serde_urlencoded",
 "sha-1",
- "sha2",
 "shadowsocks",
 "smallvec",
 "strum",
@@ -1407,7 +1409,7 @@ dependencies = [

 [[package]]
 name = "deltachat-jsonrpc"
-version = "1.151.1"
+version = "1.149.0"
 dependencies = [
 "anyhow",
 "async-channel 2.3.1",
@@ -1432,7 +1434,7 @@ dependencies = [

 [[package]]
 name = "deltachat-repl"
-version = "1.151.1"
+version = "1.149.0"
 dependencies = [
 "anyhow",
 "deltachat",
@@ -1448,7 +1450,7 @@ dependencies = [

 [[package]]
 name = "deltachat-rpc-server"
-version = "1.151.1"
+version = "1.149.0"
 dependencies = [
 "anyhow",
 "deltachat",
@@ -1477,7 +1479,7 @@ dependencies = [

 [[package]]
 name = "deltachat_ffi"
-version = "1.151.1"
+version = "1.149.0"
 dependencies = [
 "anyhow",
 "deltachat",
@@ -1770,17 +1772,6 @@ dependencies = [
 "zeroize",
 ]

-[[package]]
-name = "ed448-goldilocks"
-version = "0.7.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87b5fa9e9e3dd5fe1369f380acd3dcdfa766dbd0a1cd5b048fb40e38a6a78e79"
-dependencies = [
- "fiat-crypto 0.1.20",
- "hex",
- "subtle",
-]
-
 [[package]]
 name = "either"
 version = "1.10.0"
@@ -2146,12 +2137,6 @@ dependencies = [
 "subtle",
 ]

-[[package]]
-name = "fiat-crypto"
-version = "0.1.20"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77"
-
 [[package]]
 name = "fiat-crypto"
 version = "0.2.6"
@@ -2170,12 +2155,6 @@ dependencies = [
 "windows-sys 0.52.0",
 ]

-[[package]]
-name = "fixedbitset"
-version = "0.5.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1d674e81391d1e1ab681a28d99df07927c6d4aa5b027d7da16ba32d1d21ecd99"
-
 [[package]]
 name = "flate2"
 version = "1.0.28"
@@ -2232,6 +2211,12 @@ dependencies = [
 name = "format-flowed"
 version = "1.0.0"

+[[package]]
+name = "funty"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c"
+
 [[package]]
 name = "futures"
 version = "0.3.31"
@@ -2271,11 +2256,11 @@ dependencies = [

 [[package]]
 name = "futures-concurrency"
-version = "7.6.2"
+version = "7.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d9b724496da7c26fcce66458526ce68fc2ecf4aaaa994281cf322ded5755520c"
+checksum = "4b14ac911e85d57c5ea6eef76d7b4d4a3177ecd15f4bea2e61927e9e3823e19f"
 dependencies = [
- "fixedbitset",
+ "bitvec",
 "futures-buffered",
 "futures-core",
 "futures-lite 1.13.0",
@@ -3122,7 +3107,7 @@ dependencies = [
 "netlink-packet-route",
 "netlink-sys",
 "netwatch",
- "num_enum 0.7.3",
+ "num_enum",
 "once_cell",
 "parking_lot",
 "pin-project",
@@ -3877,34 +3862,13 @@ dependencies = [
 "libc",
 ]

-[[package]]
-name = "num_enum"
-version = "0.5.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1f646caf906c20226733ed5b1374287eb97e3c2a5c227ce668c1f2ce20ae57c9"
-dependencies = [
- "num_enum_derive 0.5.11",
-]
-
 [[package]]
 name = "num_enum"
 version = "0.7.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179"
 dependencies = [
- "num_enum_derive 0.7.3",
-]
-
-[[package]]
-name = "num_enum_derive"
-version = "0.5.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dcbff9bc912032c62bf65ef1d5aea88983b420f4f839db1e9b0c281a25c9c799"
-dependencies = [
- "proc-macro-crate 1.3.1",
- "proc-macro2",
- "quote",
- "syn 1.0.109",
+ "num_enum_derive",
 ]

 [[package]]
@@ -3913,7 +3877,7 @@ version = "0.7.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56"
 dependencies = [
- "proc-macro-crate 3.2.0",
+ "proc-macro-crate",
 "proc-macro2",
 "quote",
 "syn 2.0.86",
@@ -4210,15 +4174,14 @@ dependencies = [

 [[package]]
 name = "pgp"
-version = "0.14.0"
+version = "0.13.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49bb5f77aaf8ae1ed6fe63387ad513b10cd44716fd053ecc227b9493c096cdb2"
+checksum = "4a6c842436d5fa2b59eac1e9b3d142b50bfff99c1744c816b1f4c2ac55a20754"
 dependencies = [
 "aes",
 "aes-gcm",
- "aes-kw",
 "argon2",
- "base64 0.21.7",
+ "base64 0.22.1",
 "bitfield",
 "block-padding",
 "blowfish",
@@ -4234,7 +4197,6 @@ dependencies = [
 "crc24",
 "curve25519-dalek",
 "derive_builder",
- "derive_more",
 "des",
 "digest",
 "dsa",
@@ -4254,7 +4216,7 @@ dependencies = [
 "nom",
 "num-bigint-dig",
 "num-traits",
- "num_enum 0.5.11",
+ "num_enum",
 "ocb3",
 "p256",
 "p384",
@@ -4271,7 +4233,6 @@ dependencies = [
 "thiserror",
 "twofish",
 "x25519-dalek",
- "x448",
 "zeroize",
 ]

@@ -4488,7 +4449,7 @@ dependencies = [
 "iroh-metrics",
 "libc",
 "netwatch",
- "num_enum 0.7.3",
+ "num_enum",
 "rand 0.8.5",
 "serde",
 "smallvec",
@@ -4590,23 +4551,13 @@ dependencies = [
 "elliptic-curve",
 ]

-[[package]]
-name = "proc-macro-crate"
-version = "1.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919"
-dependencies = [
- "once_cell",
- "toml_edit 0.19.15",
-]
-
 [[package]]
 name = "proc-macro-crate"
 version = "3.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8ecf48c7ca261d60b74ab1a7b20da18bede46776b2e55535cb958eb595c5fa7b"
 dependencies = [
- "toml_edit 0.22.20",
+ "toml_edit",
 ]

 [[package]]
@@ -4841,6 +4792,12 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "640c9bd8497b02465aeef5375144c26062e0dcd5939dfcbb0f5db76cb8c17c73"

+[[package]]
+name = "radium"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09"
+
 [[package]]
 name = "radix_trie"
 version = "0.2.1"
@@ -5270,9 +5227,9 @@ dependencies = [

 [[package]]
 name = "rustls"
-version = "0.23.18"
+version = "0.23.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c9cc1d47e243d655ace55ed38201c19ae02c148ae56412ab8750e8f0166ab7f"
+checksum = "415d9944693cb90382053259f89fbb077ea730ad7273047ec63b19bc9b160ba8"
 dependencies = [
 "log",
 "once_cell",
@@ -6117,6 +6074,12 @@ version = "4.3.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "094c9f64d6de9a8506b1e49b63a29333b37ed9e821ee04be694d431b3264c3c5"

+[[package]]
+name = "tap"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
+
 [[package]]
 name = "tempfile"
 version = "3.13.0"
@@ -6400,7 +6363,7 @@ dependencies = [
 "serde",
 "serde_spanned",
 "toml_datetime",
- "toml_edit 0.22.20",
+ "toml_edit",
 ]

 [[package]]
@@ -6412,17 +6375,6 @@ dependencies = [
 "serde",
 ]

-[[package]]
-name = "toml_edit"
-version = "0.19.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421"
-dependencies = [
- "indexmap",
- "toml_datetime",
- "winnow 0.5.40",
-]
-
 [[package]]
 name = "toml_edit"
 version = "0.22.20"
@@ -6433,7 +6385,7 @@ dependencies = [
 "serde",
 "serde_spanned",
 "toml_datetime",
- "winnow 0.6.18",
+ "winnow",
 ]

 [[package]]
@@ -7167,15 +7119,6 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"

-[[package]]
-name = "winnow"
-version = "0.5.40"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876"
-dependencies = [
- "memchr",
-]
-
 [[package]]
 name = "winnow"
 version = "0.6.18"
@@ -7219,6 +7162,15 @@ dependencies = [
 "windows 0.52.0",
 ]

+[[package]]
+name = "wyz"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed"
+dependencies = [
+ "tap",
+]
+
 [[package]]
 name = "x25519-dalek"
 version = "2.0.1"
@@ -7231,17 +7183,6 @@ dependencies = [
 "zeroize",
 ]

-[[package]]
-name = "x448"
-version = "0.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c4cd07d4fae29e07089dbcacf7077cd52dce7760125ca9a4dd5a35ca603ffebb"
-dependencies = [
- "ed448-goldilocks",
- "hex",
- "rand_core 0.5.1",
-]
-
 [[package]]
 name = "x509-parser"
 version = "0.16.0"
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.151.1"
+version = "1.149.0"
 edition = "2021"
 license = "MPL-2.0"
 rust-version = "1.77"
@@ -76,7 +76,7 @@ num-traits = { workspace = true }
 once_cell = { workspace = true }
 parking_lot = "0.12"
 percent-encoding = "2.3"
-pgp = { version = "0.14.0", default-features = false }
+pgp = { version = "0.13.2", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
 quick-xml = "0.37"
@@ -92,7 +92,6 @@ serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
 sha-1 = "0.10"
-sha2 = "0.10"
 shadowsocks = { version = "1.21.0", default-features = false, features = ["aead-cipher-2022"] }
 smallvec = "1.13.2"
 strum = "0.26"
--- a/STYLE.md
+++ b/STYLE.md
@@ -1,98 +0,0 @@
-# Coding conventions
-
-We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
-Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
-
-[Clippy]: https://doc.rust-lang.org/clippy/
-
-## SQL
-
-Multi-line SQL statements should be formatted using string literals,
-for example
-```
-    sql.execute(
-        "CREATE TABLE messages (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-text TEXT DEFAULT '' NOT NULL -- message text
-) STRICT",
-    )
-    .await?;
-```
-
-Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
-or [`indoc!](https://docs.rs/indoc).
-Do not escape newlines like this:
-```
-    sql.execute(
-        "CREATE TABLE messages ( \
-id INTEGER PRIMARY KEY AUTOINCREMENT, \
-text TEXT DEFAULT '' NOT NULL \
-) STRICT",
-    )
-    .await?;
-```
-Escaping newlines
-is prone to errors like this if space before backslash is missing:
-```
-"SELECT foo\
- FROM bar"
-```
-Literal above results in `SELECT fooFROM bar` string.
-This style also does not allow using `--` comments.
-
---
-
-Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
-to make SQLite check column types.
-
-Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
-This avoids reuse of the row IDs and can avoid dangerous bugs
-like forwarding wrong message because the message was deleted
-and another message took its row ID.
-
-Declare all new columns as `NOT NULL`
-and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
-Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
-If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
-Use `HAVING COUNT(*) > 0` clause
-to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
-
-Don't delete unused columns too early, but maybe after several months/releases, unused columns are
-still used by older versions, so deleting them breaks downgrading the core or importing a backup in
-an older version. Also don't change the column type, consider adding a new column with another name
-instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
-keyword doesn't help here.
-
-## Errors
-
-Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
-When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
-capitalize it but do not add a full stop as the contexts will be separated by `:`.
-For example:
-```
-.with_context(|| format!("Unable to trash message {msg_id}"))
-```
-
-All errors should be handled in one of these ways:
- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
- With `.log_err().ok()`.
- Bubbled up with `?`.
-
-`backtrace` feature is enabled for `anyhow` crate
-and `debug = 1` option is set in the test profile.
-This allows to run `RUST_BACKTRACE=1 cargo test`
-and get a backtrace with line numbers in resultified tests
-which return `anyhow::Result`.
-
-## Logging
-
-For logging, use `info!`, `warn!` and `error!` macros.
-Log messages should be capitalized and have a full stop in the end. For example:
-```
-info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
-```
-
-Format anyhow errors with `{:#}` to print all the contexts like this:
-```
-error!(context, "Failed to set selfavatar timestamp: {err:#}.");
-```
--- a/assets/root-certificates/letsencrypt/isrgrootx1.der
+++ b/assets/root-certificates/letsencrypt/isrgrootx1.der
--- a/deltachat-contact-tools/src/lib.rs
+++ b/deltachat-contact-tools/src/lib.rs
@@ -15,8 +15,7 @@
    clippy::explicit_into_iter_loop,
    clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
-#![cfg_attr(not(test), forbid(clippy::string_slice))]
+#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
 #![allow(
    clippy::match_bool,
    clippy::mixed_read_write_in_expression,
--- a/deltachat-ffi/Cargo.toml
+++ b/deltachat-ffi/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.151.1"
+version = "1.149.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"
--- a/deltachat-ffi/deltachat.h
+++ b/deltachat-ffi/deltachat.h
@@ -506,11 +506,6 @@ char*           dc_get_blobdir               (const dc_context_t* context);
 *                    to not mess up with non-delivery-reports or read-receipts.
 *                    0=no limit (default).
 *                    Changes affect future messages only.
- * - `protect_autocrypt` = Enable Header Protection for Autocrypt header.
- *                    This is an experimental option not compatible to other MUAs
- *                    and older Delta Chat versions.
- *                    1 = enable.
- *                    0 = disable (default).
 * - `gossip_period` = How often to gossip Autocrypt keys in chats with multiple recipients, in
 *                    seconds. 2 days by default.
 *                    This is not supposed to be changed by UIs and only used for testing.
@@ -1154,13 +1149,7 @@ uint32_t dc_send_videochat_invitation (dc_context_t* context, uint32_t chat_id);
 * @memberof dc_context_t
 * @param context The context object.
 * @param msg_id The ID of the message with the webxdc instance.
- * @param json program-readable data, this is created in JS land as:
- *     - `payload`: any JS object or primitive.
- *     - `info`: optional informational message. Will be shown in chat and may be added as system notification.
- *       note that also users that are not notified explicitly get the `info` or `summary` update shown in the chat.
- *     - `document`: optional document name. shown eg. in title bar.
- *     - `summary`: optional summary. shown beside app icon.
- *     - `notify`: optional array of other users `selfAddr` to be notified e.g. by a sound about `info` or `summary`.
+ * @param json program-readable data, the actual payload
 * @param descr The user-visible description of JSON data,
 *     in case of a chess game, e.g. the move.
 * @return 1=success, 0=error
@@ -2547,8 +2536,6 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
 * - DC_QR_PROXY with dc_lot_t::text1=address:
 *   ask the user if they want to use the given proxy.
 *   if so, call dc_set_config_from_qr() and restart I/O.
- *   On success, dc_get_config(context, "proxy_url")
- *   will contain the new proxy in normalized form as the first element.
 *
 * - DC_QR_ADDR with dc_lot_t::id=Contact ID:
 *   e-mail address scanned, optionally, a draft message could be set in
@@ -4203,7 +4190,6 @@ char*             dc_msg_get_webxdc_blob      (const dc_msg_t* msg, const char*
 *   true if the Webxdc should get full internet access, including Webrtc.
 *   currently, this is only true for encrypted Webxdc's in the self chat
 *   that have requested internet access in the manifest.
- * - self_addr: address to be used for `window.webxdc.selfAddr` in JS land.
 *
 * @memberof dc_msg_t
 * @param msg The webxdc instance.
@@ -4518,24 +4504,6 @@ int             dc_msg_get_info_type          (const dc_msg_t* msg);
 #define         DC_INFO_INVALID_UNENCRYPTED_MAIL  13
 #define         DC_INFO_WEBXDC_INFO_MESSAGE       32

-
-/**
- * Get link attached to an webxdc info message.
- * The info message needs to be of type DC_INFO_WEBXDC_INFO_MESSAGE.
- *
- * Typically, this is used to set `document.location.href` in JS land.
- *
- * Webxdc apps can define the link by setting `update.href` when sending and update,
- * see dc_send_webxdc_status_update().
- *
- * @memberof dc_msg_t
- * @param msg The info message object.
- *     Not: the webxdc instance.
- * @return The link to be set to `document.location.href` in JS land.
- *     Returns NULL if there is no link attached to the info message and on errors.
- */
-char*           dc_msg_get_webxdc_href        (const dc_msg_t* msg);
-
 /**
 * Check if a message is still in creation. A message is in creation between
 * the calls to dc_prepare_msg() and dc_send_msg().
@@ -5736,14 +5704,8 @@ int64_t         dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define DC_CERTCK_STRICT 1

 /**
- * Accept certificates that are expired, self-signed
- * or not valid for the server hostname.
- */
-#define DC_CERTCK_ACCEPT_INVALID 2
-
-/**
- * For API compatibility only: Treat this as DC_CERTCK_ACCEPT_INVALID on reading.
- * Must not be written.
+ * Accept invalid certificates, including self-signed ones
+ * or having incorrect hostname.
 */
 #define DC_CERTCK_ACCEPT_INVALID_CERTIFICATES 3

@@ -6104,33 +6066,12 @@ void dc_event_unref(dc_event_t* event);
 #define DC_EVENT_INCOMING_REACTION        2002


-
-/**
- * A webxdc wants an info message or a changed summary to be notified.
- *
- * @param data1 contact_id ID of the contact sending.
- * @param data2 (int) msg_id _and_ (char*) text_to_notify.
- *      - dc_event_get_data2_int() returns the msg_id,
- *        referring to the webxdc-info-message, if there is any.
- *        Sometimes no webxdc-info-message is added to the chat
- *        and yet a notification is sent; in this case the msg_id
- *        of the webxdc instance is returned.
- *      - dc_event_get_data2_str() returns text_to_notify,
- *        the text that shall be shown in the notification.
- *        string must be passed to dc_str_unref() afterwards.
- */
-#define DC_EVENT_INCOMING_WEBXDC_NOTIFY   2003
-
-
 /**
 * There is a fresh message. Typically, the user will show an notification
 * when receiving this message.
 *
 * There is no extra #DC_EVENT_MSGS_CHANGED event send together with this event.
 *
- * If the message is a webxdc info message,
- * dc_msg_get_parent() returns the webxdc instance the notification belongs to.
- *
 * @param data1 (int) chat_id
 * @param data2 (int) msg_id
 */
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -542,7 +542,6 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
        EventType::MsgsChanged { .. } => 2000,
        EventType::ReactionsChanged { .. } => 2001,
        EventType::IncomingReaction { .. } => 2002,
-        EventType::IncomingWebxdcNotify { .. } => 2003,
        EventType::IncomingMsg { .. } => 2005,
        EventType::IncomingMsgBunch { .. } => 2006,
        EventType::MsgsNoticed { .. } => 2008,
@@ -603,8 +602,7 @@ pub unsafe extern "C" fn dc_event_get_data1_int(event: *mut dc_event_t) -> libc:
        | EventType::ErrorSelfNotInGroup(_)
        | EventType::AccountsBackgroundFetchDone => 0,
        EventType::ChatlistChanged => 0,
-        EventType::IncomingReaction { contact_id, .. }
-        | EventType::IncomingWebxdcNotify { contact_id, .. } => contact_id.to_u32() as libc::c_int,
+        EventType::IncomingReaction { contact_id, .. } => contact_id.to_u32() as libc::c_int,
        EventType::MsgsChanged { chat_id, .. }
        | EventType::ReactionsChanged { chat_id, .. }
        | EventType::IncomingMsg { chat_id, .. }
@@ -683,7 +681,6 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
        EventType::MsgsChanged { msg_id, .. }
        | EventType::ReactionsChanged { msg_id, .. }
        | EventType::IncomingReaction { msg_id, .. }
-        | EventType::IncomingWebxdcNotify { msg_id, .. }
        | EventType::IncomingMsg { msg_id, .. }
        | EventType::MsgDelivered { msg_id, .. }
        | EventType::MsgFailed { msg_id, .. }
@@ -778,9 +775,6 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
            .to_c_string()
            .unwrap_or_default()
            .into_raw(),
-        EventType::IncomingWebxdcNotify { text, .. } => {
-            text.to_c_string().unwrap_or_default().into_raw()
-        }
        #[allow(unreachable_patterns)]
        #[cfg(test)]
        _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
@@ -3687,17 +3681,6 @@ pub unsafe extern "C" fn dc_msg_get_info_type(msg: *mut dc_msg_t) -> libc::c_int
    ffi_msg.message.get_info_type() as libc::c_int
 }

-#[no_mangle]
-pub unsafe extern "C" fn dc_msg_get_webxdc_href(msg: *mut dc_msg_t) -> *mut libc::c_char {
-    if msg.is_null() {
-        eprintln!("ignoring careless call to dc_msg_get_webxdc_href()");
-        return "".strdup();
-    }
-
-    let ffi_msg = &*msg;
-    ffi_msg.message.get_webxdc_href().strdup()
-}
-
 #[no_mangle]
 pub unsafe extern "C" fn dc_msg_is_increation(msg: *mut dc_msg_t) -> libc::c_int {
    if msg.is_null() {
--- a/deltachat-jsonrpc/Cargo.toml
+++ b/deltachat-jsonrpc/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.151.1"
+version = "1.149.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 default-run = "deltachat-jsonrpc-server"
--- a/deltachat-jsonrpc/src/api.rs
+++ b/deltachat-jsonrpc/src/api.rs
@@ -1135,11 +1135,9 @@ impl CommandApi {
    async fn get_message(&self, account_id: u32, msg_id: u32) -> Result<MessageObject> {
        let ctx = self.get_context(account_id).await?;
        let msg_id = MsgId::new(msg_id);
-        let message_object = MessageObject::from_msg_id(&ctx, msg_id)
+        MessageObject::from_msg_id(&ctx, msg_id)
            .await
-            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))?
-            .with_context(|| format!("Message {msg_id} does not exist for account {account_id}"))?;
-        Ok(message_object)
+            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))
    }

    async fn get_message_html(&self, account_id: u32, message_id: u32) -> Result<Option<String>> {
@@ -1163,10 +1161,7 @@ impl CommandApi {
            messages.insert(
                message_id,
                match message_result {
-                    Ok(Some(message)) => MessageLoadResult::Message(message),
-                    Ok(None) => MessageLoadResult::LoadingError {
-                        error: "Message does not exist".to_string(),
-                    },
+                    Ok(message) => MessageLoadResult::Message(message),
                    Err(error) => MessageLoadResult::LoadingError {
                        error: format!("{error:#}"),
                    },
@@ -2004,7 +1999,9 @@ impl CommandApi {
    async fn get_draft(&self, account_id: u32, chat_id: u32) -> Result<Option<MessageObject>> {
        let ctx = self.get_context(account_id).await?;
        if let Some(draft) = ChatId::new(chat_id).get_draft(&ctx).await? {
-            Ok(MessageObject::from_msg_id(&ctx, draft.get_id()).await?)
+            Ok(Some(
+                MessageObject::from_msg_id(&ctx, draft.get_id()).await?,
+            ))
        } else {
            Ok(None)
        }
@@ -2173,9 +2170,7 @@ impl CommandApi {
                .await?;
        }
        let msg_id = chat::send_msg(&ctx, ChatId::new(chat_id), &mut message).await?;
-        let message = MessageObject::from_msg_id(&ctx, msg_id)
-            .await?
-            .context("Just sent message does not exist")?;
+        let message = MessageObject::from_msg_id(&ctx, msg_id).await?;
        Ok((msg_id.to_u32(), message))
    }

--- a/deltachat-jsonrpc/src/api/types/chat_list.rs
+++ b/deltachat-jsonrpc/src/api/types/chat_list.rs
@@ -88,17 +88,11 @@ pub(crate) async fn get_chat_list_item_by_id(

    let (last_updated, message_type) = match last_msgid {
        Some(id) => {
-            if let Some(last_message) =
-                deltachat::message::Message::load_from_db_optional(ctx, id).await?
-            {
-                (
-                    Some(last_message.get_timestamp() * 1000),
-                    Some(last_message.get_viewtype().into()),
-                )
-            } else {
-                // Message may be deleted by the time we try to load it.
-                (None, None)
-            }
+            let last_message = deltachat::message::Message::load_from_db(ctx, id).await?;
+            (
+                Some(last_message.get_timestamp() * 1000),
+                Some(last_message.get_viewtype().into()),
+            )
        }
        None => (None, None),
    };
--- a/deltachat-jsonrpc/src/api/types/events.rs
+++ b/deltachat-jsonrpc/src/api/types/events.rs
@@ -106,14 +106,6 @@ pub enum EventType {
        reaction: String,
    },

-    /// Incoming webxdc info or summary update, should be notified.
-    #[serde(rename_all = "camelCase")]
-    IncomingWebxdcNotify {
-        contact_id: u32,
-        msg_id: u32,
-        text: String,
-    },
-
    /// There is a fresh message. Typically, the user will show an notification
    /// when receiving this message.
    ///
@@ -327,15 +319,6 @@ impl From<CoreEventType> for EventType {
                msg_id: msg_id.to_u32(),
                reaction: reaction.as_str().to_string(),
            },
-            CoreEventType::IncomingWebxdcNotify {
-                contact_id,
-                msg_id,
-                text,
-            } => IncomingWebxdcNotify {
-                contact_id: contact_id.to_u32(),
-                msg_id: msg_id.to_u32(),
-                text,
-            },
            CoreEventType::IncomingMsg { chat_id, msg_id } => IncomingMsg {
                chat_id: chat_id.to_u32(),
                msg_id: msg_id.to_u32(),
--- a/deltachat-jsonrpc/src/api/types/message.rs
+++ b/deltachat-jsonrpc/src/api/types/message.rs
@@ -112,10 +112,8 @@ enum MessageQuote {
 }

 impl MessageObject {
-    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Option<Self>> {
-        let Some(message) = Message::load_from_db_optional(context, msg_id).await? else {
-            return Ok(None);
-        };
+    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Self> {
+        let message = Message::load_from_db(context, msg_id).await?;

        let sender_contact = Contact::get_by_id(context, message.get_from_id())
            .await
@@ -185,7 +183,7 @@ impl MessageObject {
            .map(Into::into)
            .collect();

-        let message_object = MessageObject {
+        Ok(MessageObject {
            id: msg_id.to_u32(),
            chat_id: message.get_chat_id().to_u32(),
            from_id: message.get_from_id().to_u32(),
@@ -246,8 +244,7 @@ impl MessageObject {
            reactions,

            vcard_contact: vcard_contacts.first().cloned(),
-        };
-        Ok(Some(message_object))
+        })
    }
 }

--- a/deltachat-jsonrpc/src/api/types/qr.rs
+++ b/deltachat-jsonrpc/src/api/types/qr.rs
@@ -6,161 +6,87 @@ use typescript_type_def::TypeDef;
 #[serde(rename = "Qr", rename_all = "camelCase")]
 #[serde(tag = "kind")]
 pub enum QrObject {
-    /// Ask the user whether to verify the contact.
-    ///
-    /// If the user agrees, pass this QR code to [`crate::securejoin::join_securejoin`].
    AskVerifyContact {
-        /// ID of the contact.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// Ask the user whether to join the group.
    AskVerifyGroup {
-        /// Group name.
        grpname: String,
-        /// Group ID.
        grpid: String,
-        /// ID of the contact.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// Contact fingerprint is verified.
-    ///
-    /// Ask the user if they want to start chatting.
    FprOk {
-        /// Contact ID.
        contact_id: u32,
    },
-    /// Scanned fingerprint does not match the last seen fingerprint.
    FprMismatch {
-        /// Contact ID.
        contact_id: Option<u32>,
    },
-    /// The scanned QR code contains a fingerprint but no e-mail address.
    FprWithoutAddr {
-        /// Key fingerprint.
        fingerprint: String,
    },
-    /// Ask the user if they want to create an account on the given domain.
    Account {
-        /// Server domain name.
        domain: String,
    },
-    /// Provides a backup that can be retrieved using iroh-net based backup transfer protocol.
    Backup2 {
-        /// Authentication token.
        auth_token: String,
-        /// Iroh node address.
+
        node_addr: String,
    },
-    /// Ask the user if they want to use the given service for video chats.
    WebrtcInstance {
        domain: String,
        instance_pattern: String,
    },
-    /// Ask the user if they want to use the given proxy.
-    ///
-    /// Note that HTTP(S) URLs without a path
-    /// and query parameters are treated as HTTP(S) proxy URL.
-    /// UI may want to still offer to open the URL
-    /// in the browser if QR code contents
-    /// starts with `http://` or `https://`
-    /// and the QR code was not scanned from
-    /// the proxy configuration screen.
    Proxy {
-        /// Proxy URL.
-        ///
-        /// This is the URL that is going to be added.
        url: String,
-        /// Host extracted from the URL to display in the UI.
        host: String,
-        /// Port extracted from the URL to display in the UI.
        port: u16,
    },
-    /// Contact address is scanned.
-    ///
-    /// Optionally, a draft message could be provided.
-    /// Ask the user if they want to start chatting.
    Addr {
-        /// Contact ID.
        contact_id: u32,
-        /// Draft message.
        draft: Option<String>,
    },
-    /// URL scanned.
-    ///
-    /// Ask the user if they want to open a browser or copy the URL to clipboard.
-    Url { url: String },
-    /// Text scanned.
-    ///
-    /// Ask the user if they want to copy the text to clipboard.
-    Text { text: String },
-    /// Ask the user if they want to withdraw their own QR code.
+    Url {
+        url: String,
+    },
+    Text {
+        text: String,
+    },
    WithdrawVerifyContact {
-        /// Contact ID.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// Ask the user if they want to withdraw their own group invite QR code.
    WithdrawVerifyGroup {
-        /// Group name.
        grpname: String,
-        /// Group ID.
        grpid: String,
-        /// Contact ID.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// Ask the user if they want to revive their own QR code.
    ReviveVerifyContact {
-        /// Contact ID.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// Ask the user if they want to revive their own group invite QR code.
    ReviveVerifyGroup {
-        /// Contact ID.
        grpname: String,
-        /// Group ID.
        grpid: String,
-        /// Contact ID.
        contact_id: u32,
-        /// Fingerprint of the contact key as scanned from the QR code.
        fingerprint: String,
-        /// Invite number.
        invitenumber: String,
-        /// Authentication code.
        authcode: String,
    },
-    /// `dclogin:` scheme parameters.
-    ///
-    /// Ask the user if they want to login with the email address.
-    Login { address: String },
+    Login {
+        address: String,
+    },
 }

 impl From<Qr> for QrObject {
@@ -215,6 +141,7 @@ impl From<Qr> for QrObject {
                auth_token,
            } => QrObject::Backup2 {
                node_addr: serde_json::to_string(node_addr).unwrap_or_default(),
+
                auth_token,
            },
            Qr::WebrtcInstance {
--- a/deltachat-jsonrpc/src/api/types/webxdc.rs
+++ b/deltachat-jsonrpc/src/api/types/webxdc.rs
@@ -35,8 +35,6 @@ pub struct WebxdcMessageInfo {
    source_code_url: Option<String>,
    /// True if full internet access should be granted to the app.
    internet_access: bool,
-    /// Address to be used for `window.webxdc.selfAddr` in JS land.
-    self_addr: String,
 }

 impl WebxdcMessageInfo {
@@ -52,7 +50,6 @@ impl WebxdcMessageInfo {
            summary,
            source_code_url,
            internet_access,
-            self_addr,
        } = message.get_webxdc_info(context).await?;

        Ok(Self {
@@ -62,7 +59,6 @@ impl WebxdcMessageInfo {
            summary: maybe_empty_string_to_option(summary),
            source_code_url: maybe_empty_string_to_option(source_code_url),
            internet_access,
-            self_addr,
        })
    }
 }
--- a/deltachat-jsonrpc/src/lib.rs
+++ b/deltachat-jsonrpc/src/lib.rs
@@ -1,6 +1,4 @@
 #![recursion_limit = "256"]
-#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
-#![cfg_attr(not(test), forbid(clippy::string_slice))]
 pub mod api;
 pub use yerpc;

--- a/deltachat-jsonrpc/typescript/package.json
+++ b/deltachat-jsonrpc/typescript/package.json
@@ -58,5 +58,5 @@
  },
  "type": "module",
  "types": "dist/deltachat.d.ts",
-  "version": "1.151.1"
+  "version": "1.149.0"
 }
--- a/deltachat-repl/Cargo.toml
+++ b/deltachat-repl/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.151.1"
+version = "1.149.0"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/deltachat/deltachat-core-rust"
--- a/deltachat-rpc-client/README.md
+++ b/deltachat-rpc-client/README.md
@@ -25,8 +25,7 @@ $ pip install .
 ## Testing

 1. Build `deltachat-rpc-server` with `cargo build -p deltachat-rpc-server`.
-2. Install tox `pip install -U tox`
-3. Run `CHATMAIL_DOMAIN=nine.testrun.org PATH="../target/debug:$PATH" tox`.
+2. Run `CHATMAIL_DOMAIN=nine.testrun.org PATH="../target/debug:$PATH" tox`.

 Additional arguments to `tox` are passed to pytest, e.g. `tox -- -s` does not capture test output.

--- a/deltachat-rpc-client/pyproject.toml
+++ b/deltachat-rpc-client/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

 [project]
 name = "deltachat-rpc-client"
-version = "1.151.1"
+version = "1.149.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
    "Development Status :: 5 - Production/Stable",
@@ -24,6 +24,9 @@ classifiers = [
    "Topic :: Communications :: Email"
 ]
 readme = "README.md"
+dependencies = [
+    "imap-tools",
+]

 [tool.setuptools.package-data]
 deltachat_rpc_client = [
--- a/deltachat-rpc-client/src/deltachat_rpc_client/direct_imap.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/direct_imap.py
@@ -1,3 +1,7 @@
+"""
+Internal Python-level IMAP handling used by the tests.
+"""
+
 from __future__ import annotations

 import imaplib
@@ -7,11 +11,17 @@ import ssl
 from contextlib import contextmanager
 from typing import TYPE_CHECKING

-import pytest
-from imap_tools import AND, Header, MailBox, MailMessage, MailMessageFlags, errors
+from imap_tools import (
+    AND,
+    Header,
+    MailBox,
+    MailMessage,
+    MailMessageFlags,
+    errors,
+)

 if TYPE_CHECKING:
-    from deltachat_rpc_client import Account
+    from . import Account

 FLAGS = b"FLAGS"
 FETCH = b"FETCH"
@@ -19,8 +29,6 @@ ALL = "1:*"


 class DirectImap:
-    """Internal Python-level IMAP handling."""
-
    def __init__(self, account: Account) -> None:
        self.account = account
        self.logid = account.get_config("displayname") or id(account)
@@ -204,8 +212,3 @@ class IdleManager:
    def done(self):
        """send idle-done to server if we are currently in idle mode."""
        return self.direct_imap.conn.idle.stop()
-
-
-@pytest.fixture
-def direct_imap():
-    return DirectImap
--- a/deltachat-rpc-client/tests/test_iroh_webxdc.py
+++ b/deltachat-rpc-client/tests/test_iroh_webxdc.py
@@ -7,8 +7,8 @@ If you want to debug iroh at rust-trace/log level set
    RUST_LOG=iroh_net=trace,iroh_gossip=trace
 """

-import logging
 import os
+import sys
 import threading
 import time

@@ -25,7 +25,9 @@ def path_to_webxdc(request):


 def log(msg):
-    logging.info(msg)
+    print()
+    print("*" * 80 + "\n" + msg + "\n", file=sys.stderr)
+    print()


 def setup_realtime_webxdc(ac1, ac2, path_to_webxdc):
--- a/deltachat-rpc-client/tests/test_something.py
+++ b/deltachat-rpc-client/tests/test_something.py
@@ -12,6 +12,7 @@ import pytest

 from deltachat_rpc_client import Contact, EventType, Message, events
 from deltachat_rpc_client.const import DownloadState, MessageState
+from deltachat_rpc_client.direct_imap import DirectImap
 from deltachat_rpc_client.rpc import JsonRpcError


@@ -56,8 +57,8 @@ def test_acfactory(acfactory) -> None:
            if event.progress == 1000:  # Success
                break
        else:
-            logging.info(event)
-    logging.info("Successful configuration")
+            print(event)
+    print("Successful configuration")


 def test_configure_starttls(acfactory) -> None:
@@ -535,7 +536,7 @@ def test_reaction_to_partially_fetched_msg(acfactory, tmp_path):
    assert list(reactions.reactions_by_contact.values())[0] == [react_str]


-def test_reactions_for_a_reordering_move(acfactory, direct_imap):
+def test_reactions_for_a_reordering_move(acfactory):
    """When a batch of messages is moved from Inbox to DeltaChat folder with a single MOVE command,
    their UIDs may be reordered (e.g. Gmail is known for that) which led to that messages were
    processed by receive_imf in the wrong order, and, particularly, reactions were processed before
@@ -559,7 +560,7 @@ def test_reactions_for_a_reordering_move(acfactory, direct_imap):
    msg1.send_reaction(react_str).wait_until_delivered()

    logging.info("moving messages to ac2's DeltaChat folder in the reverse order")
-    ac2_direct_imap = direct_imap(ac2)
+    ac2_direct_imap = DirectImap(ac2)
    ac2_direct_imap.connect()
    for uid in sorted([m.uid for m in ac2_direct_imap.get_all_messages()], reverse=True):
        ac2_direct_imap.conn.move(uid, "DeltaChat")
--- a/deltachat-rpc-client/tests/test_webxdc.py
+++ b/deltachat-rpc-client/tests/test_webxdc.py
@@ -24,7 +24,6 @@ def test_webxdc(acfactory) -> None:
        "name": "Chess Board",
        "sourceCodeUrl": None,
        "summary": None,
-        "selfAddr": webxdc_info["selfAddr"],
    }

    status_updates = message.get_webxdc_status_updates()
--- a/deltachat-rpc-client/tox.ini
+++ b/deltachat-rpc-client/tox.ini
@@ -16,7 +16,6 @@ deps =
    pytest
    pytest-timeout
    pytest-xdist
-    imap-tools

 [testenv:lint]
 skipsdist = True
--- a/deltachat-rpc-server/Cargo.toml
+++ b/deltachat-rpc-server/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.151.1"
+version = "1.149.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"
--- a/deltachat-rpc-server/npm-package/package.json
+++ b/deltachat-rpc-server/npm-package/package.json
@@ -15,5 +15,5 @@
  },
  "type": "module",
  "types": "index.d.ts",
-  "version": "1.151.1"
+  "version": "1.149.0"
 }
--- a/deny.toml
+++ b/deny.toml
@@ -15,9 +15,6 @@ ignore = [
    # Unmaintained proc-macro-error
    # <https://rustsec.org/advisories/RUSTSEC-2024-0370>
    "RUSTSEC-2024-0370",
-
-    # Unmaintained instant
-    "RUSTSEC-2024-0384",
 ]

 [bans]
@@ -33,14 +30,10 @@ skip = [
     { name = "event-listener", version = "2.5.3" },
     { name = "event-listener", version = "4.0.3" },
     { name = "fastrand", version = "1.9.0" },
-     { name = "fiat-crypto", version = "0.1.20" },
     { name = "futures-lite", version = "1.13.0" },
     { name = "getrandom", version = "<0.2" },
     { name = "http", version = "0.2.12" },
     { name = "nix", version = "0.26.4" },
-     { name = "num_enum_derive", version = "0.5.11" },
-     { name = "num_enum", version = "0.5.11" },
-     { name = "proc-macro-crate", version = "1.3.1" },
     { name = "quick-error", version = "<2.0" },
     { name = "rand_chacha", version = "<0.3" },
     { name = "rand_core", version = "<0.6" },
@@ -51,7 +44,6 @@ skip = [
     { name = "sync_wrapper", version = "0.1.2" },
     { name = "syn", version = "1.0.109" },
     { name = "time", version = "<0.3" },
-     { name = "toml_edit", version = "0.19.15" },
     { name = "wasi", version = "<0.11" },
     { name = "windows_aarch64_gnullvm", version = "<0.52" },
     { name = "windows_aarch64_msvc", version = "<0.52" },
@@ -64,7 +56,6 @@ skip = [
     { name = "windows_x86_64_gnullvm", version = "<0.52" },
     { name = "windows_x86_64_gnu", version = "<0.52" },
     { name = "windows_x86_64_msvc", version = "<0.52" },
-     { name = "winnow", version = "0.5.40" },
     { name = "winreg", version = "0.50.0" },
 ]

--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "lastModified": 1731356359,
-        "narHash": "sha256-vYqJnu6jotmWpPT4DgzHVdvNIZcKZCIUqS8QaptsZA0=",
+        "lastModified": 1729628358,
+        "narHash": "sha256-2HDSc6BL+bE3S1l3Gn0Z8wWvvfBEUEjvXkNIQ11Aifk=",
        "owner": "tadfisher",
        "repo": "android-nixpkgs",
-        "rev": "c028ead7e88edb2e94cd7c90ee37593f63ae494a",
+        "rev": "52b9e0c0f9cff887d2bb4932f8be4e062ba0802d",
        "type": "github"
      },
      "original": {
@@ -47,11 +47,11 @@
        "rust-analyzer-src": "rust-analyzer-src"
      },
      "locked": {
-        "lastModified": 1731393059,
-        "narHash": "sha256-rmzi0GHEwpzg1LGfGPO4SRD7D6QGV3UYGQxkJvn+J5U=",
+        "lastModified": 1714112748,
+        "narHash": "sha256-jq6Cpf/pQH85p+uTwPPrGG8Ky/zUOTwMJ7mcqc5M4So=",
        "owner": "nix-community",
        "repo": "fenix",
-        "rev": "fda8d5b59bb0dc0021ad3ba1d722f9ef6d36e4d9",
+        "rev": "3ae4b908a795b6a3824d401a0702e11a7157d7e1",
        "type": "github"
      },
      "original": {
@@ -83,11 +83,11 @@
        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1726560853,
-        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
@@ -101,11 +101,11 @@
        "nixpkgs": "nixpkgs_3"
      },
      "locked": {
-        "lastModified": 1721727458,
-        "narHash": "sha256-r/xppY958gmZ4oTfLiHN0ZGuQ+RSTijDblVgVLFi1mw=",
+        "lastModified": 1713520724,
+        "narHash": "sha256-CO8MmVDmqZX2FovL75pu5BvwhW+Vugc7Q6ze7Hj8heI=",
        "owner": "nix-community",
        "repo": "naersk",
-        "rev": "3fb418eaf352498f6b6c30592e3beb63df42ef11",
+        "rev": "c5037590290c6c7dae2e42e7da1e247e54ed2d49",
        "type": "github"
      },
      "original": {
@@ -116,11 +116,11 @@
    },
    "nix-filter": {
      "locked": {
-        "lastModified": 1730207686,
-        "narHash": "sha256-SCHiL+1f7q9TAnxpasriP6fMarWE5H43t25F5/9e28I=",
+        "lastModified": 1710156097,
+        "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=",
        "owner": "numtide",
        "repo": "nix-filter",
-        "rev": "776e68c1d014c3adde193a18db9d738458cd2ba4",
+        "rev": "3342559a24e85fc164b295c3444e8a139924675b",
        "type": "github"
      },
      "original": {
@@ -131,11 +131,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1731139594,
-        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
+        "lastModified": 1729413321,
+        "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
+        "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26",
        "type": "github"
      },
      "original": {
@@ -147,11 +147,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1731139594,
-        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
+        "lastModified": 1713895582,
+        "narHash": "sha256-cfh1hi+6muQMbi9acOlju3V1gl8BEaZBXBR9jQfQi4U=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
+        "rev": "572af610f6151fd41c212f897c71f7056e3fb518",
        "type": "github"
      },
      "original": {
@@ -163,9 +163,10 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 0,
-        "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
-        "path": "/nix/store/zq2axpgzd5kykk1v446rkffj3bxa2m2h-source",
+        "lastModified": 1711668574,
+        "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=",
+        "path": "/nix/store/9fpv0kjq9a80isa1wkkvrdqsh9dpcn05-source",
+        "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659",
        "type": "path"
      },
      "original": {
@@ -175,11 +176,11 @@
    },
    "nixpkgs_4": {
      "locked": {
-        "lastModified": 1731139594,
-        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
+        "lastModified": 1729413321,
+        "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
+        "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26",
        "type": "github"
      },
      "original": {
@@ -202,11 +203,11 @@
    "rust-analyzer-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1731342671,
-        "narHash": "sha256-36eYDHoPzjavnpmEpc2MXdzMk557S0YooGms07mDuKk=",
+        "lastModified": 1714031783,
+        "narHash": "sha256-xS/niQsq1CQPOe4M4jvVPO2cnXS/EIeRG5gIopUbk+Q=",
        "owner": "rust-lang",
        "repo": "rust-analyzer",
-        "rev": "fc98e0657abf3ce07eed513e38274c89bbb2f8ad",
+        "rev": "56bee2ddafa6177b19c631eedc88d43366553223",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -363,8 +363,6 @@
          mkRustPackages "x86_64-linux" //
          mkRustPackages "armv7l-linux" //
          mkRustPackages "armv6l-linux" //
-          mkRustPackages "x86_64-darwin" //
-          mkRustPackages "aarch64-darwin" //
          mkAndroidPackages "armeabi-v7a" //
          mkAndroidPackages "arm64-v8a" //
          mkAndroidPackages "x86" //
@@ -481,8 +479,8 @@
                  pkgs.python3
                  pkgs.python3Packages.wheel
                ];
-                buildPhase = ''python3 scripts/wheel-rpc-server.py source deltachat_rpc_server-${manifest.version}.tar.gz'';
-                installPhase = ''mkdir -p $out; cp -av deltachat_rpc_server-${manifest.version}.tar.gz $out'';
+                buildPhase = ''python3 scripts/wheel-rpc-server.py source deltachat-rpc-server-${manifest.version}.tar.gz'';
+                installPhase = ''mkdir -p $out; cp -av deltachat-rpc-server-${manifest.version}.tar.gz $out'';
              };

            deltachat-rpc-client =
@@ -535,30 +533,28 @@
              };
          };

-        devShells.default =
-          let
-            pkgs = import nixpkgs {
-              system = system;
-              overlays = [ fenix.overlays.default ];
-            };
-          in
-          pkgs.mkShell {
-
-            buildInputs = with pkgs; [
-              (fenix.packages.${system}.complete.withComponents [
-                "cargo"
-                "clippy"
-                "rust-src"
-                "rustc"
-                "rustfmt"
-              ])
-              cargo-deny
-              rust-analyzer-nightly
-              cargo-nextest
-              perl # needed to build vendored OpenSSL
-              git-cliff
-            ];
+        devShells.default = let 
+          pkgs = import nixpkgs {
+            system = system;
+            overlays = [ fenix.overlays.default ];
          };
+          in pkgs.mkShell {
+
+          buildInputs = with pkgs; [
+            (fenix.packages.${system}.complete.withComponents [
+              "cargo"
+              "clippy"
+              "rust-src"
+              "rustc"
+              "rustfmt"
+            ])
+            cargo-deny
+            rust-analyzer-nightly
+            cargo-nextest
+            perl # needed to build vendored OpenSSL
+            git-cliff
+          ];
+        };
      }
    );
 }
--- a/format-flowed/src/lib.rs
+++ b/format-flowed/src/lib.rs
@@ -8,8 +8,6 @@
 //! is assumed to be set to "no".
 //!
 //! For received messages, DelSp parameter is honoured.
-#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
-#![cfg_attr(not(test), forbid(clippy::string_slice))]

 /// Wraps line to 72 characters using format=flowed soft breaks.
 ///
--- a/fuzz/Cargo.lock
+++ b/fuzz/Cargo.lock
--- a/node/constants.js
+++ b/node/constants.js
@@ -1,7 +1,6 @@
 // Generated!

 module.exports = {
-  DC_CERTCK_ACCEPT_INVALID: 2,
  DC_CERTCK_ACCEPT_INVALID_CERTIFICATES: 3,
  DC_CERTCK_AUTO: 0,
  DC_CERTCK_STRICT: 1,
@@ -52,7 +51,6 @@ module.exports = {
  DC_EVENT_INCOMING_MSG: 2005,
  DC_EVENT_INCOMING_MSG_BUNCH: 2006,
  DC_EVENT_INCOMING_REACTION: 2002,
-  DC_EVENT_INCOMING_WEBXDC_NOTIFY: 2003,
  DC_EVENT_INFO: 100,
  DC_EVENT_LOCATION_CHANGED: 2035,
  DC_EVENT_MSGS_CHANGED: 2000,
--- a/node/events.js
+++ b/node/events.js
@@ -17,7 +17,6 @@ module.exports = {
  2000: 'DC_EVENT_MSGS_CHANGED',
  2001: 'DC_EVENT_REACTIONS_CHANGED',
  2002: 'DC_EVENT_INCOMING_REACTION',
-  2003: 'DC_EVENT_INCOMING_WEBXDC_NOTIFY',
  2005: 'DC_EVENT_INCOMING_MSG',
  2006: 'DC_EVENT_INCOMING_MSG_BUNCH',
  2008: 'DC_EVENT_MSGS_NOTICED',
--- a/node/lib/constants.ts
+++ b/node/lib/constants.ts
@@ -1,7 +1,6 @@
 // Generated!

 export enum C {
-  DC_CERTCK_ACCEPT_INVALID = 2,
  DC_CERTCK_ACCEPT_INVALID_CERTIFICATES = 3,
  DC_CERTCK_AUTO = 0,
  DC_CERTCK_STRICT = 1,
@@ -52,7 +51,6 @@ export enum C {
  DC_EVENT_INCOMING_MSG = 2005,
  DC_EVENT_INCOMING_MSG_BUNCH = 2006,
  DC_EVENT_INCOMING_REACTION = 2002,
-  DC_EVENT_INCOMING_WEBXDC_NOTIFY = 2003,
  DC_EVENT_INFO = 100,
  DC_EVENT_LOCATION_CHANGED = 2035,
  DC_EVENT_MSGS_CHANGED = 2000,
@@ -326,7 +324,6 @@ export const EventId2EventName: { [key: number]: string } = {
  2000: 'DC_EVENT_MSGS_CHANGED',
  2001: 'DC_EVENT_REACTIONS_CHANGED',
  2002: 'DC_EVENT_INCOMING_REACTION',
-  2003: 'DC_EVENT_INCOMING_WEBXDC_NOTIFY',
  2005: 'DC_EVENT_INCOMING_MSG',
  2006: 'DC_EVENT_INCOMING_MSG_BUNCH',
  2008: 'DC_EVENT_MSGS_NOTICED',
--- a/package.json
+++ b/package.json
@@ -55,5 +55,5 @@
    "test:mocha": "mocha node/test/test.mjs --growl --reporter=spec --bail --exit"
  },
  "types": "node/dist/index.d.ts",
-  "version": "1.151.1"
+  "version": "1.149.0"
 }
--- a/python/pyproject.toml
+++ b/python/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

 [project]
 name = "deltachat"
-version = "1.151.1"
+version = "1.149.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
 requires-python = ">=3.7"
--- a/python/tests/test_3_offline.py
+++ b/python/tests/test_3_offline.py
@@ -705,7 +705,7 @@ class TestOfflineChat:
        ac1 = acfactory.get_pseudo_configured_account()
        ac2 = acfactory.get_pseudo_configured_account()
        qr = ac1.get_setup_contact_qr()
-        assert qr.startswith("https://i.delta.chat")
+        assert qr.startswith("OPENPGP4FPR:")
        res = ac2.check_qr(qr)
        assert res.is_ask_verifycontact()
        assert not res.is_ask_verifygroup()
--- a/release-date.in
+++ b/release-date.in
@@ -1 +1 @@
-2024-11-24
+2024-11-05
--- a/scripts/wheel-rpc-server.py
+++ b/scripts/wheel-rpc-server.py
@@ -25,7 +25,7 @@ def build_source_package(version, filename):

        def pack(name, contents):
            contents = contents.encode()
-            tar_info = tarfile.TarInfo(f"deltachat_rpc_server-{version}/{name}")
+            tar_info = tarfile.TarInfo(f"deltachat-rpc-server-{version}/{name}")
            tar_info.mode = 0o644
            tar_info.size = len(contents)
            pkg.addfile(tar_info, BytesIO(contents))
@@ -167,7 +167,7 @@ def main():
        cargo_manifest = tomllib.load(fp)
    version = cargo_manifest["package"]["version"]
    if sys.argv[1] == "source":
-        filename = f"deltachat_rpc_server-{version}.tar.gz"
+        filename = f"deltachat-rpc-server-{version}.tar.gz"
        build_source_package(version, filename)
    else:
        arch = sys.argv[1]
--- a/src/authres.rs
+++ b/src/authres.rs
@@ -260,6 +260,7 @@ fn parse_authservid_candidates_config(config: &Option<String>) -> BTreeSet<&str>

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
    use tokio::fs;
    use tokio::io::AsyncReadExt;

@@ -519,13 +520,8 @@ Authentication-Results: dkim=";
        handle_authres(&t, &mail, "invalid@rom.com").await.unwrap();
    }

-    // Test that Autocrypt works with mailing list.
-    //
-    // Previous versions of Delta Chat ignored Autocrypt based on the List-Post header.
-    // This is not needed: comparing of the From address to Autocrypt header address is enough.
-    // If the mailing list is not rewriting the From header, Autocrypt should be applied.
    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_autocrypt_in_mailinglist_not_ignored() -> Result<()> {
+    async fn test_autocrypt_in_mailinglist_ignored() -> Result<()> {
        let mut tcm = TestContextManager::new();
        let alice = tcm.alice().await;
        let bob = tcm.bob().await;
@@ -537,18 +533,28 @@ Authentication-Results: dkim=";
            .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
        bob.recv_msg(&sent).await;
        let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
+        assert!(peerstate.is_none());
+
+        // Do the same without the mailing list header, this time the peerstate should be accepted
+        let sent = alice
+            .send_text(alice_bob_chat.id, "hellooo without mailing list")
+            .await;
+        bob.recv_msg(&sent).await;
+        let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
        assert!(peerstate.is_some());

-        // Bob can now write encrypted to Alice:
+        // This also means that Bob can now write encrypted to Alice:
        let mut sent = bob
            .send_text(bob_alice_chat.id, "hellooo in the mailinglist again")
            .await;
        assert!(sent.load_from_db().await.get_showpadlock());

+        // But if Bob writes to a mailing list, Alice doesn't show a padlock
+        // since she can't verify the signature without accepting Bob's key:
        sent.payload
            .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
        let rcvd = alice.recv_msg(&sent).await;
-        assert!(rcvd.get_showpadlock());
+        assert!(!rcvd.get_showpadlock());
        assert_eq!(&rcvd.text, "hellooo in the mailinglist again");

        Ok(())
--- a/src/chat.rs
+++ b/src/chat.rs
@@ -765,19 +765,27 @@ impl ChatId {
        );

        let chat = Chat::load_from_db(context, self).await?;
+        context
+            .sql
+            .execute(
+                "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?);",
+                (self,),
+            )
+            .await?;

        context
            .sql
-            .transaction(|transaction| {
-                transaction.execute(
-                    "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?)",
-                    (self,),
-                )?;
-                transaction.execute("DELETE FROM msgs WHERE chat_id=?", (self,))?;
-                transaction.execute("DELETE FROM chats_contacts WHERE chat_id=?", (self,))?;
-                transaction.execute("DELETE FROM chats WHERE id=?", (self,))?;
-                Ok(())
-            })
+            .execute("DELETE FROM msgs WHERE chat_id=?;", (self,))
+            .await?;
+
+        context
+            .sql
+            .execute("DELETE FROM chats_contacts WHERE chat_id=?;", (self,))
+            .await?;
+
+        context
+            .sql
+            .execute("DELETE FROM chats WHERE id=?;", (self,))
            .await?;

        context.emit_msgs_changed_without_ids();
@@ -914,27 +922,24 @@ impl ChatId {
                    && old_draft.chat_id == self
                    && old_draft.state == MessageState::OutDraft
                {
-                    let affected_rows = context
-                        .sql.execute(
-                                "UPDATE msgs
-                                SET timestamp=?1,type=?2,txt=?3,txt_normalized=?4,param=?5,mime_in_reply_to=?6
-                                WHERE id=?7
-                                AND (type <> ?2 
-                                    OR txt <> ?3 
-                                    OR txt_normalized <> ?4
-                                    OR param <> ?5
-                                    OR mime_in_reply_to <> ?6);",
-                                (
-                                    time(),
-                                    msg.viewtype,
-                                    &msg.text,
-                                    message::normalize_text(&msg.text),
-                                    msg.param.to_string(),
-                                    msg.in_reply_to.as_deref().unwrap_or_default(),
-                                    msg.id,
-                                ),
-                            ).await?;
-                    return Ok(affected_rows > 0);
+                    context
+                        .sql
+                        .execute(
+                            "UPDATE msgs
+                            SET timestamp=?,type=?,txt=?,txt_normalized=?,param=?,mime_in_reply_to=?
+                            WHERE id=?;",
+                            (
+                                time(),
+                                msg.viewtype,
+                                &msg.text,
+                                message::normalize_text(&msg.text),
+                                msg.param.to_string(),
+                                msg.in_reply_to.as_deref().unwrap_or_default(),
+                                msg.id,
+                            ),
+                        )
+                        .await?;
+                    return Ok(true);
                }
            }
        }
@@ -3916,6 +3921,11 @@ pub async fn remove_contact_from_chat(
    let mut msg = Message::default();

    let chat = Chat::load_from_db(context, chat_id).await?;
+
+    if chat.typ == Chattype::Group && contact_id == ContactId::SELF {
+        chat_id.set_draft(context, None).await?; // Clear draft since the user left the group.
+    }
+
    if chat.typ == Chattype::Group || chat.typ == Chattype::Broadcast {
        if !chat.is_self_in_chat(context).await? {
            let err_msg = format!(
@@ -4500,7 +4510,6 @@ pub(crate) async fn delete_and_reset_all_device_msgs(context: &Context) -> Resul
 /// Adds an informational message to chat.
 ///
 /// For example, it can be a message showing that a member was added to a group.
-/// Doesn't fail if the chat doesn't exist.
 #[allow(clippy::too_many_arguments)]
 pub(crate) async fn add_info_msg_with_cmd(
    context: &Context,
@@ -4607,6 +4616,11 @@ async fn set_contacts_by_addrs(context: &Context, id: ChatId, addrs: &[String])
    if contacts == contacts_old {
        return Ok(());
    }
+
+    if chat.typ == Chattype::Group && !contacts.contains(&ContactId::SELF) {
+        id.set_draft(context, None).await?; // Clear draft since the user left the group.
+    }
+
    update_chat_contacts_table(context, id, &contacts).await?;
    context.emit_event(EventType::ChatModified(id));
    Ok(())
@@ -5366,7 +5380,7 @@ mod tests {

        // Eventually, first removal message arrives.
        // This has no effect.
-        bob.recv_msg_trash(&remove1).await;
+        bob.recv_msg(&remove1).await;
        assert_eq!(get_chat_contacts(&bob, bob_chat_id).await?.len(), 2);
        Ok(())
    }
@@ -7691,19 +7705,4 @@ mod tests {

        Ok(())
    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_do_not_overwrite_draft() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let mut msg = Message::new_text("This is a draft message".to_string());
-        let self_chat = alice.get_self_chat().await.id;
-        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
-        let draft1 = self_chat.get_draft(&alice).await?.unwrap();
-        SystemTime::shift(Duration::from_secs(1));
-        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
-        let draft2 = self_chat.get_draft(&alice).await?.unwrap();
-        assert_eq!(draft1.timestamp_sort, draft2.timestamp_sort);
-        Ok(())
-    }
 }
--- a/src/chatlist.rs
+++ b/src/chatlist.rs
@@ -394,32 +394,25 @@ impl Chatlist {
            &chat_loaded
        };

-        let lastmsg = if let Some(lastmsg_id) = lastmsg_id {
-            // Message may be deleted by the time we try to load it,
-            // so use `load_from_db_optional` instead of `load_from_db`.
-            Message::load_from_db_optional(context, lastmsg_id)
+        let (lastmsg, lastcontact) = if let Some(lastmsg_id) = lastmsg_id {
+            let lastmsg = Message::load_from_db(context, lastmsg_id)
                .await
-                .context("Loading message failed")?
-        } else {
-            None
-        };
-
-        let lastcontact = if let Some(lastmsg) = &lastmsg {
+                .context("loading message failed")?;
            if lastmsg.from_id == ContactId::SELF {
-                None
+                (Some(lastmsg), None)
            } else {
                match chat.typ {
                    Chattype::Group | Chattype::Broadcast | Chattype::Mailinglist => {
                        let lastcontact = Contact::get_by_id(context, lastmsg.from_id)
                            .await
                            .context("loading contact failed")?;
-                        Some(lastcontact)
+                        (Some(lastmsg), Some(lastcontact))
                    }
-                    Chattype::Single => None,
+                    Chattype::Single => (Some(lastmsg), None),
                }
            }
        } else {
-            None
+            (None, None)
        };

        if chat.id.is_archived_link() {
@@ -768,25 +761,6 @@ mod tests {
        assert_eq!(summary.text, "foo: bar test"); // the linebreak should be removed from summary
    }

-    /// Tests that summary does not fail to load
-    /// if the draft was deleted after loading the chatlist.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_get_summary_deleted_draft() {
-        let t = TestContext::new().await;
-
-        let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "a chat")
-            .await
-            .unwrap();
-        let mut msg = Message::new_text("Foobar".to_string());
-        chat_id.set_draft(&t, Some(&mut msg)).await.unwrap();
-
-        let chats = Chatlist::try_load(&t, 0, None, None).await.unwrap();
-        chat_id.set_draft(&t, None).await.unwrap();
-
-        let summary_res = chats.get_summary(&t, 0, None).await;
-        assert!(summary_res.is_ok());
-    }
-
    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_load_broken() {
        let t = TestContext::new_bob().await;
--- a/src/config.rs
+++ b/src/config.rs
@@ -396,12 +396,6 @@ pub enum Config {
    /// Make all outgoing messages with Autocrypt header "multipart/signed".
    SignUnencrypted,

-    /// Enable header protection for `Autocrypt` header.
-    ///
-    /// This is an experimental setting not compatible to other MUAs
-    /// and older Delta Chat versions (core version <= v1.149.0).
-    ProtectAutocrypt,
-
    /// Let the core save all events to the database.
    /// This value is used internally to remember the MsgId of the logging xdc
    #[strum(props(default = "0"))]
--- a/src/configure.rs
+++ b/src/configure.rs
@@ -611,6 +611,8 @@ pub enum Error {

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use super::*;
    use crate::config::Config;
    use crate::login_param::EnteredServerLoginParam;
--- a/src/configure/auto_mozilla.rs
+++ b/src/configure/auto_mozilla.rs
@@ -272,6 +272,8 @@ pub(crate) async fn moz_autoconfigure(

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use super::*;

    #[test]
--- a/src/configure/auto_outlook.rs
+++ b/src/configure/auto_outlook.rs
@@ -215,6 +215,8 @@ pub(crate) async fn outlk_autodiscover(

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use super::*;

    #[test]
--- a/src/contact.rs
+++ b/src/contact.rs
@@ -1252,15 +1252,15 @@ impl Contact {

        let fingerprint_self = load_self_public_key(context)
            .await?
-            .dc_fingerprint()
+            .fingerprint()
            .to_string();
        let fingerprint_other_verified = peerstate
            .peek_key(true)
-            .map(|k| k.dc_fingerprint().to_string())
+            .map(|k| k.fingerprint().to_string())
            .unwrap_or_default();
        let fingerprint_other_unverified = peerstate
            .peek_key(false)
-            .map(|k| k.dc_fingerprint().to_string())
+            .map(|k| k.fingerprint().to_string())
            .unwrap_or_default();
        if addr < peerstate.addr {
            cat_fingerprint(&mut ret, &addr, &fingerprint_self, "");
--- a/src/context.rs
+++ b/src/context.rs
@@ -10,7 +10,6 @@ use std::time::Duration;

 use anyhow::{bail, ensure, Context as _, Result};
 use async_channel::{self as channel, Receiver, Sender};
-use pgp::types::PublicKeyTrait;
 use pgp::SignedPublicKey;
 use ratelimit::Ratelimit;
 use tokio::sync::{Mutex, Notify, OnceCell, RwLock};
@@ -472,14 +471,6 @@ impl Context {
            // Allow at least 1 message every second + a burst of 3.
            *lock = Ratelimit::new(Duration::new(3, 0), 3.0);
        }
-
-        // The next line is mainly for iOS:
-        // iOS starts a separate process for receiving notifications and if the user concurrently
-        // starts the app, the UI process opens the database but waits with calling start_io()
-        // until the notifications process finishes.
-        // Now, some configs may have changed, so, we need to invalidate the cache.
-        self.sql.config_cache.write().await.clear();
-
        self.scheduler.start(self.clone()).await;
    }

@@ -790,7 +781,7 @@ impl Context {
            .count("SELECT COUNT(*) FROM acpeerstates;", ())
            .await?;
        let fingerprint_str = match load_self_public_key(self).await {
-            Ok(key) => key.dc_fingerprint().hex(),
+            Ok(key) => key.fingerprint().hex(),
            Err(err) => format!("<key failure: {err}>"),
        };

@@ -999,12 +990,6 @@ impl Context {
                .await?
                .to_string(),
        );
-        res.insert(
-            "protect_autocrypt",
-            self.get_config_int(Config::ProtectAutocrypt)
-                .await?
-                .to_string(),
-        );
        res.insert(
            "debug_logging",
            self.get_config_int(Config::DebugLogging).await?.to_string(),
@@ -1186,7 +1171,7 @@ impl Context {
            EncryptPreference::Mutual,
            &public_key,
        );
-        let fingerprint = public_key.dc_fingerprint();
+        let fingerprint = public_key.fingerprint();
        peerstate.set_verified(public_key, fingerprint, "".to_string())?;
        peerstate.save_to_db(&self.sql).await?;
        chat_id
@@ -2072,41 +2057,4 @@ mod tests {

        Ok(())
    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_cache_is_cleared_when_io_is_started() -> Result<()> {
-        let alice = TestContext::new_alice().await;
-        assert_eq!(
-            alice.get_config(Config::ShowEmails).await?,
-            Some("2".to_string())
-        );
-
-        // Change the config circumventing the cache
-        // This simulates what the notification plugin on iOS might do
-        // because it runs in a different process
-        alice
-            .sql
-            .execute(
-                "INSERT OR REPLACE INTO config (keyname, value) VALUES ('show_emails', '0')",
-                (),
-            )
-            .await?;
-
-        // Alice's Delta Chat doesn't know about it yet:
-        assert_eq!(
-            alice.get_config(Config::ShowEmails).await?,
-            Some("2".to_string())
-        );
-
-        // Starting IO will fail of course because no server settings are configured,
-        // but it should invalidate the caches:
-        alice.start_io().await;
-
-        assert_eq!(
-            alice.get_config(Config::ShowEmails).await?,
-            Some("0".to_string())
-        );
-
-        Ok(())
-    }
 }
--- a/src/debug_logging.rs
+++ b/src/debug_logging.rs
@@ -60,11 +60,9 @@ pub async fn debug_logging_loop(context: &Context, events: Receiver<DebugEventLo
                        "time": time,
                    }),
                    info: None,
-                    href: None,
                    summary: None,
                    document: None,
                    uid: None,
-                    notify: None,
                },
                time,
            )
--- a/src/decrypt.rs
+++ b/src/decrypt.rs
@@ -1,36 +1,125 @@
 //! End-to-end decryption support.

 use std::collections::HashSet;
+use std::str::FromStr;

 use anyhow::Result;
 use deltachat_contact_tools::addr_cmp;
 use mailparse::ParsedMail;

 use crate::aheader::Aheader;
+use crate::authres::handle_authres;
+use crate::authres::{self, DkimResults};
 use crate::context::Context;
+use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
 use crate::peerstate::Peerstate;
 use crate::pgp;

 /// Tries to decrypt a message, but only if it is structured as an Autocrypt message.
 ///
-/// If successful and the message is encrypted, returns decrypted body.
+/// If successful and the message is encrypted, returns decrypted body and a set of valid
+/// signature fingerprints.
+///
+/// If the message is wrongly signed, HashSet will be empty.
 pub fn try_decrypt(
    mail: &ParsedMail<'_>,
    private_keyring: &[SignedSecretKey],
-) -> Result<Option<::pgp::composed::Message>> {
+    public_keyring_for_validate: &[SignedPublicKey],
+) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
    let Some(encrypted_data_part) = get_encrypted_mime(mail) else {
        return Ok(None);
    };

    let data = encrypted_data_part.get_body_raw()?;
-    let msg = pgp::pk_decrypt(data, private_keyring)?;

-    Ok(Some(msg))
+    let (plain, ret_valid_signatures) =
+        pgp::pk_decrypt(data, private_keyring, public_keyring_for_validate)?;
+    Ok(Some((plain, ret_valid_signatures)))
+}
+
+pub(crate) async fn prepare_decryption(
+    context: &Context,
+    mail: &ParsedMail<'_>,
+    from: &str,
+    message_time: i64,
+) -> Result<DecryptionInfo> {
+    if mail.headers.get_header(HeaderDef::ListPost).is_some() {
+        if mail.headers.get_header(HeaderDef::Autocrypt).is_some() {
+            info!(
+                context,
+                "Ignoring autocrypt header since this is a mailing list message. \
+                NOTE: For privacy reasons, the mailing list software should remove Autocrypt headers."
+            );
+        }
+        return Ok(DecryptionInfo {
+            from: from.to_string(),
+            autocrypt_header: None,
+            peerstate: None,
+            message_time,
+            dkim_results: DkimResults { dkim_passed: false },
+        });
+    }
+
+    let autocrypt_header = if context.is_self_addr(from).await? {
+        None
+    } else if let Some(aheader_value) = mail.headers.get_header_value(HeaderDef::Autocrypt) {
+        match Aheader::from_str(&aheader_value) {
+            Ok(header) if addr_cmp(&header.addr, from) => Some(header),
+            Ok(header) => {
+                warn!(
+                    context,
+                    "Autocrypt header address {:?} is not {:?}.", header.addr, from
+                );
+                None
+            }
+            Err(err) => {
+                warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
+                None
+            }
+        }
+    } else {
+        None
+    };
+
+    let dkim_results = handle_authres(context, mail, from).await?;
+    let allow_aeap = get_encrypted_mime(mail).is_some();
+    let peerstate = get_autocrypt_peerstate(
+        context,
+        from,
+        autocrypt_header.as_ref(),
+        message_time,
+        allow_aeap,
+    )
+    .await?;
+
+    Ok(DecryptionInfo {
+        from: from.to_string(),
+        autocrypt_header,
+        peerstate,
+        message_time,
+        dkim_results,
+    })
+}
+
+#[derive(Debug)]
+pub struct DecryptionInfo {
+    /// The From address. This is the address from the unnencrypted, outer
+    /// From header.
+    pub from: String,
+    pub autocrypt_header: Option<Aheader>,
+    /// The peerstate that will be used to validate the signatures
+    pub peerstate: Option<Peerstate>,
+    /// The timestamp when the message was sent.
+    /// If this is older than the peerstate's last_seen, this probably
+    /// means out-of-order message arrival, We don't modify the
+    /// peerstate in this case.
+    pub message_time: i64,
+    pub(crate) dkim_results: authres::DkimResults,
 }

 /// Returns a reference to the encrypted payload of a message.
-pub(crate) fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
+fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
    get_autocrypt_mime(mail)
        .or_else(|| get_mixed_up_mime(mail))
        .or_else(|| get_attachment_mime(mail))
@@ -182,7 +271,7 @@ pub(crate) async fn get_autocrypt_peerstate(
            // if the fingerprint is verified.
            peerstate = Peerstate::from_verified_fingerprint_or_addr(
                context,
-                &header.public_key.dc_fingerprint(),
+                &header.public_key.fingerprint(),
                from,
            )
            .await?;
--- a/src/e2ee.rs
+++ b/src/e2ee.rs
@@ -303,12 +303,12 @@ Sent with my Delta Chat Messenger: https://delta.chat";
            last_seen_autocrypt: 14,
            prefer_encrypt,
            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            public_key_fingerprint: Some(pub_key.fingerprint()),
            gossip_key: Some(pub_key.clone()),
            gossip_timestamp: 15,
-            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.fingerprint()),
            verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            verified_key_fingerprint: Some(pub_key.fingerprint()),
            verifier: None,
            secondary_verified_key: None,
            secondary_verified_key_fingerprint: None,
--- a/src/events/payload.rs
+++ b/src/events/payload.rs
@@ -107,18 +107,6 @@ pub enum EventType {
        reaction: Reaction,
    },

-    /// A webxdc wants an info message or a changed summary to be notified.
-    IncomingWebxdcNotify {
-        /// ID of the contact sending.
-        contact_id: ContactId,
-
-        /// ID of the added info message or webxdc instance in case of summary change.
-        msg_id: MsgId,
-
-        /// Text to notify.
-        text: String,
-    },
-
    /// There is a fresh message. Typically, the user will show an notification
    /// when receiving this message.
    ///
--- a/src/html.rs
+++ b/src/html.rs
@@ -283,6 +283,7 @@ mod tests {
 <meta name="color-scheme" content="light dark" />
 </head><body>
 This message does not have Content-Type nor Subject.<br/>
+<br/>
 </body></html>
 "#
        );
@@ -301,6 +302,7 @@ This message does not have Content-Type nor Subject.<br/>
 <meta name="color-scheme" content="light dark" />
 </head><body>
 message with a non-UTF-8 encoding: äöüßÄÖÜ<br/>
+<br/>
 </body></html>
 "#
        );
@@ -323,6 +325,7 @@ This line ends with a space and will be merged with the next one due to format=f
 <br/>
 This line does not end with a space<br/>
 and will be wrapped as usual.<br/>
+<br/>
 </body></html>
 "#
        );
@@ -344,6 +347,7 @@ mime-modified should not be set set as there is no html and no special stuff;<br
 although not being a delta-message.<br/>
 test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x27; :)<br/>
 <br/>
+<br/>
 </body></html>
 "#
        );
--- a/src/imap.rs
+++ b/src/imap.rs
@@ -89,7 +89,7 @@ pub(crate) struct Imap {

    oauth2: bool,

-    authentication_failed_once: bool,
+    login_failed_once: bool,

    pub(crate) connectivity: ConnectivityStore,

@@ -254,7 +254,7 @@ impl Imap {
            proxy_config,
            strict_tls,
            oauth2,
-            authentication_failed_once: false,
+            login_failed_once: false,
            connectivity: Default::default(),
            conn_last_try: UNIX_EPOCH,
            conn_backoff_ms: 0,
@@ -402,7 +402,7 @@ impl Imap {
                    let mut lock = context.server_id.write().await;
                    lock.clone_from(&session.capabilities.server_id);

-                    self.authentication_failed_once = false;
+                    self.login_failed_once = false;
                    context.emit_event(EventType::ImapConnected(format!(
                        "IMAP-LOGIN as {}",
                        lp.user
@@ -416,38 +416,35 @@ impl Imap {
                    let imap_user = lp.user.to_owned();
                    let message = stock_str::cannot_login(context, &imap_user).await;

+                    let err_str = err.to_string();
                    warn!(context, "IMAP failed to login: {err:#}.");
                    first_error.get_or_insert(format_err!("{message} ({err:#})"));

-                    // If it looks like the password is wrong, send a notification:
                    let _lock = context.wrong_pw_warning_mutex.lock().await;
-                    if err.to_string().to_lowercase().contains("authentication") {
-                        if self.authentication_failed_once
-                            && !configuring
-                            && context.get_config_bool(Config::NotifyAboutWrongPw).await?
+                    if !configuring
+                        && self.login_failed_once
+                        && err_str.to_lowercase().contains("authentication")
+                        && context.get_config_bool(Config::NotifyAboutWrongPw).await?
+                    {
+                        let mut msg = Message::new_text(message);
+                        if let Err(e) = chat::add_device_msg_with_importance(
+                            context,
+                            None,
+                            Some(&mut msg),
+                            true,
+                        )
+                        .await
                        {
-                            let mut msg = Message::new_text(message);
-                            if let Err(e) = chat::add_device_msg_with_importance(
-                                context,
-                                None,
-                                Some(&mut msg),
-                                true,
-                            )
-                            .await
-                            {
-                                warn!(context, "Failed to add device message: {e:#}.");
-                            } else {
-                                context
-                                    .set_config_internal(Config::NotifyAboutWrongPw, None)
-                                    .await
-                                    .log_err(context)
-                                    .ok();
-                            }
+                            warn!(context, "Failed to add device message: {e:#}.");
                        } else {
-                            self.authentication_failed_once = true;
+                            context
+                                .set_config_internal(Config::NotifyAboutWrongPw, None)
+                                .await
+                                .log_err(context)
+                                .ok();
                        }
                    } else {
-                        self.authentication_failed_once = false;
+                        self.login_failed_once = true;
                    }
                }
            }
--- a/src/imex.rs
+++ b/src/imex.rs
@@ -4,7 +4,7 @@ use std::ffi::OsStr;
 use std::path::{Path, PathBuf};
 use std::pin::Pin;

-use ::pgp::types::PublicKeyTrait;
+use ::pgp::types::KeyTrait;
 use anyhow::{bail, ensure, format_err, Context as _, Result};
 use futures::TryStreamExt;
 use futures_lite::FutureExt;
@@ -750,7 +750,7 @@ where
            true => "private",
        };
        let id = id.map_or("default".into(), |i| i.to_string());
-        let fp = key.dc_fingerprint().hex();
+        let fp = DcKey::fingerprint(key).hex();
        format!("{kind}-key-{addr}-{id}-{fp}.asc")
    };
    let path = dir.join(&file_name);
@@ -878,7 +878,7 @@ mod tests {
            .unwrap()
            .strip_suffix(".asc")
            .unwrap();
-        assert_eq!(fingerprint, key.dc_fingerprint().hex());
+        assert_eq!(fingerprint, DcKey::fingerprint(&key).hex());
        let blobdir = context.ctx.get_blobdir().to_str().unwrap();
        let filename = format!("{blobdir}/{filename}");
        let bytes = tokio::fs::read(&filename).await.unwrap();
--- a/src/key.rs
+++ b/src/key.rs
@@ -11,8 +11,7 @@ use num_traits::FromPrimitive;
 use pgp::composed::Deserializable;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
 use pgp::ser::Serialize;
-use pgp::types::{PublicKeyTrait, SecretKeyTrait};
-use rand::thread_rng;
+use pgp::types::{KeyTrait, SecretKeyTrait};
 use tokio::runtime::Handle;

 use crate::config::Config;
@@ -27,7 +26,7 @@ use crate::tools::{self, time_elapsed};
 /// This trait is implemented for rPGP's [SignedPublicKey] and
 /// [SignedSecretKey] types and makes working with them a little
 /// easier in the deltachat world.
-pub(crate) trait DcKey: Serialize + Deserializable + PublicKeyTrait + Clone {
+pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
    /// Create a key from some bytes.
    fn from_slice(bytes: &[u8]) -> Result<Self> {
        Ok(<Self as Deserializable>::from_bytes(Cursor::new(bytes))?)
@@ -94,8 +93,8 @@ pub(crate) trait DcKey: Serialize + Deserializable + PublicKeyTrait + Clone {
    fn to_asc(&self, header: Option<(&str, &str)>) -> String;

    /// The fingerprint for the key.
-    fn dc_fingerprint(&self) -> Fingerprint {
-        PublicKeyTrait::fingerprint(self).into()
+    fn fingerprint(&self) -> Fingerprint {
+        Fingerprint::new(KeyTrait::fingerprint(self))
    }

    fn is_private() -> bool;
@@ -234,8 +233,7 @@ impl DcSecretKey for SignedSecretKey {
    fn split_public_key(&self) -> Result<SignedPublicKey> {
        self.verify()?;
        let unsigned_pubkey = SecretKeyTrait::public_key(self);
-        let mut rng = thread_rng();
-        let signed_pubkey = unsigned_pubkey.sign(&mut rng, self, || "".into())?;
+        let signed_pubkey = unsigned_pubkey.sign(self, || "".into())?;
        Ok(signed_pubkey)
    }
 }
@@ -397,12 +395,6 @@ impl Fingerprint {
    }
 }

-impl From<pgp::types::Fingerprint> for Fingerprint {
-    fn from(fingerprint: pgp::types::Fingerprint) -> Fingerprint {
-        Self::new(fingerprint.as_bytes().into())
-    }
-}
-
 impl fmt::Debug for Fingerprint {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_struct("Fingerprint")
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -16,8 +16,7 @@
    clippy::explicit_into_iter_loop,
    clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
-#![cfg_attr(not(test), forbid(clippy::string_slice))]
+#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
 #![allow(
    clippy::match_bool,
    clippy::mixed_read_write_in_expression,
--- a/src/location.rs
+++ b/src/location.rs
@@ -880,6 +880,8 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use super::*;
    use crate::config::Config;
    use crate::message::MessageState;
--- a/src/message.rs
+++ b/src/message.rs
@@ -1693,7 +1693,6 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                    m.id AS id,
                    m.chat_id AS chat_id,
                    m.state AS state,
-                    m.download_state as download_state,
                    m.ephemeral_timer AS ephemeral_timer,
                    m.param AS param,
                    m.from_id AS from_id,
@@ -1709,7 +1708,6 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                let id: MsgId = row.get("id")?;
                let chat_id: ChatId = row.get("chat_id")?;
                let state: MessageState = row.get("state")?;
-                let download_state: DownloadState = row.get("download_state")?;
                let param: Params = row.get::<_, String>("param")?.parse().unwrap_or_default();
                let from_id: ContactId = row.get("from_id")?;
                let rfc724_mid: String = row.get("rfc724_mid")?;
@@ -1721,7 +1719,6 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                        id,
                        chat_id,
                        state,
-                        download_state,
                        param,
                        from_id,
                        rfc724_mid,
@@ -1751,7 +1748,6 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
            id,
            curr_chat_id,
            curr_state,
-            curr_download_state,
            curr_param,
            curr_from_id,
            curr_rfc724_mid,
@@ -1761,14 +1757,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
        _curr_ephemeral_timer,
    ) in msgs
    {
-        if curr_download_state != DownloadState::Done {
-            if curr_state == MessageState::InFresh {
-                // Don't mark partially downloaded messages as seen or send a read receipt since
-                // they are not really seen by the user.
-                update_msg_state(context, id, MessageState::InNoticed).await?;
-                updated_chat_ids.insert(curr_chat_id);
-            }
-        } else if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
+        if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
            update_msg_state(context, id, MessageState::InSeen).await?;
            info!(context, "Seen message {}.", id);

@@ -2594,110 +2583,6 @@ mod tests {
        Ok(())
    }

-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_markseen_not_downloaded_msg() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        alice.set_config(Config::DownloadLimit, Some("1")).await?;
-        let bob = &tcm.bob().await;
-        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
-
-        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
-        let mut msg = Message::new(Viewtype::Image);
-        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
-            .await?;
-        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
-        let msg = alice.recv_msg(&sent_msg).await;
-        assert_eq!(msg.download_state, DownloadState::Available);
-        assert!(!msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
-        assert_eq!(msg.state, MessageState::InFresh);
-        markseen_msgs(alice, vec![msg.id]).await?;
-        // A not downloaded message can be seen only if it's seen on another device.
-        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
-        // Marking the message as seen again is a no op.
-        markseen_msgs(alice, vec![msg.id]).await?;
-        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
-
-        msg.id
-            .update_download_state(alice, DownloadState::InProgress)
-            .await?;
-        markseen_msgs(alice, vec![msg.id]).await?;
-        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
-        msg.id
-            .update_download_state(alice, DownloadState::Failure)
-            .await?;
-        markseen_msgs(alice, vec![msg.id]).await?;
-        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
-        msg.id
-            .update_download_state(alice, DownloadState::Undecipherable)
-            .await?;
-        markseen_msgs(alice, vec![msg.id]).await?;
-        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
-
-        assert!(
-            !alice
-                .sql
-                .exists("SELECT COUNT(*) FROM smtp_mdns", ())
-                .await?
-        );
-
-        alice.set_config(Config::DownloadLimit, None).await?;
-        // Let's assume that Alice and Bob resolved the problem with encryption.
-        let old_msg = msg;
-        let msg = alice.recv_msg(&sent_msg).await;
-        assert_eq!(msg.chat_id, old_msg.chat_id);
-        assert_eq!(msg.download_state, DownloadState::Done);
-        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
-        assert!(msg.get_showpadlock());
-        // The message state mustn't be downgraded to `InFresh`.
-        assert_eq!(msg.state, MessageState::InNoticed);
-        markseen_msgs(alice, vec![msg.id]).await?;
-        let msg = Message::load_from_db(alice, msg.id).await?;
-        assert_eq!(msg.state, MessageState::InSeen);
-        assert_eq!(
-            alice
-                .sql
-                .count("SELECT COUNT(*) FROM smtp_mdns", ())
-                .await?,
-            1
-        );
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_msg_seen_on_imap_when_downloaded() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        alice.set_config(Config::DownloadLimit, Some("1")).await?;
-        let bob = &tcm.bob().await;
-        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
-
-        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
-        let mut msg = Message::new(Viewtype::Image);
-        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
-            .await?;
-        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
-        let msg = alice.recv_msg(&sent_msg).await;
-        assert_eq!(msg.download_state, DownloadState::Available);
-        assert_eq!(msg.state, MessageState::InFresh);
-
-        alice.set_config(Config::DownloadLimit, None).await?;
-        let seen = true;
-        let rcvd_msg = receive_imf(alice, sent_msg.payload().as_bytes(), seen)
-            .await
-            .unwrap()
-            .unwrap();
-        assert_eq!(rcvd_msg.chat_id, msg.chat_id);
-        let msg = Message::load_from_db(alice, *rcvd_msg.msg_ids.last().unwrap())
-            .await
-            .unwrap();
-        assert_eq!(msg.download_state, DownloadState::Done);
-        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
-        assert!(msg.get_showpadlock());
-        assert_eq!(msg.state, MessageState::InSeen);
-        Ok(())
-    }
-
    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_get_state() -> Result<()> {
        let alice = TestContext::new_alice().await;
--- a/src/mimefactory.rs
+++ b/src/mimefactory.rs
@@ -743,9 +743,7 @@ impl MimeFactory {
                hidden_headers.push(header);
            } else if header_name == "chat-user-avatar" {
                hidden_headers.push(header);
-            } else if header_name == "autocrypt"
-                && !context.get_config_bool(Config::ProtectAutocrypt).await?
-            {
+            } else if header_name == "autocrypt" {
                unprotected_headers.push(header.clone());
            } else if header_name == "from" {
                // Unencrypted securejoin messages should _not_ include the display name:
@@ -2274,6 +2272,7 @@ mod tests {
        let msg = message.as_string();

        let header_end = msg.find("Hi").unwrap();
+        #[allow(clippy::indexing_slicing)]
        let headers = msg[0..header_end].trim();

        assert!(!headers.lines().any(|l| l.trim().is_empty()));
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -4,7 +4,6 @@ use std::cmp::min;
 use std::collections::{HashMap, HashSet};
 use std::path::Path;
 use std::str;
-use std::str::FromStr;

 use anyhow::{bail, Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, addr_normalize, sanitize_bidi_characters};
@@ -15,7 +14,6 @@ use mailparse::{addrparse_header, DispositionType, MailHeader, MailHeaderMap, Si
 use rand::distributions::{Alphanumeric, DistString};

 use crate::aheader::{Aheader, EncryptPreference};
-use crate::authres::handle_authres;
 use crate::blob::BlobObject;
 use crate::chat::{add_info_msg, ChatId};
 use crate::config::Config;
@@ -23,8 +21,8 @@ use crate::constants::{self, Chattype};
 use crate::contact::{Contact, ContactId, Origin};
 use crate::context::Context;
 use crate::decrypt::{
-    get_autocrypt_peerstate, get_encrypted_mime, keyring_from_peerstate, try_decrypt,
-    validate_detached_signature,
+    keyring_from_peerstate, prepare_decryption, try_decrypt, validate_detached_signature,
+    DecryptionInfo,
 };
 use crate::dehtml::dehtml;
 use crate::events::EventType;
@@ -73,8 +71,7 @@ pub(crate) struct MimeMessage {
    /// messages to this address to post them to the list.
    pub list_post: Option<String>,
    pub chat_disposition_notification_to: Option<SingleInfo>,
-    pub autocrypt_header: Option<Aheader>,
-    pub peerstate: Option<Peerstate>,
+    pub decryption_info: DecryptionInfo,
    pub decrypting_failed: bool,

    /// Set of valid signature fingerprints if a message is an
@@ -304,101 +301,42 @@ impl MimeMessage {
        let mut from = from.context("No from in message")?;
        let private_keyring = load_self_secret_keyring(context).await?;

-        let allow_aeap = get_encrypted_mime(&mail).is_some();
-
-        let dkim_results = handle_authres(context, &mail, &from.addr).await?;
+        let mut decryption_info =
+            prepare_decryption(context, &mail, &from.addr, timestamp_sent).await?;

+        // Memory location for a possible decrypted message.
+        let mut mail_raw = Vec::new();
        let mut gossiped_keys = Default::default();
        let mut from_is_signed = false;
        hop_info += "\n\n";
-        hop_info += &dkim_results.to_string();
+        hop_info += &decryption_info.dkim_results.to_string();

        let incoming = !context.is_self_addr(&from.addr).await?;
-
-        let mut aheader_value: Option<String> = mail.headers.get_header_value(HeaderDef::Autocrypt);
-
-        let mail_raw; // Memory location for a possible decrypted message.
-        let decrypted_msg; // Decrypted signed OpenPGP message.
-
-        let (mail, encrypted) =
-            match tokio::task::block_in_place(|| try_decrypt(&mail, &private_keyring)) {
-                Ok(Some(msg)) => {
-                    mail_raw = msg.get_content()?.unwrap_or_default();
-
-                    let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
-                    if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
-                        info!(
-                            context,
-                            "decrypted message mime-body:\n{}",
-                            String::from_utf8_lossy(&mail_raw),
-                        );
-                    }
-
-                    decrypted_msg = Some(msg);
-                    if let Some(protected_aheader_value) = decrypted_mail
-                        .headers
-                        .get_header_value(HeaderDef::Autocrypt)
-                    {
-                        aheader_value = Some(protected_aheader_value);
-                    }
-
-                    (Ok(decrypted_mail), true)
-                }
-                Ok(None) => {
-                    mail_raw = Vec::new();
-                    decrypted_msg = None;
-                    (Ok(mail), false)
-                }
-                Err(err) => {
-                    mail_raw = Vec::new();
-                    decrypted_msg = None;
-                    warn!(context, "decryption failed: {:#}", err);
-                    (Err(err), false)
-                }
-            };
-
-        let autocrypt_header = if !incoming {
-            None
-        } else if let Some(aheader_value) = aheader_value {
-            match Aheader::from_str(&aheader_value) {
-                Ok(header) if addr_cmp(&header.addr, &from.addr) => Some(header),
-                Ok(header) => {
-                    warn!(
-                        context,
-                        "Autocrypt header address {:?} is not {:?}.", header.addr, from.addr
-                    );
-                    None
-                }
-                Err(err) => {
-                    warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
-                    None
-                }
-            }
-        } else {
-            None
-        };
-
-        // The peerstate that will be used to validate the signatures.
-        let mut peerstate = get_autocrypt_peerstate(
-            context,
-            &from.addr,
-            autocrypt_header.as_ref(),
-            timestamp_sent,
-            allow_aeap,
-        )
-        .await?;
-
-        let public_keyring = match peerstate.is_none() && !incoming {
+        let public_keyring = match decryption_info.peerstate.is_none() && !incoming {
            true => key::load_self_public_keyring(context).await?,
-            false => keyring_from_peerstate(peerstate.as_ref()),
+            false => keyring_from_peerstate(decryption_info.peerstate.as_ref()),
        };
-
-        let mut signatures = if let Some(ref decrypted_msg) = decrypted_msg {
-            crate::pgp::valid_signature_fingerprints(decrypted_msg, &public_keyring)?
-        } else {
-            HashSet::new()
+        let (mail, mut signatures, encrypted) = match tokio::task::block_in_place(|| {
+            try_decrypt(&mail, &private_keyring, &public_keyring)
+        }) {
+            Ok(Some((raw, signatures))) => {
+                mail_raw = raw;
+                let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
+                if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
+                    info!(
+                        context,
+                        "decrypted message mime-body:\n{}",
+                        String::from_utf8_lossy(&mail_raw),
+                    );
+                }
+                (Ok(decrypted_mail), signatures, true)
+            }
+            Ok(None) => (Ok(mail), HashSet::new(), false),
+            Err(err) => {
+                warn!(context, "decryption failed: {:#}", err);
+                (Err(err), HashSet::new(), false)
+            }
        };
-
        let mail = mail.as_ref().map(|mail| {
            let (content, signatures_detached) = validate_detached_signature(mail, &public_keyring)
                .unwrap_or((mail, Default::default()));
@@ -484,7 +422,7 @@ impl MimeMessage {
            Self::remove_secured_headers(&mut headers);

            // If it is not a read receipt, degrade encryption.
-            if let (Some(peerstate), Ok(mail)) = (&mut peerstate, mail) {
+            if let (Some(peerstate), Ok(mail)) = (&mut decryption_info.peerstate, mail) {
                if timestamp_sent > peerstate.last_seen_autocrypt
                    && mail.ctype.mimetype != "multipart/report"
                {
@@ -495,7 +433,7 @@ impl MimeMessage {
        if !encrypted {
            signatures.clear();
        }
-        if let Some(peerstate) = &mut peerstate {
+        if let Some(peerstate) = &mut decryption_info.peerstate {
            if peerstate.prefer_encrypt != EncryptPreference::Mutual && !signatures.is_empty() {
                peerstate.prefer_encrypt = EncryptPreference::Mutual;
                peerstate.save_to_db(&context.sql).await?;
@@ -511,8 +449,7 @@ impl MimeMessage {
            from_is_signed,
            incoming,
            chat_disposition_notification_to,
-            autocrypt_header,
-            peerstate,
+            decryption_info,
            decrypting_failed: mail.is_err(),

            // only non-empty if it was a valid autocrypt message
@@ -665,13 +602,11 @@ impl MimeMessage {
    /// Delta Chat sends attachments, such as images, in two-part messages, with the first message
    /// containing a description. If such a message is detected, text from the first part can be
    /// moved to the second part, and the first part dropped.
+    #[allow(clippy::indexing_slicing)]
    fn squash_attachment_parts(&mut self) {
-        if self.parts.len() == 2
-            && self.parts.first().map(|textpart| textpart.typ) == Some(Viewtype::Text)
-            && self
-                .parts
-                .get(1)
-                .map_or(false, |filepart| match filepart.typ {
+        if let [textpart, filepart] = &self.parts[..] {
+            let need_drop = textpart.typ == Viewtype::Text
+                && match filepart.typ {
                    Viewtype::Image
                    | Viewtype::Gif
                    | Viewtype::Sticker
@@ -682,24 +617,24 @@ impl MimeMessage {
                    | Viewtype::File
                    | Viewtype::Webxdc => true,
                    Viewtype::Unknown | Viewtype::Text | Viewtype::VideochatInvitation => false,
-                })
-        {
-            let mut parts = std::mem::take(&mut self.parts);
-            let Some(mut filepart) = parts.pop() else {
-                // Should never happen.
-                return;
-            };
-            let Some(textpart) = parts.pop() else {
-                // Should never happen.
-                return;
-            };
+                };

-            filepart.msg.clone_from(&textpart.msg);
-            if let Some(quote) = textpart.param.get(Param::Quote) {
-                filepart.param.set(Param::Quote, quote);
+            if need_drop {
+                let mut filepart = self.parts.swap_remove(1);
+
+                // insert new one
+                filepart.msg.clone_from(&self.parts[0].msg);
+                if let Some(quote) = self.parts[0].param.get(Param::Quote) {
+                    filepart.param.set(Param::Quote, quote);
+                }
+
+                // forget the one we use now
+                self.parts[0].msg = "".to_string();
+
+                // swap new with old
+                self.parts.push(filepart); // push to the end
+                let _ = self.parts.swap_remove(0); // drops first element, replacing it with the last one in O(1)
            }
-
-            self.parts = vec![filepart];
        }
    }

@@ -1296,7 +1231,7 @@ impl MimeMessage {
        if decoded_data.is_empty() {
            return Ok(());
        }
-        if let Some(peerstate) = &mut self.peerstate {
+        if let Some(peerstate) = &mut self.decryption_info.peerstate {
            if peerstate.prefer_encrypt != EncryptPreference::Mutual
                && mime_type.type_() == mime::APPLICATION
                && mime_type.subtype().as_str() == "pgp-keys"
@@ -1753,6 +1688,7 @@ impl MimeMessage {
    /// Some providers like GMX and Yahoo do not send standard NDNs (Non Delivery notifications).
    /// If you improve heuristics here you might also have to change prefetch_should_download() in imap/mod.rs.
    /// Also you should add a test in receive_imf.rs (there already are lots of test_parse_ndn_* tests).
+    #[allow(clippy::indexing_slicing)]
    async fn heuristically_parse_ndn(&mut self, context: &Context) {
        let maybe_ndn = if let Some(from) = self.get_header(HeaderDef::From_) {
            let from = from.to_ascii_lowercase();
@@ -1915,17 +1851,18 @@ pub(crate) struct DeliveryReport {
    pub failure: bool,
 }

+#[allow(clippy::indexing_slicing)]
 pub(crate) fn parse_message_ids(ids: &str) -> Vec<String> {
    // take care with mailparse::msgidparse() that is pretty untolerant eg. wrt missing `<` or `>`
    let mut msgids = Vec::new();
    for id in ids.split_whitespace() {
        let mut id = id.to_string();
-        if let Some(id_without_prefix) = id.strip_prefix('<') {
-            id = id_without_prefix.to_string();
-        };
-        if let Some(id_without_suffix) = id.strip_suffix('>') {
-            id = id_without_suffix.to_string();
-        };
+        if id.starts_with('<') {
+            id = id[1..].to_string();
+        }
+        if id.ends_with('>') {
+            id = id[..id.len() - 1].to_string();
+        }
        if !id.is_empty() {
            msgids.push(id);
        }
@@ -2362,6 +2299,8 @@ async fn ndn_maybe_add_info_msg(

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use mailparse::ParsedMail;

    use super::*;
@@ -3706,28 +3645,6 @@ On 2020-10-25, Bob wrote:
        Ok(())
    }

-    /// Tests that sender status (signature) does not appear
-    /// in HTML view of a long message.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_large_message_no_signature() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        let bob = &tcm.bob().await;
-
-        alice
-            .set_config(Config::Selfstatus, Some("Some signature"))
-            .await?;
-        let chat = alice.create_chat(bob).await;
-        let txt = "Hello!\n".repeat(500);
-        let sent = alice.send_text(chat.id, &txt).await;
-        let msg = bob.recv_msg(&sent).await;
-
-        assert_eq!(msg.has_html(), true);
-        let html = msg.id.get_html(bob).await?.unwrap();
-        assert_eq!(html.contains("Some signature"), false);
-        Ok(())
-    }
-
    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_x_microsoft_original_message_id() {
        let t = TestContext::new_alice().await;
@@ -4095,8 +4012,12 @@ Content-Disposition: reaction\n\

        // We do allow the time to be in the future a bit (because of unsynchronized clocks),
        // but only 60 seconds:
-        assert!(mime_message.timestamp_sent <= time() + 60);
-        assert!(mime_message.timestamp_sent >= beginning_time + 60);
+        assert!(mime_message.decryption_info.message_time <= time() + 60);
+        assert!(mime_message.decryption_info.message_time >= beginning_time + 60);
+        assert_eq!(
+            mime_message.decryption_info.message_time,
+            mime_message.timestamp_sent
+        );
        assert!(mime_message.timestamp_rcvd <= time());

        Ok(())
@@ -4167,24 +4088,4 @@ Content-Type: text/plain; charset=utf-8
            "alice@example.org"
        );
    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_protect_autocrypt() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        let bob = &tcm.bob().await;
-
-        alice
-            .set_config_bool(Config::ProtectAutocrypt, true)
-            .await?;
-        bob.set_config_bool(Config::ProtectAutocrypt, true).await?;
-
-        let msg = tcm.send_recv_accept(alice, bob, "Hello!").await;
-        assert_eq!(msg.get_showpadlock(), false);
-
-        let msg = tcm.send_recv(bob, alice, "Hi!").await;
-        assert_eq!(msg.get_showpadlock(), true);
-
-        Ok(())
-    }
 }
--- a/src/net.rs
+++ b/src/net.rs
@@ -5,13 +5,13 @@ use std::pin::Pin;
 use std::time::Duration;

 use anyhow::{format_err, Context as _, Result};
+use async_native_tls::TlsStream;
 use tokio::net::TcpStream;
 use tokio::task::JoinSet;
 use tokio::time::timeout;
 use tokio_io_timeout::TimeoutStream;

 use crate::context::Context;
-use crate::net::session::SessionStream;
 use crate::sql::Sql;
 use crate::tools::time;

@@ -128,7 +128,7 @@ pub(crate) async fn connect_tls_inner(
    host: &str,
    strict_tls: bool,
    alpn: &[&str],
-) -> Result<impl SessionStream> {
+) -> Result<TlsStream<Pin<Box<TimeoutStream<TcpStream>>>>> {
    let tcp_stream = connect_tcp_inner(addr).await?;
    let tls_stream = wrap_tls(strict_tls, host, alpn, tcp_stream).await?;
    Ok(tls_stream)
--- a/src/net/tls.rs
+++ b/src/net/tls.rs
@@ -2,39 +2,45 @@
 use std::sync::Arc;

 use anyhow::Result;
+use async_native_tls::{Certificate, Protocol, TlsConnector, TlsStream};
+use once_cell::sync::Lazy;
+use tokio::io::{AsyncRead, AsyncWrite};

-use crate::net::session::SessionStream;
+// this certificate is missing on older android devices (eg. lg with android6 from 2017)
+// certificate downloaded from https://letsencrypt.org/certificates/
+static LETSENCRYPT_ROOT: Lazy<Certificate> = Lazy::new(|| {
+    Certificate::from_der(include_bytes!(
+        "../../assets/root-certificates/letsencrypt/isrgrootx1.der"
+    ))
+    .unwrap()
+});

-pub async fn wrap_tls(
+pub async fn wrap_tls<T: AsyncRead + AsyncWrite + Unpin>(
    strict_tls: bool,
    hostname: &str,
    alpn: &[&str],
-    stream: impl SessionStream + 'static,
-) -> Result<impl SessionStream> {
-    if strict_tls {
-        let tls_stream = wrap_rustls(hostname, alpn, stream).await?;
-        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
-        Ok(boxed_stream)
+    stream: T,
+) -> Result<TlsStream<T>> {
+    let tls_builder = TlsConnector::new()
+        .min_protocol_version(Some(Protocol::Tlsv12))
+        .request_alpns(alpn)
+        .add_root_certificate(LETSENCRYPT_ROOT.clone());
+    let tls = if strict_tls {
+        tls_builder
    } else {
-        // We use native_tls because it accepts 1024-bit RSA keys.
-        // Rustls does not support them even if
-        // certificate checks are disabled: <https://github.com/rustls/rustls/issues/234>.
-        let tls = async_native_tls::TlsConnector::new()
-            .min_protocol_version(Some(async_native_tls::Protocol::Tlsv12))
-            .request_alpns(alpn)
+        tls_builder
            .danger_accept_invalid_hostnames(true)
-            .danger_accept_invalid_certs(true);
-        let tls_stream = tls.connect(hostname, stream).await?;
-        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
-        Ok(boxed_stream)
-    }
+            .danger_accept_invalid_certs(true)
+    };
+    let tls_stream = tls.connect(hostname, stream).await?;
+    Ok(tls_stream)
 }

-pub async fn wrap_rustls(
+pub async fn wrap_rustls<T: AsyncRead + AsyncWrite + Unpin>(
    hostname: &str,
    alpn: &[&str],
-    stream: impl SessionStream,
-) -> Result<impl SessionStream> {
+    stream: T,
+) -> Result<tokio_rustls::client::TlsStream<T>> {
    let mut root_cert_store = rustls::RootCertStore::empty();
    root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());

--- a/src/peerstate.rs
+++ b/src/peerstate.rs
@@ -121,7 +121,7 @@ impl Peerstate {
            last_seen_autocrypt: last_seen,
            prefer_encrypt,
            public_key: Some(public_key.clone()),
-            public_key_fingerprint: Some(public_key.dc_fingerprint()),
+            public_key_fingerprint: Some(public_key.fingerprint()),
            gossip_key: None,
            gossip_key_fingerprint: None,
            gossip_timestamp: 0,
@@ -153,7 +153,7 @@ impl Peerstate {
            public_key: None,
            public_key_fingerprint: None,
            gossip_key: Some(gossip_header.public_key.clone()),
-            gossip_key_fingerprint: Some(gossip_header.public_key.dc_fingerprint()),
+            gossip_key_fingerprint: Some(gossip_header.public_key.fingerprint()),
            gossip_timestamp: message_time,
            verified_key: None,
            verified_key_fingerprint: None,
@@ -308,7 +308,7 @@ impl Peerstate {
    pub fn recalc_fingerprint(&mut self) {
        if let Some(ref public_key) = self.public_key {
            let old_public_fingerprint = self.public_key_fingerprint.take();
-            self.public_key_fingerprint = Some(public_key.dc_fingerprint());
+            self.public_key_fingerprint = Some(public_key.fingerprint());

            if old_public_fingerprint.is_some()
                && old_public_fingerprint != self.public_key_fingerprint
@@ -319,7 +319,7 @@ impl Peerstate {

        if let Some(ref gossip_key) = self.gossip_key {
            let old_gossip_fingerprint = self.gossip_key_fingerprint.take();
-            self.gossip_key_fingerprint = Some(gossip_key.dc_fingerprint());
+            self.gossip_key_fingerprint = Some(gossip_key.fingerprint());

            if old_gossip_fingerprint.is_none()
                || self.gossip_key_fingerprint.is_none()
@@ -506,7 +506,7 @@ impl Peerstate {
        fingerprint: Fingerprint,
        verifier: String,
    ) -> Result<()> {
-        if key.dc_fingerprint() == fingerprint {
+        if key.fingerprint() == fingerprint {
            self.verified_key = Some(key);
            self.verified_key_fingerprint = Some(fingerprint);
            self.verifier = Some(verifier);
@@ -524,7 +524,7 @@ impl Peerstate {
    /// do nothing to avoid overwriting secondary verified key
    /// which may be different.
    pub fn set_secondary_verified_key(&mut self, gossip_key: SignedPublicKey, verifier: String) {
-        let fingerprint = gossip_key.dc_fingerprint();
+        let fingerprint = gossip_key.fingerprint();
        if self.verified_key_fingerprint.as_ref() != Some(&fingerprint) {
            self.secondary_verified_key = Some(gossip_key);
            self.secondary_verified_key_fingerprint = Some(fingerprint);
@@ -766,7 +766,8 @@ pub(crate) async fn maybe_do_aeap_transition(
    context: &Context,
    mime_parser: &mut crate::mimeparser::MimeMessage,
 ) -> Result<()> {
-    let Some(peerstate) = &mime_parser.peerstate else {
+    let info = &mime_parser.decryption_info;
+    let Some(peerstate) = &info.peerstate else {
        return Ok(());
    };

@@ -814,13 +815,13 @@ pub(crate) async fn maybe_do_aeap_transition(

        // DC avoids sending messages with the same timestamp, that's why messages
        // with equal timestamps are ignored here unlike in `Peerstate::apply_header()`.
-        if mime_parser.timestamp_sent <= peerstate.last_seen {
+        if info.message_time <= peerstate.last_seen {
            info!(
                context,
                "Not doing AEAP from {} to {} because {} < {}.",
                &peerstate.addr,
                &mime_parser.from.addr,
-                mime_parser.timestamp_sent,
+                info.message_time,
                peerstate.last_seen
            );
            return Ok(());
@@ -831,23 +832,24 @@ pub(crate) async fn maybe_do_aeap_transition(
            "Doing AEAP transition from {} to {}.", &peerstate.addr, &mime_parser.from.addr
        );

-        let peerstate = mime_parser.peerstate.as_mut().context("no peerstate??")?;
+        let info = &mut mime_parser.decryption_info;
+        let peerstate = info.peerstate.as_mut().context("no peerstate??")?;
        // Add info messages to chats with this (verified) contact
        //
        peerstate
            .handle_setup_change(
                context,
-                mime_parser.timestamp_sent,
-                PeerstateChange::Aeap(mime_parser.from.addr.clone()),
+                info.message_time,
+                PeerstateChange::Aeap(info.from.clone()),
            )
            .await?;

        let old_addr = mem::take(&mut peerstate.addr);
-        peerstate.addr.clone_from(&mime_parser.from.addr);
-        let header = mime_parser.autocrypt_header.as_ref().context(
+        peerstate.addr.clone_from(&info.from);
+        let header = info.autocrypt_header.as_ref().context(
            "Internal error: Tried to do an AEAP transition without an autocrypt header??",
        )?;
-        peerstate.apply_header(context, header, mime_parser.timestamp_sent);
+        peerstate.apply_header(context, header, info.message_time);

        peerstate
            .save_to_db_ex(&context.sql, Some(&old_addr))
@@ -888,12 +890,12 @@ mod tests {
            last_seen_autocrypt: 11,
            prefer_encrypt: EncryptPreference::Mutual,
            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            public_key_fingerprint: Some(pub_key.fingerprint()),
            gossip_key: Some(pub_key.clone()),
            gossip_timestamp: 12,
-            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.fingerprint()),
            verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            verified_key_fingerprint: Some(pub_key.fingerprint()),
            verifier: None,
            secondary_verified_key: None,
            secondary_verified_key_fingerprint: None,
@@ -913,7 +915,7 @@ mod tests {
            .expect("no peerstate found in the database");

        assert_eq!(peerstate, peerstate_new);
-        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.dc_fingerprint())
+        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.fingerprint())
            .await
            .expect("failed to load peerstate from db")
            .expect("no peerstate found in the database");
@@ -932,7 +934,7 @@ mod tests {
            last_seen_autocrypt: 11,
            prefer_encrypt: EncryptPreference::Mutual,
            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            public_key_fingerprint: Some(pub_key.fingerprint()),
            gossip_key: None,
            gossip_timestamp: 12,
            gossip_key_fingerprint: None,
@@ -969,7 +971,7 @@ mod tests {
            last_seen_autocrypt: 11,
            prefer_encrypt: EncryptPreference::Mutual,
            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            public_key_fingerprint: Some(pub_key.fingerprint()),
            gossip_key: None,
            gossip_timestamp: 12,
            gossip_key_fingerprint: None,
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -14,7 +14,7 @@ use pgp::composed::{
 use pgp::crypto::ecc_curve::ECCCurve;
 use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
-use pgp::types::{CompressionAlgorithm, PublicKeyTrait, SignatureBytes, StringToKey};
+use pgp::types::{CompressionAlgorithm, KeyTrait, Mpi, PublicKeyTrait, StringToKey};
 use rand::{thread_rng, CryptoRng, Rng};
 use tokio::runtime::Handle;

@@ -41,15 +41,8 @@ enum SignedPublicKeyOrSubkey<'a> {
    Subkey(&'a SignedPublicSubKey),
 }

-impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
-    fn version(&self) -> pgp::types::KeyVersion {
-        match self {
-            Self::Key(k) => k.version(),
-            Self::Subkey(k) => k.version(),
-        }
-    }
-
-    fn fingerprint(&self) -> pgp::types::Fingerprint {
+impl KeyTrait for SignedPublicKeyOrSubkey<'_> {
+    fn fingerprint(&self) -> Vec<u8> {
        match self {
            Self::Key(k) => k.fingerprint(),
            Self::Subkey(k) => k.fingerprint(),
@@ -69,26 +62,14 @@ impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
            Self::Subkey(k) => k.algorithm(),
        }
    }
+}

-    fn created_at(&self) -> &chrono::DateTime<chrono::Utc> {
-        match self {
-            Self::Key(k) => k.created_at(),
-            Self::Subkey(k) => k.created_at(),
-        }
-    }
-
-    fn expiration(&self) -> Option<u16> {
-        match self {
-            Self::Key(k) => k.expiration(),
-            Self::Subkey(k) => k.expiration(),
-        }
-    }
-
+impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
    fn verify_signature(
        &self,
        hash: HashAlgorithm,
        data: &[u8],
-        sig: &SignatureBytes,
+        sig: &[Mpi],
    ) -> pgp::errors::Result<()> {
        match self {
            Self::Key(k) => k.verify_signature(hash, data, sig),
@@ -98,27 +79,19 @@ impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {

    fn encrypt<R: Rng + CryptoRng>(
        &self,
-        rng: R,
+        rng: &mut R,
        plain: &[u8],
-        typ: pgp::types::EskType,
-    ) -> pgp::errors::Result<pgp::types::PkeskBytes> {
+    ) -> pgp::errors::Result<Vec<Mpi>> {
        match self {
-            Self::Key(k) => k.encrypt(rng, plain, typ),
-            Self::Subkey(k) => k.encrypt(rng, plain, typ),
+            Self::Key(k) => k.encrypt(rng, plain),
+            Self::Subkey(k) => k.encrypt(rng, plain),
        }
    }

-    fn serialize_for_hashing(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
+    fn to_writer_old(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
        match self {
-            Self::Key(k) => k.serialize_for_hashing(writer),
-            Self::Subkey(k) => k.serialize_for_hashing(writer),
-        }
-    }
-
-    fn public_params(&self) -> &pgp::types::PublicParams {
-        match self {
-            Self::Key(k) => k.public_params(),
-            Self::Subkey(k) => k.public_params(),
+            Self::Key(k) => k.to_writer_old(writer),
+            Self::Subkey(k) => k.to_writer_old(writer),
        }
    }
 }
@@ -187,10 +160,9 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
    let (signing_key_type, encryption_key_type) = match keygen_type {
        KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
        KeyGenType::Rsa4096 => (PgpKeyType::Rsa(4096), PgpKeyType::Rsa(4096)),
-        KeyGenType::Ed25519 | KeyGenType::Default => (
-            PgpKeyType::EdDSALegacy,
-            PgpKeyType::ECDH(ECCCurve::Curve25519),
-        ),
+        KeyGenType::Ed25519 | KeyGenType::Default => {
+            (PgpKeyType::EdDSA, PgpKeyType::ECDH(ECCCurve::Curve25519))
+        }
    };

    let user_id = format!("<{addr}>");
@@ -227,11 +199,10 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
        .build()
        .context("failed to build key parameters")?;

-    let mut rng = thread_rng();
    let secret_key = key_params
-        .generate(&mut rng)
+        .generate()
        .context("failed to generate the key")?
-        .sign(&mut rng, || "".into())
+        .sign(|| "".into())
        .context("failed to sign secret key")?;
    secret_key
        .verify()
@@ -290,19 +261,15 @@ pub async fn pk_encrypt(
            let mut rng = thread_rng();

            let encrypted_msg = if let Some(ref skey) = private_key_for_signing {
-                let signed_msg = lit_msg.sign(&mut rng, skey, || "".into(), HASH_ALGORITHM)?;
+                let signed_msg = lit_msg.sign(skey, || "".into(), HASH_ALGORITHM)?;
                let compressed_msg = if compress {
                    signed_msg.compress(CompressionAlgorithm::ZLIB)?
                } else {
                    signed_msg
                };
-                compressed_msg.encrypt_to_keys_seipdv1(
-                    &mut rng,
-                    SYMMETRIC_KEY_ALGORITHM,
-                    &pkeys_refs,
-                )?
+                compressed_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
            } else {
-                lit_msg.encrypt_to_keys_seipdv1(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
+                lit_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
            };

            let encoded_msg = encrypted_msg.to_armored_string(Default::default())?;
@@ -317,9 +284,7 @@ pub fn pk_calc_signature(
    plain: &[u8],
    private_key_for_signing: &SignedSecretKey,
 ) -> Result<String> {
-    let mut rng = thread_rng();
    let msg = Message::new_literal_bytes("", plain).sign(
-        &mut rng,
        private_key_for_signing,
        || "".into(),
        HASH_ALGORITHM,
@@ -332,43 +297,43 @@ pub fn pk_calc_signature(
 ///
 /// Receiver private keys are provided in
 /// `private_keys_for_decryption`.
+///
+/// Returns decrypted message and fingerprints
+/// of all keys from the `public_keys_for_validation` keyring that
+/// have valid signatures there.
+#[allow(clippy::implicit_hasher)]
 pub fn pk_decrypt(
    ctext: Vec<u8>,
    private_keys_for_decryption: &[SignedSecretKey],
-) -> Result<pgp::composed::Message> {
+    public_keys_for_validation: &[SignedPublicKey],
+) -> Result<(Vec<u8>, HashSet<Fingerprint>)> {
+    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
+
    let cursor = Cursor::new(ctext);
-    let (msg, _headers) = Message::from_armor_single(cursor)?;
+    let (msg, _) = Message::from_armor_single(cursor)?;

    let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect();

-    let (msg, _key_ids) = msg.decrypt(|| "".into(), &skeys[..])?;
+    let (msg, _) = msg.decrypt(|| "".into(), &skeys[..])?;

    // get_content() will decompress the message if needed,
    // but this avoids decompressing it again to check signatures
    let msg = msg.decompress()?;

-    Ok(msg)
-}
+    let content = match msg.get_content()? {
+        Some(content) => content,
+        None => bail!("The decrypted message is empty"),
+    };

-/// Returns fingerprints
-/// of all keys from the `public_keys_for_validation` keyring that
-/// have valid signatures there.
-///
-/// If the message is wrongly signed, HashSet will be empty.
-pub fn valid_signature_fingerprints(
-    msg: &pgp::composed::Message,
-    public_keys_for_validation: &[SignedPublicKey],
-) -> Result<HashSet<Fingerprint>> {
-    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
    if let signed_msg @ pgp::composed::Message::Signed { .. } = msg {
        for pkey in public_keys_for_validation {
            if signed_msg.verify(&pkey.primary_key).is_ok() {
-                let fp = pkey.dc_fingerprint();
+                let fp = DcKey::fingerprint(pkey);
                ret_signature_fingerprints.insert(fp);
            }
        }
    }
-    Ok(ret_signature_fingerprints)
+    Ok((content, ret_signature_fingerprints))
 }

 /// Validates detached signature.
@@ -390,7 +355,7 @@ pub fn pk_validate(

    for pkey in public_keys_for_validation {
        if standalone_signature.verify(pkey, content).is_ok() {
-            let fp = pkey.dc_fingerprint();
+            let fp = DcKey::fingerprint(pkey);
            ret.insert(fp);
        }
    }
@@ -405,12 +370,8 @@ pub async fn symm_encrypt(passphrase: &str, plain: &[u8]) -> Result<String> {
    tokio::task::spawn_blocking(move || {
        let mut rng = thread_rng();
        let s2k = StringToKey::new_default(&mut rng);
-        let msg = lit_msg.encrypt_with_password_seipdv1(
-            &mut rng,
-            s2k,
-            SYMMETRIC_KEY_ALGORITHM,
-            || passphrase,
-        )?;
+        let msg =
+            lit_msg.encrypt_with_password(&mut rng, s2k, SYMMETRIC_KEY_ALGORITHM, || passphrase)?;

        let encoded_msg = msg.to_armored_string(Default::default())?;

@@ -446,18 +407,6 @@ mod tests {
    use super::*;
    use crate::test_utils::{alice_keypair, bob_keypair};

-    fn pk_decrypt_and_validate(
-        ctext: Vec<u8>,
-        private_keys_for_decryption: &[SignedSecretKey],
-        public_keys_for_validation: &[SignedPublicKey],
-    ) -> Result<(pgp::composed::Message, HashSet<Fingerprint>)> {
-        let msg = pk_decrypt(ctext, private_keys_for_decryption)?;
-        let ret_signature_fingerprints =
-            valid_signature_fingerprints(&msg, public_keys_for_validation)?;
-
-        Ok((msg, ret_signature_fingerprints))
-    }
-
    #[test]
    fn test_split_armored_data_1() {
        let (typ, _headers, base64) = split_armored_data(
@@ -585,35 +534,34 @@ mod tests {
        // Check decrypting as Alice
        let decrypt_keyring = vec![KEYS.alice_secret.clone()];
        let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (msg, valid_signatures) = pk_decrypt_and_validate(
+        let (plain, valid_signatures) = pk_decrypt(
            ctext_signed().await.as_bytes().to_vec(),
            &decrypt_keyring,
            &sig_check_keyring,
        )
        .unwrap();
-        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
+        assert_eq!(plain, CLEARTEXT);
        assert_eq!(valid_signatures.len(), 1);

        // Check decrypting as Bob
        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
        let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (msg, valid_signatures) = pk_decrypt_and_validate(
+        let (plain, valid_signatures) = pk_decrypt(
            ctext_signed().await.as_bytes().to_vec(),
            &decrypt_keyring,
            &sig_check_keyring,
        )
        .unwrap();
-        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
+        assert_eq!(plain, CLEARTEXT);
        assert_eq!(valid_signatures.len(), 1);
    }

    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_decrypt_no_sig_check() {
        let keyring = vec![KEYS.alice_secret.clone()];
-        let (msg, valid_signatures) =
-            pk_decrypt_and_validate(ctext_signed().await.as_bytes().to_vec(), &keyring, &[])
-                .unwrap();
-        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
+        let (plain, valid_signatures) =
+            pk_decrypt(ctext_signed().await.as_bytes().to_vec(), &keyring, &[]).unwrap();
+        assert_eq!(plain, CLEARTEXT);
        assert_eq!(valid_signatures.len(), 0);
    }

@@ -622,26 +570,26 @@ mod tests {
        // The validation does not have the public key of the signer.
        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
        let sig_check_keyring = vec![KEYS.bob_public.clone()];
-        let (msg, valid_signatures) = pk_decrypt_and_validate(
+        let (plain, valid_signatures) = pk_decrypt(
            ctext_signed().await.as_bytes().to_vec(),
            &decrypt_keyring,
            &sig_check_keyring,
        )
        .unwrap();
-        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
+        assert_eq!(plain, CLEARTEXT);
        assert_eq!(valid_signatures.len(), 0);
    }

    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_decrypt_unsigned() {
        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
-        let (msg, valid_signatures) = pk_decrypt_and_validate(
+        let (plain, valid_signatures) = pk_decrypt(
            ctext_unsigned().await.as_bytes().to_vec(),
            &decrypt_keyring,
            &[],
        )
        .unwrap();
-        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
+        assert_eq!(plain, CLEARTEXT);
        assert_eq!(valid_signatures.len(), 0);
    }
 }
--- a/src/plaintext.rs
+++ b/src/plaintext.rs
@@ -2,7 +2,7 @@

 use once_cell::sync::Lazy;

-use crate::simplify::remove_message_footer;
+use crate::simplify::split_lines;

 /// Plaintext message body together with format=flowed attributes.
 #[derive(Debug)]
@@ -32,8 +32,7 @@ impl PlainText {
            regex::Regex::new(r"\b((http|https|ftp|ftps):[\w.,:;$/@!?&%\-~=#+]+)").unwrap()
        });

-        let lines: Vec<&str> = self.text.lines().collect();
-        let (lines, _footer) = remove_message_footer(&lines);
+        let lines = split_lines(&self.text);

        let mut ret = r#"<!DOCTYPE html>
 <html><head>
@@ -137,28 +136,7 @@ line 1<br/>
 line 2<br/>
 line with <a href="https://link-mid-of-line.org">https://link-mid-of-line.org</a> and <a href="http://link-end-of-line.com/file?foo=bar%20">http://link-end-of-line.com/file?foo=bar%20</a><br/>
 <a href="http://link-at-start-of-line.org">http://link-at-start-of-line.org</a><br/>
-</body></html>
-"#
-        );
-    }
-
-    #[test]
-    fn test_plain_remove_signature() {
-        let html = PlainText {
-            text: "Foo\nbar\n-- \nSignature here".to_string(),
-            flowed: false,
-            delsp: false,
-        }
-        .to_html();
-        assert_eq!(
-            html,
-            r#"<!DOCTYPE html>
-<html><head>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<meta name="color-scheme" content="light dark" />
-</head><body>
-Foo<br/>
-bar<br/>
+<br/>
 </body></html>
 "#
        );
--- a/src/provider.rs
+++ b/src/provider.rs
@@ -288,6 +288,8 @@ pub fn get_provider_by_id(id: &str) -> Option<&'static Provider> {

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use super::*;
    use crate::test_utils::TestContext;

--- a/src/qr.rs
+++ b/src/qr.rs
@@ -270,7 +270,6 @@ fn starts_with_ignore_case(string: &str, pattern: &str) -> bool {
 /// The function should be called after a QR code is scanned.
 /// The function takes the raw text scanned and checks what can be done with it.
 pub async fn check_qr(context: &Context, qr: &str) -> Result<Qr> {
-    let qr = qr.trim();
    let qrcode = if starts_with_ignore_case(qr, OPENPGP4FPR_SCHEME) {
        decode_openpgp(context, qr)
            .await
@@ -368,10 +367,9 @@ pub fn format_backup(qr: &Qr) -> Result<String> {
 /// scheme: `OPENPGP4FPR:FINGERPRINT#a=ADDR&n=NAME&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=GROUPNAME&x=GROUPID&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR`
+#[allow(clippy::indexing_slicing)]
 async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = qr
-        .get(OPENPGP4FPR_SCHEME.len()..)
-        .context("Invalid OPENPGP4FPR scheme")?;
+    let payload = &qr[OPENPGP4FPR_SCHEME.len()..];

    // macOS and iOS sometimes replace the # with %23 (uri encode it), we should be able to parse this wrong format too.
    // see issue https://github.com/deltachat/deltachat-core-rust/issues/1969 for more info
@@ -548,7 +546,7 @@ async fn decode_ideltachat(context: &Context, prefix: &str, qr: &str) -> Result<
 fn decode_account(qr: &str) -> Result<Qr> {
    let payload = qr
        .get(DCACCOUNT_SCHEME.len()..)
-        .context("Invalid DCACCOUNT payload")?;
+        .context("invalid DCACCOUNT payload")?;
    let url = url::Url::parse(payload).context("Invalid account URL")?;
    if url.scheme() == "http" || url.scheme() == "https" {
        Ok(Qr::Account {
@@ -566,7 +564,7 @@ fn decode_account(qr: &str) -> Result<Qr> {
 fn decode_webrtc_instance(_context: &Context, qr: &str) -> Result<Qr> {
    let payload = qr
        .get(DCWEBRTC_SCHEME.len()..)
-        .context("Invalid DCWEBRTC payload")?;
+        .context("invalid DCWEBRTC payload")?;

    let (_type, url) = Message::parse_webrtc_instance(payload);
    let url = url::Url::parse(&url).context("Invalid WebRTC instance")?;
@@ -639,7 +637,7 @@ fn decode_shadowsocks_proxy(qr: &str) -> Result<Qr> {
 fn decode_backup2(qr: &str) -> Result<Qr> {
    let payload = qr
        .strip_prefix(DCBACKUP2_SCHEME)
-        .ok_or_else(|| anyhow!("Invalid DCBACKUP2 scheme"))?;
+        .ok_or_else(|| anyhow!("invalid DCBACKUP scheme"))?;
    let (auth_token, node_addr) = payload
        .split_once('&')
        .context("Backup QR code has no separator")?;
@@ -670,10 +668,9 @@ struct CreateAccountErrorResponse {
 /// take a qr of the type DC_QR_ACCOUNT, parse it's parameters,
 /// download additional information from the contained url and set the parameters.
 /// on success, a configure::configure() should be able to log in to the account
+#[allow(clippy::indexing_slicing)]
 async fn set_account_from_qr(context: &Context, qr: &str) -> Result<()> {
-    let url_str = qr
-        .get(DCACCOUNT_SCHEME.len()..)
-        .context("Invalid DCACCOUNT scheme")?;
+    let url_str = &qr[DCACCOUNT_SCHEME.len()..];

    if !url_str.starts_with(HTTPS_SCHEME) {
        bail!("DCACCOUNT QR codes must use HTTPS scheme");
@@ -803,12 +800,15 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
 /// Extract address for the mailto scheme.
 ///
 /// Scheme: `mailto:addr...?subject=...&body=..`
+#[allow(clippy::indexing_slicing)]
 async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = qr
-        .get(MAILTO_SCHEME.len()..)
-        .context("Invalid mailto: scheme")?;
+    let payload = &qr[MAILTO_SCHEME.len()..];

-    let (addr, query) = payload.split_once('?').unwrap_or((payload, ""));
+    let (addr, query) = if let Some(query_index) = payload.find('?') {
+        (&payload[..query_index], &payload[query_index + 1..])
+    } else {
+        (payload, "")
+    };

    let param: BTreeMap<&str, &str> = query
        .split('&')
@@ -855,12 +855,16 @@ async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
 /// Extract address for the smtp scheme.
 ///
 /// Scheme: `SMTP:addr...:subject...:body...`
+#[allow(clippy::indexing_slicing)]
 async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = qr.get(SMTP_SCHEME.len()..).context("Invalid SMTP scheme")?;
+    let payload = &qr[SMTP_SCHEME.len()..];
+
+    let addr = if let Some(query_index) = payload.find(':') {
+        &payload[..query_index]
+    } else {
+        bail!("Invalid SMTP found");
+    };

-    let (addr, _rest) = payload
-        .split_once(':')
-        .context("Invalid SMTP scheme payload")?;
    let addr = normalize_address(addr)?;
    let name = "";
    Qr::from_address(context, name, &addr, None).await
@@ -871,13 +875,14 @@ async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
 /// Scheme: `MATMSG:TO:addr...;SUB:subject...;BODY:body...;`
 ///
 /// There may or may not be linebreaks after the fields.
+#[allow(clippy::indexing_slicing)]
 async fn decode_matmsg(context: &Context, qr: &str) -> Result<Qr> {
    // Does not work when the text `TO:` is used in subject/body _and_ TO: is not the first field.
    // we ignore this case.
    let addr = if let Some(to_index) = qr.find("TO:") {
-        let addr = qr.get(to_index + 3..).unwrap_or_default().trim();
+        let addr = qr[to_index + 3..].trim();
        if let Some(semi_index) = addr.find(';') {
-            addr.get(..semi_index).unwrap_or_default().trim()
+            addr[..semi_index].trim()
        } else {
            addr
        }
@@ -898,6 +903,7 @@ static VCARD_EMAIL_RE: Lazy<regex::Regex> =
 /// Extract address for the vcard scheme.
 ///
 /// Scheme: `VCARD:BEGIN\nN:last name;first name;...;\nEMAIL;<type>:addr...;`
+#[allow(clippy::indexing_slicing)]
 async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
    let name = VCARD_NAME_RE
        .captures(qr)
@@ -909,8 +915,8 @@ async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
        })
        .unwrap_or_default();

-    let addr = if let Some(cap) = VCARD_EMAIL_RE.captures(qr).and_then(|caps| caps.get(2)) {
-        normalize_address(cap.as_str().trim())?
+    let addr = if let Some(caps) = VCARD_EMAIL_RE.captures(qr) {
+        normalize_address(caps[2].trim())?
    } else {
        bail!("Bad e-mail address");
    };
@@ -995,17 +1001,6 @@ mod tests {
            }
        );

-        // Test that QR code whitespace is stripped.
-        // Users can copy-paste QR code contents and "scan"
-        // from the clipboard.
-        let qr = check_qr(&ctx.ctx, "  \thttp://www.hello.com/hello  \n\t \r\n ").await?;
-        assert_eq!(
-            qr,
-            Qr::Url {
-                url: "http://www.hello.com/hello".to_string(),
-            }
-        );
-
        Ok(())
    }

@@ -1314,7 +1309,7 @@ mod tests {
            last_seen_autocrypt: 1,
            prefer_encrypt: EncryptPreference::Mutual,
            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
+            public_key_fingerprint: Some(pub_key.fingerprint()),
            gossip_key: None,
            gossip_timestamp: 0,
            gossip_key_fingerprint: None,
@@ -1345,10 +1340,7 @@ mod tests {

        let qr = check_qr(
            &ctx.ctx,
-            &format!(
-                "OPENPGP4FPR:{}#a=alice@example.org",
-                pub_key.dc_fingerprint()
-            ),
+            &format!("OPENPGP4FPR:{}#a=alice@example.org", pub_key.fingerprint()),
        )
        .await?;
        if let Qr::FprOk { contact_id, .. } = qr {
@@ -1755,9 +1747,7 @@ mod tests {
        );

        // Test URL without port.
-        //
-        // Also check that whitespace is trimmed.
-        let res = set_config_from_qr(&t, " https://t.me/socks?server=1.2.3.4\n").await;
+        let res = set_config_from_qr(&t, "https://t.me/socks?server=1.2.3.4").await;
        assert!(res.is_ok());
        assert_eq!(t.get_config_bool(Config::ProxyEnabled).await?, true);
        assert_eq!(
--- a/src/receive_imf.rs
+++ b/src/receive_imf.rs
@@ -6,7 +6,7 @@ use std::str::FromStr;
 use anyhow::{Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, may_be_valid_addr, sanitize_single_line, ContactAddress};
 use iroh_gossip::proto::TopicId;
-use mailparse::SingleInfo;
+use mailparse::{parse_mail, SingleInfo};
 use num_traits::FromPrimitive;
 use once_cell::sync::Lazy;
 use regex::Regex;
@@ -73,13 +73,12 @@ pub struct ReceivedMsg {
 ///
 /// This method returns errors on a failure to parse the mail or extract Message-ID. It's only used
 /// for tests and REPL tool, not actual message reception pipeline.
-#[cfg(any(test, feature = "internals"))]
 pub async fn receive_imf(
    context: &Context,
    imf_raw: &[u8],
    seen: bool,
 ) -> Result<Option<ReceivedMsg>> {
-    let mail = mailparse::parse_mail(imf_raw).context("can't parse mail")?;
+    let mail = parse_mail(imf_raw).context("can't parse mail")?;
    let rfc724_mid =
        imap::prefetch_get_message_id(&mail.headers).unwrap_or_else(imap::create_message_id);
    if let Some(download_limit) = context.download_limit().await? {
@@ -106,7 +105,6 @@ pub async fn receive_imf(
 /// Emulates reception of a message from "INBOX".
 ///
 /// Only used for tests and REPL tool, not actual message reception pipeline.
-#[cfg(any(test, feature = "internals"))]
 pub(crate) async fn receive_imf_from_inbox(
    context: &Context,
    rfc724_mid: &str,
@@ -203,7 +201,7 @@ pub(crate) async fn receive_imf_inner(
    };

    crate::peerstate::maybe_do_aeap_transition(context, &mut mime_parser).await?;
-    if let Some(peerstate) = &mime_parser.peerstate {
+    if let Some(peerstate) = &mime_parser.decryption_info.peerstate {
        peerstate
            .handle_fingerprint_change(context, mime_parser.timestamp_sent)
            .await?;
@@ -358,7 +356,8 @@ pub(crate) async fn receive_imf_inner(

            // Peerstate could be updated by handling the Securejoin handshake.
            let contact = Contact::get_by_id(context, from_id).await?;
-            mime_parser.peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
+            mime_parser.decryption_info.peerstate =
+                Peerstate::from_addr(context, contact.get_addr()).await?;
        } else {
            let to_id = to_ids.first().copied().unwrap_or_default();
            // handshake may mark contacts as verified and must be processed before chats are created
@@ -394,7 +393,7 @@ pub(crate) async fn receive_imf_inner(
    if verified_encryption == VerifiedEncryption::Verified
        && mime_parser.get_header(HeaderDef::ChatVerified).is_some()
    {
-        if let Some(peerstate) = &mut mime_parser.peerstate {
+        if let Some(peerstate) = &mut mime_parser.decryption_info.peerstate {
            // NOTE: it might be better to remember ID of the key
            // that we used to decrypt the message, but
            // it is unlikely that default key ever changes
@@ -1007,7 +1006,7 @@ async fn add_parts(
                            )
                            .await?;
                    }
-                    if let Some(peerstate) = &mime_parser.peerstate {
+                    if let Some(peerstate) = &mime_parser.decryption_info.peerstate {
                        restore_protection = new_protection != ProtectionStatus::Protected
                            && peerstate.prefer_encrypt == EncryptPreference::Mutual
                            // Check that the contact still has the Autocrypt key same as the
@@ -1425,11 +1424,7 @@ async fn add_parts(
    if let Some(msg) = group_changes_msgs.1 {
        match &better_msg {
            None => better_msg = Some(msg),
-            Some(_) => {
-                if !msg.is_empty() {
-                    group_changes_msgs.0.push(msg)
-                }
-            }
+            Some(_) => group_changes_msgs.0.push(msg),
        }
    }

@@ -1512,9 +1507,6 @@ async fn add_parts(

        let mut txt_raw = "".to_string();
        let (msg, typ): (&str, Viewtype) = if let Some(better_msg) = &better_msg {
-            if better_msg.is_empty() && is_partial_download.is_none() {
-                chat_id = DC_CHAT_ID_TRASH;
-            }
            (better_msg, Viewtype::Text)
        } else {
            (&part.msg, part.typ)
@@ -1577,7 +1569,7 @@ INSERT INTO msgs
 ON CONFLICT (id) DO UPDATE
 SET rfc724_mid=excluded.rfc724_mid, chat_id=excluded.chat_id,
    from_id=excluded.from_id, to_id=excluded.to_id, timestamp_sent=excluded.timestamp_sent,
-    type=excluded.type, state=max(state,excluded.state), msgrmsg=excluded.msgrmsg,
+    type=excluded.type, msgrmsg=excluded.msgrmsg,
    txt=excluded.txt, txt_normalized=excluded.txt_normalized, subject=excluded.subject,
    txt_raw=excluded.txt_raw, param=excluded.param,
    hidden=excluded.hidden,bytes=excluded.bytes, mime_headers=excluded.mime_headers,
@@ -2086,11 +2078,8 @@ async fn create_group(

 /// Apply group member list, name, avatar and protection status changes from the MIME message.
 ///
-/// Returns `Vec` of group changes messages and, optionally, a better message to replace the
-/// original system message. If the better message is empty, the original system message should be
-/// just omitted.
-///
-/// * `is_partial_download` - whether the message is not fully downloaded.
+/// Optionally returns better message to replace the original system message.
+/// is_partial_download: whether the message is not fully downloaded.
 #[allow(clippy::too_many_arguments)]
 async fn apply_group_changes(
    context: &Context,
@@ -2192,47 +2181,39 @@ async fn apply_group_changes(

    if let Some(removed_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberRemoved) {
        removed_id = Contact::lookup_id_by_addr(context, removed_addr, Origin::Unknown).await?;
-        if let Some(id) = removed_id {
-            if allow_member_list_changes && chat_contacts.contains(&id) {
-                better_msg = if id == from_id {
-                    Some(stock_str::msg_group_left_local(context, from_id).await)
-                } else {
-                    Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
-                };
+
+        better_msg = if removed_id == Some(from_id) {
+            Some(stock_str::msg_group_left_local(context, from_id).await)
+        } else {
+            Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
+        };
+
+        if removed_id.is_some() {
+            if !allow_member_list_changes {
+                info!(
+                    context,
+                    "Ignoring removal of {removed_addr:?} from {chat_id}."
+                );
            }
        } else {
            warn!(context, "Removed {removed_addr:?} has no contact id.")
        }
-        better_msg.get_or_insert_with(Default::default);
-        if !allow_member_list_changes {
-            info!(
-                context,
-                "Ignoring removal of {removed_addr:?} from {chat_id}."
-            );
-        }
    } else if let Some(added_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberAdded) {
-        if allow_member_list_changes {
-            let is_new_member;
-            if let Some(contact_id) =
-                Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
-            {
-                if !recreate_member_list {
-                    added_id = Some(contact_id);
-                }
-                is_new_member = !chat_contacts.contains(&contact_id);
-            } else {
-                warn!(context, "Added {added_addr:?} has no contact id.");
-                is_new_member = false;
-            }
+        better_msg = Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);

-            if is_new_member || self_added {
-                better_msg =
-                    Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);
+        if allow_member_list_changes {
+            if !recreate_member_list {
+                if let Some(contact_id) =
+                    Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
+                {
+                    added_id = Some(contact_id);
+                } else {
+                    warn!(context, "Added {added_addr:?} has no contact id.")
+                }
            }
        } else {
            info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
        }
-        better_msg.get_or_insert_with(Default::default);
    } else if let Some(old_name) = mime_parser
        .get_header(HeaderDef::ChatGroupNameChanged)
        .map(|s| s.trim())
@@ -2336,6 +2317,9 @@ async fn apply_group_changes(
        }

        if new_members != chat_contacts {
+            if !new_members.contains(&ContactId::SELF) {
+                chat_id.set_draft(context, None).await?; // Clear draft since Self was removed from the group.
+            }
            chat::update_chat_contacts_table(context, chat_id, &new_members).await?;
            chat_contacts = new_members;
            send_event_chat_modified = true;
@@ -2467,16 +2451,14 @@ async fn create_or_lookup_mailinglist(
    }
 }

+#[allow(clippy::indexing_slicing)]
 fn compute_mailinglist_name(
    list_id_header: &str,
    listid: &str,
    mime_parser: &MimeMessage,
 ) -> String {
-    let mut name = match LIST_ID_REGEX
-        .captures(list_id_header)
-        .and_then(|caps| caps.get(1))
-    {
-        Some(cap) => cap.as_str().trim().to_string(),
+    let mut name = match LIST_ID_REGEX.captures(list_id_header) {
+        Some(cap) => cap[1].trim().to_string(),
        None => "".to_string(),
    };

@@ -2523,11 +2505,8 @@ fn compute_mailinglist_name(
        // 51231231231231231231231232869f58.xing.com -> xing.com
        static PREFIX_32_CHARS_HEX: Lazy<Regex> =
            Lazy::new(|| Regex::new(r"([0-9a-fA-F]{32})\.(.{6,})").unwrap());
-        if let Some(cap) = PREFIX_32_CHARS_HEX
-            .captures(listid)
-            .and_then(|caps| caps.get(2))
-        {
-            name = cap.as_str().to_string();
+        if let Some(cap) = PREFIX_32_CHARS_HEX.captures(listid) {
+            name = cap[2].to_string();
        } else {
            name = listid.to_string();
        }
@@ -2686,7 +2665,7 @@ async fn update_verified_keys(
        return Ok(None);
    }

-    let Some(peerstate) = &mut mimeparser.peerstate else {
+    let Some(peerstate) = &mut mimeparser.decryption_info.peerstate else {
        // No peerstate means no verified keys.
        return Ok(None);
    };
@@ -2759,7 +2738,7 @@ async fn has_verified_encryption(
    // this check is skipped for SELF as there is no proper SELF-peerstate
    // and results in group-splits otherwise.
    if from_id != ContactId::SELF {
-        let Some(peerstate) = &mimeparser.peerstate else {
+        let Some(peerstate) = &mimeparser.decryption_info.peerstate else {
            return Ok(NotVerified(
                "No peerstate, the contact isn't verified".to_string(),
            ));
--- a/src/receive_imf/tests.rs
+++ b/src/receive_imf/tests.rs
@@ -4185,8 +4185,9 @@ async fn test_recreate_contact_list_on_missing_message() -> Result<()> {
    // readd fiona
    add_contact_to_chat(&alice, chat_id, alice_fiona).await?;

+    alice.recv_msg(&remove_msg).await;
+
    // delayed removal of fiona shouldn't remove her
-    alice.recv_msg_trash(&remove_msg).await;
    assert_eq!(get_chat_contacts(&alice, chat_id).await?.len(), 4);

    Ok(())
@@ -4855,37 +4856,6 @@ async fn test_protected_group_add_remove_member_missing_key() -> Result<()> {
    Ok(())
 }

-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_protected_group_reply_from_mua() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-    let bob = &tcm.bob().await;
-    let fiona = &tcm.fiona().await;
-    mark_as_verified(alice, bob).await;
-    mark_as_verified(alice, fiona).await;
-    mark_as_verified(bob, alice).await;
-    let alice_chat_id = alice
-        .create_group_with_members(ProtectionStatus::Protected, "Group", &[bob, fiona])
-        .await;
-    let sent = alice.send_text(alice_chat_id, "Hello!").await;
-    let bob_msg = bob.recv_msg(&sent).await;
-    bob_msg.chat_id.accept(bob).await?;
-    // This is hacky, but i don't know other simple way to simulate a MUA reply. It works because
-    // the message is correctly assigned to the chat by `References:`.
-    bob.sql
-        .execute(
-            "UPDATE chats SET protected=0, grpid='' WHERE id=?",
-            (bob_msg.chat_id,),
-        )
-        .await?;
-    let sent = bob
-        .send_text(bob_msg.chat_id, "/me replying from MUA")
-        .await;
-    let alice_msg = alice.recv_msg(&sent).await;
-    assert_eq!(alice_msg.chat_id, alice_chat_id);
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_older_message_from_2nd_device() -> Result<()> {
    let mut tcm = TestContextManager::new();
@@ -4977,32 +4947,6 @@ async fn test_unarchive_on_member_removal() -> Result<()> {
    Ok(())
 }

-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_no_op_member_added_is_trash() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-    let bob = &tcm.bob().await;
-    let alice_chat_id = alice
-        .create_group_with_members(ProtectionStatus::Unprotected, "foos", &[bob])
-        .await;
-    send_text_msg(alice, alice_chat_id, "populate".to_string()).await?;
-    let msg = alice.pop_sent_msg().await;
-    bob.recv_msg(&msg).await;
-    let bob_chat_id = bob.get_last_msg().await.chat_id;
-    bob_chat_id.accept(bob).await?;
-
-    let fiona_id = Contact::create(alice, "", "fiona@example.net").await?;
-    add_contact_to_chat(alice, alice_chat_id, fiona_id).await?;
-    let msg = alice.pop_sent_msg().await;
-
-    let fiona_id = Contact::create(bob, "", "fiona@example.net").await?;
-    add_contact_to_chat(bob, bob_chat_id, fiona_id).await?;
-    bob.recv_msg_trash(&msg).await;
-    let contacts = get_chat_contacts(bob, bob_chat_id).await?;
-    assert_eq!(contacts.len(), 3);
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_forged_from() -> Result<()> {
    let mut tcm = TestContextManager::new();
--- a/src/scheduler/connectivity.rs
+++ b/src/scheduler/connectivity.rs
@@ -318,6 +318,10 @@ impl Context {
                    .yellow {
                        background-color: #fdc625;
                    }
+                    .not-started-error {
+                        font-size: 2em;
+                        color: red;
+                    }
                </style>
            </head>
            <body>"#
@@ -337,10 +341,7 @@ impl Context {
                sched.smtp.state.connectivity.clone(),
            ),
            _ => {
-                ret += &format!(
-                    "<h3>{}</h3>\n</body></html>\n",
-                    stock_str::not_connected(self).await
-                );
+                ret += "<div class=\"not-started-error\">Error: IO Not Started</div><p>Please report this issue to the app developer.</p>\n</body></html>\n";
                return Ok(ret);
            }
        };
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -104,7 +104,7 @@ pub async fn get_securejoin_qr(context: &Context, group: Option<ChatId>) -> Resu
            context.scheduler.interrupt_inbox().await;
        }
        format!(
-            "https://i.delta.chat/#{}&a={}&g={}&x={}&i={}&s={}",
+            "OPENPGP4FPR:{}#a={}&g={}&x={}&i={}&s={}",
            fingerprint.hex(),
            self_addr_urlencoded,
            &group_name_urlencoded,
@@ -119,7 +119,7 @@ pub async fn get_securejoin_qr(context: &Context, group: Option<ChatId>) -> Resu
            context.scheduler.interrupt_inbox().await;
        }
        format!(
-            "https://i.delta.chat/#{}&a={}&n={}&i={}&s={}",
+            "OPENPGP4FPR:{}#a={}&n={}&i={}&s={}",
            fingerprint.hex(),
            self_addr_urlencoded,
            self_name_urlencoded,
@@ -136,7 +136,7 @@ async fn get_self_fingerprint(context: &Context) -> Result<Fingerprint> {
    let key = load_self_public_key(context)
        .await
        .context("Failed to load key")?;
-    Ok(key.dc_fingerprint())
+    Ok(key.fingerprint())
 }

 /// Take a scanned QR-code and do the setup-contact/join-group/invite handshake.
@@ -244,10 +244,10 @@ async fn verify_sender_by_fingerprint(

 /// What to do with a Secure-Join handshake message after it was handled.
 ///
-/// This status is returned to [`receive_imf_inner`] which will use it to decide what to do
+/// This status is returned to [`receive_imf`] which will use it to decide what to do
 /// next with this incoming setup-contact/secure-join handshake message.
 ///
-/// [`receive_imf_inner`]: crate::receive_imf::receive_imf_inner
+/// [`receive_imf`]: crate::receive_imf::receive_imf
 #[derive(Debug, PartialEq, Eq)]
 pub(crate) enum HandshakeMessage {
    /// The message has been fully handled and should be removed/delete.
@@ -279,6 +279,7 @@ pub(crate) enum HandshakeMessage {
 ///
 /// When `handle_securejoin_handshake()` is called, the message is not yet filed in the
 /// database; this is done by `receive_imf()` later on as needed.
+#[allow(clippy::indexing_slicing)]
 pub(crate) async fn handle_securejoin_handshake(
    context: &Context,
    mime_message: &MimeMessage,
@@ -297,9 +298,9 @@ pub(crate) async fn handle_securejoin_handshake(

    if !matches!(step, "vg-request" | "vc-request") {
        let mut self_found = false;
-        let self_fingerprint = load_self_public_key(context).await?.dc_fingerprint();
+        let self_fingerprint = load_self_public_key(context).await?.fingerprint();
        for (addr, key) in &mime_message.gossiped_keys {
-            if key.dc_fingerprint() == self_fingerprint && context.is_self_addr(addr).await? {
+            if key.fingerprint() == self_fingerprint && context.is_self_addr(addr).await? {
                self_found = true;
                break;
            }
@@ -347,7 +348,7 @@ pub(crate) async fn handle_securejoin_handshake(
            send_alice_handshake_msg(
                context,
                contact_id,
-                &format!("{}-auth-required", &step.get(..2).unwrap_or_default()),
+                &format!("{}-auth-required", &step[..2]),
            )
            .await
            .context("failed sending auth-required handshake message")?;
@@ -935,10 +936,7 @@ mod tests {
            "vc-request-with-auth"
        );
        assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx)
-            .await
-            .unwrap()
-            .dc_fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await.unwrap().fingerprint();
        assert_eq!(
            *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
            bob_fp.hex()
@@ -1108,10 +1106,10 @@ mod tests {
            last_seen_autocrypt: 10,
            prefer_encrypt: EncryptPreference::Mutual,
            public_key: Some(alice_pubkey.clone()),
-            public_key_fingerprint: Some(alice_pubkey.dc_fingerprint()),
+            public_key_fingerprint: Some(alice_pubkey.fingerprint()),
            gossip_key: Some(alice_pubkey.clone()),
            gossip_timestamp: 10,
-            gossip_key_fingerprint: Some(alice_pubkey.dc_fingerprint()),
+            gossip_key_fingerprint: Some(alice_pubkey.fingerprint()),
            verified_key: None,
            verified_key_fingerprint: None,
            verifier: None,
@@ -1159,7 +1157,7 @@ mod tests {
            "vc-request-with-auth"
        );
        assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx).await?.dc_fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
        assert_eq!(
            *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
            bob_fp.hex()
@@ -1322,7 +1320,7 @@ mod tests {
            "vg-request-with-auth"
        );
        assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx).await?.dc_fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
        assert_eq!(
            *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
            bob_fp.hex()
--- a/src/securejoin/bobstate.rs
+++ b/src/securejoin/bobstate.rs
@@ -389,7 +389,7 @@ async fn send_handshake_message(
            msg.param.set_int(Param::GuaranteeE2ee, 1);

            // Sends our own fingerprint in the Secure-Join-Fingerprint header.
-            let bob_fp = load_self_public_key(context).await?.dc_fingerprint();
+            let bob_fp = load_self_public_key(context).await?.fingerprint();
            msg.param.set(Param::Arg3, bob_fp.hex());

            // Sends the grpid in the Secure-Join-Group header.
--- a/src/simplify.rs
+++ b/src/simplify.rs
@@ -1,5 +1,4 @@
 //! # Simplify incoming plaintext.
-use crate::tools::IsNoneOrEmpty;

 /// Protects lines starting with `--` against being treated as a footer.
 /// for that, we insert a ZERO WIDTH SPACE (ZWSP, 0x200B);
@@ -21,20 +20,20 @@ pub fn escape_message_footer_marks(text: &str) -> String {
 /// Returns `(lines, footer_lines)` tuple;
 /// `footer_lines` is set to `Some` if the footer was actually removed from `lines`
 /// (which is equal to the input array otherwise).
-pub(crate) fn remove_message_footer<'a>(
-    lines: &'a [&str],
-) -> (&'a [&'a str], Option<&'a [&'a str]>) {
+#[allow(clippy::indexing_slicing)]
+fn remove_message_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<&'a [&'a str]>) {
    let mut nearly_standard_footer = None;
    for (ix, &line) in lines.iter().enumerate() {
        match line {
            // some providers encode `-- ` to `-- =20` which results in `--  `
-            "-- " | "--  " => return (lines.get(..ix).unwrap_or(lines), lines.get(ix + 1..)),
+            "-- " | "--  " => return (&lines[..ix], lines.get(ix + 1..)),
            // some providers encode `-- ` to `=2D-` which results in only `--`;
            // use that only when no other footer is found
            // and if the line before is empty and the line after is not empty
            "--" => {
-                if (ix == 0 || lines.get(ix.saturating_sub(1)).is_none_or_empty())
-                    && !lines.get(ix + 1).is_none_or_empty()
+                if (ix == 0 || lines[ix - 1].is_empty())
+                    && ix != lines.len() - 1
+                    && !lines[ix + 1].is_empty()
                {
                    nearly_standard_footer = Some(ix);
                }
@@ -43,7 +42,7 @@ pub(crate) fn remove_message_footer<'a>(
        }
    }
    if let Some(ix) = nearly_standard_footer {
-        return (lines.get(..ix).unwrap_or(lines), lines.get(ix + 1..));
+        return (&lines[..ix], lines.get(ix + 1..));
    }
    (lines, None)
 }
@@ -52,6 +51,7 @@ pub(crate) fn remove_message_footer<'a>(
 /// Returns `(lines, is_footer_removed)` tuple;
 /// `is_footer_removed` is set to `true` if the footer was actually removed from `lines`
 /// (which is equal to the input array otherwise).
+#[allow(clippy::indexing_slicing)]
 fn remove_nonstandard_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
    for (ix, &line) in lines.iter().enumerate() {
        if line == "--"
@@ -61,10 +61,7 @@ fn remove_nonstandard_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
            || line.starts_with("*****")
            || line.starts_with("~~~~~")
        {
-            // `get` should always return `Some` here.
-            if let Some(lines) = lines.get(..ix) {
-                return (lines, true);
-            }
+            return (&lines[..ix], true);
        }
    }
    (lines, false)
@@ -174,6 +171,7 @@ fn skip_forward_header<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
    }
 }

+#[allow(clippy::indexing_slicing)]
 fn remove_bottom_quote<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<String>) {
    let mut first_quoted_line = lines.len();
    let mut last_quoted_line = None;
@@ -188,36 +186,30 @@ fn remove_bottom_quote<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<String>)
        }
    }
    if let Some(mut l_last) = last_quoted_line {
-        let quoted_text = lines
+        let quoted_text = lines[l_last..first_quoted_line]
            .iter()
-            .take(first_quoted_line)
-            .skip(l_last)
            .map(|s| {
                s.strip_prefix('>')
                    .map_or(*s, |u| u.strip_prefix(' ').unwrap_or(u))
            })
            .collect::<Vec<&str>>()
            .join("\n");
-        if l_last > 1 {
-            if let Some(line) = lines.get(l_last - 1) {
-                if is_empty_line(line) {
-                    l_last -= 1
-                }
-            }
+        if l_last > 1 && is_empty_line(lines[l_last - 1]) {
+            l_last -= 1
        }
        if l_last > 1 {
-            if let Some(line) = lines.get(l_last - 1) {
-                if is_quoted_headline(line) {
-                    l_last -= 1
-                }
+            let line = lines[l_last - 1];
+            if is_quoted_headline(line) {
+                l_last -= 1
            }
        }
-        (lines.get(..l_last).unwrap_or(lines), Some(quoted_text))
+        (&lines[..l_last], Some(quoted_text))
    } else {
        (lines, None)
    }
 }

+#[allow(clippy::indexing_slicing)]
 fn remove_top_quote<'a>(
    lines: &'a [&str],
    is_chat_message: bool,
@@ -244,12 +236,10 @@ fn remove_top_quote<'a>(
    }
    if let Some(last_quoted_line) = last_quoted_line {
        (
-            lines.get(last_quoted_line + 1..).unwrap_or(lines),
+            &lines[last_quoted_line + 1..],
            Some(
-                lines
+                lines[first_quoted_line..last_quoted_line + 1]
                    .iter()
-                    .take(last_quoted_line + 1)
-                    .skip(first_quoted_line)
                    .map(|s| {
                        s.strip_prefix('>')
                            .map_or(*s, |u| u.strip_prefix(' ').unwrap_or(u))
@@ -306,7 +296,7 @@ fn is_quoted_headline(buf: &str) -> bool {
    - Currently, we simply check if the last character is a ':'.
    - Checking for the existence of an email address may fail (headlines may show the user's name instead of the address) */

-    buf.len() <= 120 && buf.ends_with(':')
+    buf.len() <= 80 && buf.ends_with(':')
 }

 fn is_plain_quote(buf: &str) -> bool {
@@ -411,28 +401,6 @@ mod tests {
        assert!(!is_plain_quote(""));
    }

-    #[test]
-    fn test_is_quoted_headline() {
-        assert!(is_quoted_headline("On 2024-08-28, Bob wrote:"));
-        assert!(is_quoted_headline("Am 11. November 2024 schrieb Alice:"));
-        assert!(is_quoted_headline("Anonymous Longer Name a écrit:"));
-        assert!(is_quoted_headline("There is not really a pattern wrote:"));
-        assert!(is_quoted_headline(
-            "On Mon, 3 Jan, 2022 at 8:34 PM \"Anonymous Longer Name\" <anonymous-longer-name@example.com> wrote:"
-        ));
-        assert!(!is_quoted_headline(
-            "How are you? I just want to say that this line does not belong to the quote!"
-        ));
-        assert!(!is_quoted_headline(
-            "No quote headline as not ending with a colon"
-        ));
-        assert!(!is_quoted_headline(
-            "Even though this ends with a colon, \
-            this is no quote-headline as just too long for most cases of date+name+address. \
-            it's all heuristics only, it is expected to go wrong sometimes. there is always the 'Show full message' button:"
-        ));
-    }
-
    #[test]
    fn test_remove_top_quote() {
        let (lines, top_quote) = remove_top_quote(&["> first", "> second"], true);
--- a/src/smtp.rs
+++ b/src/smtp.rs
@@ -357,9 +357,9 @@ pub(crate) async fn send_msg_to_smtp(
        .await
        .context("failed to update retries count")?;

-    let Some((body, recipients, msg_id, retries)) = context
+    let (body, recipients, msg_id, retries) = context
        .sql
-        .query_row_optional(
+        .query_row(
            "SELECT mime, recipients, msg_id, retries FROM smtp WHERE id=?",
            (rowid,),
            |row| {
@@ -370,10 +370,7 @@ pub(crate) async fn send_msg_to_smtp(
                Ok((mime, recipients, msg_id, retries))
            },
        )
-        .await?
-    else {
-        return Ok(());
-    };
+        .await?;
    if retries > 6 {
        if let Some(mut msg) = Message::load_from_db_optional(context, msg_id).await? {
            message::set_msg_failed(context, &mut msg, "Number of retries exceeded the limit.")
--- a/src/sql.rs
+++ b/src/sql.rs
@@ -942,12 +942,15 @@ pub async fn remove_unused_files(context: &Context) -> Result<()> {
    Ok(())
 }

+#[allow(clippy::indexing_slicing)]
 fn is_file_in_use(files_in_use: &HashSet<String>, namespc_opt: Option<&str>, name: &str) -> bool {
    let name_to_check = if let Some(namespc) = namespc_opt {
-        let Some(name) = name.strip_suffix(namespc) else {
+        let name_len = name.len();
+        let namespc_len = namespc.len();
+        if name_len <= namespc_len || !name.ends_with(namespc) {
            return false;
-        };
-        name
+        }
+        &name[..name_len - namespc_len]
    } else {
        name
    };
--- a/src/summary.rs
+++ b/src/summary.rs
@@ -289,7 +289,7 @@ mod tests {
    use super::*;
    use crate::chat::ChatId;
    use crate::param::Param;
-    use crate::test_utils::TestContext;
+    use crate::test_utils as test;

    async fn assert_summary_texts(msg: &Message, ctx: &Context, expected: &str) {
        assert_eq!(msg.get_summary_text(ctx).await, expected);
@@ -298,7 +298,7 @@ mod tests {

    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_get_summary_text() {
-        let d = TestContext::new_alice().await;
+        let d = test::TestContext::new().await;
        let ctx = &d.ctx;
        let chat_id = ChatId::create_for_contact(ctx, ContactId::SELF)
            .await
--- a/src/test_utils.rs
+++ b/src/test_utils.rs
@@ -1,6 +1,7 @@
 //! Utilities to help writing tests.
 //!
 //! This private module is only compiled for test runs.
+#![allow(clippy::indexing_slicing)]
 use std::collections::{BTreeMap, HashSet};
 use std::fmt::Write;
 use std::ops::{Deref, DerefMut};
--- a/src/tests/aeap.rs
+++ b/src/tests/aeap.rs
@@ -1,13 +1,15 @@
+#![allow(clippy::indexing_slicing)]
+
 use anyhow::Result;

-use crate::chat::{self, Chat, ChatId, ProtectionStatus};
+use crate::chat;
+use crate::chat::ChatId;
 use crate::contact;
 use crate::contact::Contact;
 use crate::contact::ContactId;
 use crate::message::Message;
 use crate::peerstate::Peerstate;
 use crate::receive_imf::receive_imf;
-use crate::securejoin::get_securejoin_qr;
 use crate::stock_str;
 use crate::test_utils::mark_as_verified;
 use crate::test_utils::TestContext;
@@ -394,40 +396,3 @@ async fn test_aeap_replay_attack() -> Result<()> {

    Ok(())
 }
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_write_to_alice_after_aeap() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-    let bob = &tcm.bob().await;
-    let alice_grp_id = chat::create_group_chat(alice, ProtectionStatus::Protected, "Group").await?;
-    let qr = get_securejoin_qr(alice, Some(alice_grp_id)).await?;
-    tcm.exec_securejoin_qr(bob, alice, &qr).await;
-    let bob_alice_contact = bob.add_or_lookup_contact(alice).await;
-    assert!(bob_alice_contact.is_verified(bob).await?);
-    let bob_alice_chat = bob.create_chat(alice).await;
-    assert!(bob_alice_chat.is_protected());
-    let bob_unprotected_grp_id = bob
-        .create_group_with_members(ProtectionStatus::Unprotected, "Group", &[alice])
-        .await;
-
-    tcm.change_addr(alice, "alice@someotherdomain.xyz").await;
-    let sent = alice.send_text(alice_grp_id, "Hello!").await;
-    bob.recv_msg(&sent).await;
-
-    assert!(!bob_alice_contact.is_verified(bob).await?);
-    let bob_alice_chat = Chat::load_from_db(bob, bob_alice_chat.id).await?;
-    assert!(bob_alice_chat.is_protected());
-    let mut msg = Message::new_text("hi".to_string());
-    assert!(chat::send_msg(bob, bob_alice_chat.id, &mut msg)
-        .await
-        .is_err());
-
-    // But encrypted communication is still possible in unprotected groups with old Alice.
-    let sent = bob
-        .send_text(bob_unprotected_grp_id, "Alice, how is your address change?")
-        .await;
-    let msg = Message::load_from_db(bob, sent.sender_msg_id).await?;
-    assert!(msg.get_showpadlock());
-    Ok(())
-}
--- a/src/tools.rs
+++ b/src/tools.rs
@@ -45,29 +45,23 @@ use crate::stock_str;

 /// Shortens a string to a specified length and adds "[...]" to the
 /// end of the shortened string.
+#[allow(clippy::indexing_slicing)]
 pub(crate) fn truncate(buf: &str, approx_chars: usize) -> Cow<str> {
    let count = buf.chars().count();
-    if count <= approx_chars + DC_ELLIPSIS.len() {
-        return Cow::Borrowed(buf);
-    }
-    let end_pos = buf
-        .char_indices()
-        .nth(approx_chars)
-        .map(|(n, _)| n)
-        .unwrap_or_default();
+    if count > approx_chars + DC_ELLIPSIS.len() {
+        let end_pos = buf
+            .char_indices()
+            .nth(approx_chars)
+            .map(|(n, _)| n)
+            .unwrap_or_default();

-    if let Some(index) = buf.get(..end_pos).and_then(|s| s.rfind([' ', '\n'])) {
-        Cow::Owned(format!(
-            "{}{}",
-            &buf.get(..=index).unwrap_or_default(),
-            DC_ELLIPSIS
-        ))
+        if let Some(index) = buf[..end_pos].rfind([' ', '\n']) {
+            Cow::Owned(format!("{}{}", &buf[..=index], DC_ELLIPSIS))
+        } else {
+            Cow::Owned(format!("{}{}", &buf[..end_pos], DC_ELLIPSIS))
+        }
    } else {
-        Cow::Owned(format!(
-            "{}{}",
-            &buf.get(..end_pos).unwrap_or_default(),
-            DC_ELLIPSIS
-        ))
+        Cow::Borrowed(buf)
    }
 }

@@ -715,6 +709,8 @@ pub(crate) fn inc_and_check<T: PrimInt + AddAssign + std::fmt::Debug>(

 #[cfg(test)]
 mod tests {
+    #![allow(clippy::indexing_slicing)]
+
    use chrono::NaiveDate;
    use proptest::prelude::*;

--- a/src/webxdc.rs
+++ b/src/webxdc.rs
@@ -30,14 +30,12 @@ use lettre_email::PartBuilder;
 use rusqlite::OptionalExtension;
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
-use sha2::{Digest, Sha256};

 use crate::chat::{self, Chat};
 use crate::constants::Chattype;
 use crate::contact::ContactId;
 use crate::context::Context;
 use crate::events::EventType;
-use crate::key::{load_self_public_key, DcKey};
 use crate::message::{Message, MessageState, MsgId, Viewtype};
 use crate::mimefactory::wrapped_base64_encode;
 use crate::mimeparser::SystemMessage;
@@ -99,9 +97,6 @@ pub struct WebxdcInfo {
    /// It should request access, be encrypted
    /// and sent to self for this.
    pub internet_access: bool,
-
-    /// Address to be used for `window.webxdc.selfAddr` in JS land.
-    pub self_addr: String,
 }

 /// Status Update ID.
@@ -165,11 +160,6 @@ pub struct StatusUpdateItem {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub info: Option<String>,

-    /// Optional link the info message will point to.
-    /// Used to set `window.location.href` in JS land.
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub href: Option<String>,
-
    /// The new name of the editing document.
    /// This is not needed if the webxdc doesn't edit documents.
    #[serde(skip_serializing_if = "Option::is_none")]
@@ -187,10 +177,6 @@ pub struct StatusUpdateItem {
    /// If there is no ID, message is always considered to be unique.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub uid: Option<String>,
-
-    /// Array of other users `selfAddr` that should be notified about this update.
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub notify: Option<Vec<String>>,
 }

 /// Update items as passed to the UIs.
@@ -323,14 +309,35 @@ impl Context {
            return Ok(None);
        };

-        let notify = if let Some(notify_list) = status_update_item.notify {
-            let self_addr = instance.get_webxdc_self_addr(self).await?;
-            notify_list.contains(&self_addr)
-        } else {
-            false
-        };
-        let mut notify_msg_id = instance.id;
-        let mut notify_text = "".to_string();
+        if can_info_msg {
+            if let Some(ref info) = status_update_item.info {
+                if let Some(info_msg_id) =
+                    self.get_overwritable_info_msg_id(instance, from_id).await?
+                {
+                    chat::update_msg_text_and_timestamp(
+                        self,
+                        instance.chat_id,
+                        info_msg_id,
+                        info.as_str(),
+                        timestamp,
+                    )
+                    .await?;
+                } else {
+                    chat::add_info_msg_with_cmd(
+                        self,
+                        instance.chat_id,
+                        info.as_str(),
+                        SystemMessage::WebxdcInfoMessage,
+                        timestamp,
+                        None,
+                        Some(instance),
+                        Some(from_id),
+                    )
+                    .await?;
+                }
+            }
+        }
+
        let mut param_changed = false;

        let mut instance = instance.clone();
@@ -349,51 +356,10 @@ impl Context {
                .param
                .update_timestamp(Param::WebxdcSummaryTimestamp, timestamp)?
            {
-                let summary = sanitize_bidi_characters(summary);
-                instance.param.set(Param::WebxdcSummary, summary.clone());
+                instance
+                    .param
+                    .set(Param::WebxdcSummary, sanitize_bidi_characters(summary));
                param_changed = true;
-                notify_text = summary;
-            }
-        }
-
-        if can_info_msg {
-            if let Some(ref info) = status_update_item.info {
-                let info_msg_id = self
-                    .get_overwritable_info_msg_id(&instance, from_id)
-                    .await?;
-
-                if info_msg_id.is_some() && status_update_item.href.is_none() {
-                    if let Some(info_msg_id) = info_msg_id {
-                        chat::update_msg_text_and_timestamp(
-                            self,
-                            instance.chat_id,
-                            info_msg_id,
-                            info.as_str(),
-                            timestamp,
-                        )
-                        .await?;
-                        notify_msg_id = info_msg_id;
-                    }
-                } else {
-                    notify_msg_id = chat::add_info_msg_with_cmd(
-                        self,
-                        instance.chat_id,
-                        info.as_str(),
-                        SystemMessage::WebxdcInfoMessage,
-                        timestamp,
-                        None,
-                        Some(&instance),
-                        Some(from_id),
-                    )
-                    .await?;
-                }
-                notify_text = info.to_string();
-
-                if let Some(href) = status_update_item.href {
-                    let mut notify_msg = Message::load_from_db(self, notify_msg_id).await?;
-                    notify_msg.param.set(Param::Arg, href);
-                    notify_msg.update_param(self).await?;
-                }
            }
        }

@@ -409,14 +375,6 @@ impl Context {
            });
        }

-        if notify && !notify_text.is_empty() && from_id != ContactId::SELF {
-            self.emit_event(EventType::IncomingWebxdcNotify {
-                contact_id: from_id,
-                msg_id: notify_msg_id,
-                text: notify_text,
-            });
-        }
-
        Ok(Some(status_update_serial))
    }

@@ -914,8 +872,6 @@ impl Message {
            && self.chat_id.is_self_talk(context).await.unwrap_or_default()
            && self.get_showpadlock();

-        let self_addr = self.get_webxdc_self_addr(context).await?;
-
        Ok(WebxdcInfo {
            name: if let Some(name) = manifest.name {
                name
@@ -948,25 +904,8 @@ impl Message {
                "".to_string()
            },
            internet_access,
-            self_addr,
        })
    }
-
-    async fn get_webxdc_self_addr(&self, context: &Context) -> Result<String> {
-        let fingerprint = load_self_public_key(context).await?.dc_fingerprint().hex();
-        let data = format!("{}-{}", fingerprint, self.rfc724_mid);
-        let hash = Sha256::digest(data.as_bytes());
-        Ok(format!("{:x}", hash))
-    }
-
-    /// Get link attached to an info message.
-    ///
-    /// The info message needs to be of type SystemMessage::WebxdcInfoMessage.
-    /// Typically, this is used to start the corresponding webxdc app
-    /// with `window.location.href` set in JS land.
-    pub fn get_webxdc_href(&self) -> Option<String> {
-        self.param.get(Param::Arg).map(|href| href.to_string())
-    }
 }

 #[cfg(test)]
@@ -1480,11 +1419,9 @@ mod tests {
                StatusUpdateItem {
                    payload: json!({"foo": "bar"}),
                    info: None,
-                    href: None,
                    document: None,
                    summary: None,
                    uid: Some("iecie2Ze".to_string()),
-                    notify: None,
                },
                1640178619,
                true,
@@ -1506,11 +1443,9 @@ mod tests {
                StatusUpdateItem {
                    payload: json!({"nothing": "this should be ignored"}),
                    info: None,
-                    href: None,
                    document: None,
                    summary: None,
                    uid: Some("iecie2Ze".to_string()),
-                    notify: None,
                },
                1640178619,
                true,
@@ -1541,11 +1476,9 @@ mod tests {
                StatusUpdateItem {
                    payload: json!({"foo2": "bar2"}),
                    info: None,
-                    href: None,
                    document: None,
                    summary: None,
                    uid: None,
-                    notify: None,
                },
                1640178619,
                true,
@@ -1562,11 +1495,9 @@ mod tests {
            StatusUpdateItem {
                payload: Value::Bool(true),
                info: None,
-                href: None,
                document: None,
                summary: None,
                uid: None,
-                notify: None,
            },
            1640178619,
            true,
@@ -2357,23 +2288,6 @@ sth_for_the = "future""#
        Ok(())
    }

-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_get_webxdc_self_addr() -> Result<()> {
-        let t = TestContext::new_alice().await;
-        let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "foo").await?;
-
-        let instance = send_webxdc_instance(&t, chat_id).await?;
-        let info1 = instance.get_webxdc_info(&t).await?;
-        let instance = send_webxdc_instance(&t, chat_id).await?;
-        let info2 = instance.get_webxdc_info(&t).await?;
-
-        let real_addr = t.get_primary_self_addr().await?;
-        assert!(!info1.self_addr.contains(&real_addr));
-        assert_ne!(info1.self_addr, info2.self_addr);
-
-        Ok(())
-    }
-
    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
    async fn test_webxdc_info_summary() -> Result<()> {
        let alice = TestContext::new_alice().await;
@@ -2957,218 +2871,4 @@ sth_for_the = "future""#

        Ok(())
    }
-
-    async fn has_incoming_webxdc_event(
-        t: &TestContext,
-        expected_msg: Message,
-        expected_text: &str,
-    ) -> bool {
-        t.evtracker
-            .get_matching_opt(t, |evt| {
-                if let EventType::IncomingWebxdcNotify { msg_id, text, .. } = evt {
-                    *msg_id == expected_msg.id && text == expected_text
-                } else {
-                    false
-                }
-            })
-            .await
-            .is_some()
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_webxdc_notify_one() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-        let fiona = tcm.fiona().await;
-
-        let grp_id = alice
-            .create_group_with_members(ProtectionStatus::Unprotected, "grp", &[&bob, &fiona])
-            .await;
-        let alice_instance = send_webxdc_instance(&alice, grp_id).await?;
-        let sent1 = alice.pop_sent_msg().await;
-        let bob_instance = bob.recv_msg(&sent1).await;
-        let _fiona_instance = fiona.recv_msg(&sent1).await;
-
-        alice
-            .send_webxdc_status_update(
-                alice_instance.id,
-                &format!(
-                    "{{\"payload\":7,\"info\": \"Alice moved\",\"notify\":[\"{}\"]}}",
-                    bob_instance.get_webxdc_self_addr(&bob).await?
-                ),
-                "d",
-            )
-            .await?;
-        alice.flush_status_updates().await?;
-        let sent2 = alice.pop_sent_msg().await;
-        let info_msg = alice.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(!has_incoming_webxdc_event(&alice, info_msg, "Alice moved").await);
-
-        bob.recv_msg_trash(&sent2).await;
-        let info_msg = bob.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(has_incoming_webxdc_event(&bob, info_msg, "Alice moved").await);
-
-        fiona.recv_msg_trash(&sent2).await;
-        let info_msg = fiona.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(!has_incoming_webxdc_event(&fiona, info_msg, "Alice moved").await);
-
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_webxdc_notify_multiple() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-        let fiona = tcm.fiona().await;
-
-        let grp_id = alice
-            .create_group_with_members(ProtectionStatus::Unprotected, "grp", &[&bob, &fiona])
-            .await;
-        let alice_instance = send_webxdc_instance(&alice, grp_id).await?;
-        let sent1 = alice.pop_sent_msg().await;
-        let bob_instance = bob.recv_msg(&sent1).await;
-        let fiona_instance = fiona.recv_msg(&sent1).await;
-
-        alice
-            .send_webxdc_status_update(
-                alice_instance.id,
-                &format!(
-                    "{{\"payload\":7,\"info\": \"moved\", \"summary\": \"ignored for notify as info is set\", \"notify\":[\"{}\",\"{}\"]}}",
-                    bob_instance.get_webxdc_self_addr(&bob).await?,
-                    fiona_instance.get_webxdc_self_addr(&fiona).await?
-                ),
-                "d",
-            )
-            .await?;
-        alice.flush_status_updates().await?;
-        let sent2 = alice.pop_sent_msg().await;
-        let info_msg = alice.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(!has_incoming_webxdc_event(&alice, info_msg, "moved").await);
-
-        bob.recv_msg_trash(&sent2).await;
-        let info_msg = bob.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(has_incoming_webxdc_event(&bob, info_msg, "moved").await);
-
-        fiona.recv_msg_trash(&sent2).await;
-        let info_msg = fiona.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(has_incoming_webxdc_event(&fiona, info_msg, "moved").await);
-
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_webxdc_no_notify_self() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let alice2 = tcm.alice().await;
-
-        let grp_id = alice
-            .create_group_with_members(ProtectionStatus::Unprotected, "grp", &[])
-            .await;
-        let alice_instance = send_webxdc_instance(&alice, grp_id).await?;
-        let sent1 = alice.pop_sent_msg().await;
-        let alice2_instance = alice2.recv_msg(&sent1).await;
-        assert_eq!(
-            alice_instance.get_webxdc_self_addr(&alice).await?,
-            alice2_instance.get_webxdc_self_addr(&alice2).await?
-        );
-
-        alice
-            .send_webxdc_status_update(
-                alice_instance.id,
-                &format!(
-                    "{{\"payload\":7,\"info\": \"moved\", \"notify\":[\"{}\"]}}",
-                    alice2_instance.get_webxdc_self_addr(&alice2).await?
-                ),
-                "d",
-            )
-            .await?;
-        alice.flush_status_updates().await?;
-        let sent2 = alice.pop_sent_msg().await;
-        let info_msg = alice.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(!has_incoming_webxdc_event(&alice, info_msg, "moved").await);
-
-        alice2.recv_msg_trash(&sent2).await;
-        let info_msg = alice2.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert!(!has_incoming_webxdc_event(&alice2, info_msg, "moved").await);
-
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_webxdc_notify_summary() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-
-        let grp_id = alice
-            .create_group_with_members(ProtectionStatus::Unprotected, "grp", &[&bob])
-            .await;
-        let alice_instance = send_webxdc_instance(&alice, grp_id).await?;
-        let sent1 = alice.pop_sent_msg().await;
-        let bob_instance = bob.recv_msg(&sent1).await;
-
-        alice
-            .send_webxdc_status_update(
-                alice_instance.id,
-                &format!(
-                    "{{\"payload\":7,\"summary\": \"4 moves done\",\"notify\":[\"{}\"]}}",
-                    bob_instance.get_webxdc_self_addr(&bob).await?
-                ),
-                "d",
-            )
-            .await?;
-        alice.flush_status_updates().await?;
-        let sent2 = alice.pop_sent_msg().await;
-        assert!(!has_incoming_webxdc_event(&alice, alice_instance, "4 moves done").await);
-
-        bob.recv_msg_trash(&sent2).await;
-        assert!(has_incoming_webxdc_event(&bob, bob_instance, "4 moves done").await);
-
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_webxdc_href() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-
-        let grp_id = alice
-            .create_group_with_members(ProtectionStatus::Unprotected, "grp", &[&bob])
-            .await;
-        let instance = send_webxdc_instance(&alice, grp_id).await?;
-        let sent1 = alice.pop_sent_msg().await;
-
-        alice
-            .send_webxdc_status_update(
-                instance.id,
-                r##"{"payload": "my deeplink data", "info": "my move!", "href": "#foobar"}"##,
-                "d",
-            )
-            .await?;
-        alice.flush_status_updates().await?;
-        let sent2 = alice.pop_sent_msg().await;
-        let info_msg = alice.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert_eq!(info_msg.get_webxdc_href(), Some("#foobar".to_string()));
-
-        bob.recv_msg(&sent1).await;
-        bob.recv_msg_trash(&sent2).await;
-        let info_msg = bob.get_last_msg().await;
-        assert!(info_msg.is_info());
-        assert_eq!(info_msg.get_webxdc_href(), Some("#foobar".to_string()));
-
-        Ok(())
-    }
 }
--- a/src/webxdc/maps_integration.rs
+++ b/src/webxdc/maps_integration.rs
@@ -146,11 +146,9 @@ pub(crate) async fn intercept_get_updates(
                item: StatusUpdateItem {
                    payload: serde_json::to_value(location_item)?,
                    info: None,
-                    href: None,
                    document: None,
                    summary: None,
                    uid: None,
-                    notify: None,
                },
                serial: StatusUpdateSerial(location.location_id),
                max_serial: StatusUpdateSerial(location.location_id),
@@ -1 +1 @@
 -11-24
 -11-05