diff --git a/attic/BinarySemaphore.hpp b/attic/BinarySemaphore.hpp
deleted file mode 100644
index 315d2b00a..000000000
--- a/attic/BinarySemaphore.hpp
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef ZT_BINARYSEMAPHORE_HPP
-#define ZT_BINARYSEMAPHORE_HPP
-
-#include <stdio.h>
-#include <stdint.h>
-#include <stdlib.h>
-
-#include "Constants.hpp"
-#include "NonCopyable.hpp"
-
-#ifdef __WINDOWS__
-
-#include <Windows.h>
-
-namespace ZeroTier {
-
-class BinarySemaphore : NonCopyable
-{
-public:
-	BinarySemaphore() throw() { _sem = CreateSemaphore(NULL,0,1,NULL); }
-	~BinarySemaphore() { CloseHandle(_sem); }
-	inline void wait() { WaitForSingleObject(_sem,INFINITE); }
-	inline void post() { ReleaseSemaphore(_sem,1,NULL); }
-private:
-	HANDLE _sem;
-};
-
-} // namespace ZeroTier
-
-#else // !__WINDOWS__
-
-#include <pthread.h>
-
-namespace ZeroTier {
-
-class BinarySemaphore : NonCopyable
-{
-public:
-	BinarySemaphore()
-	{
-		pthread_mutex_init(&_mh,(const pthread_mutexattr_t *)0);
-		pthread_cond_init(&_cond,(const pthread_condattr_t *)0);
-		_f = false;
-	}
-
-	~BinarySemaphore()
-	{
-		pthread_cond_destroy(&_cond);
-		pthread_mutex_destroy(&_mh);
-	}
-
-	inline void wait()
-	{
-		pthread_mutex_lock(const_cast <pthread_mutex_t *>(&_mh));
-		while (!_f)
-			pthread_cond_wait(const_cast <pthread_cond_t *>(&_cond),const_cast <pthread_mutex_t *>(&_mh));
-		_f = false;
-		pthread_mutex_unlock(const_cast <pthread_mutex_t *>(&_mh));
-	}
-
-	inline void post()
-	{
-		pthread_mutex_lock(const_cast <pthread_mutex_t *>(&_mh));
-		_f = true;
-		pthread_mutex_unlock(const_cast <pthread_mutex_t *>(&_mh));
-		pthread_cond_signal(const_cast <pthread_cond_t *>(&_cond));
-	}
-
-private:
-	pthread_cond_t _cond;
-	pthread_mutex_t _mh;
-	volatile bool _f;
-};
-
-} // namespace ZeroTier
-
-#endif // !__WINDOWS__
-
-#endif
diff --git a/attic/CertificateOfTrust.cpp b/attic/CertificateOfTrust.cpp
deleted file mode 100644
index e85a91dfa..000000000
--- a/attic/CertificateOfTrust.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "CertificateOfTrust.hpp"
-
-#include "RuntimeEnvironment.hpp"
-#include "Topology.hpp"
-#include "Switch.hpp"
-
-namespace ZeroTier {
-
-bool CertificateOfTrust::create(uint64_t ts,uint64_t rls,const Identity &iss,const Identity &tgt,Level l)
-{
-	if ((!iss)||(!iss.hasPrivate()))
-		return false;
-
-	_timestamp = ts;
-	_roles = rls;
-	_issuer = iss.address();
-	_target = tgt;
-	_level = l;
-
-	Buffer<sizeof(Identity) + 64> tmp;
-	tmp.append(_timestamp);
-	tmp.append(_roles);
-	_issuer.appendTo(tmp);
-	_target.serialize(tmp,false);
-	tmp.append((uint16_t)_level);
-	_signature = iss.sign(tmp.data(),tmp.size());
-
-	return true;
-}
-
-int CertificateOfTrust::verify(const RuntimeEnvironment *RR) const
-{
-	const Identity id(RR->topology->getIdentity(_issuer));
-	if (!id) {
-		RR->sw->requestWhois(_issuer);
-		return 1;
-	}
-
-	Buffer<sizeof(Identity) + 64> tmp;
-	tmp.append(_timestamp);
-	tmp.append(_roles);
-	_issuer.appendTo(tmp);
-	_target.serialize(tmp,false);
-	tmp.append((uint16_t)_level);
-
-	return (id.verify(tmp.data(),tmp.size(),_signature) ? 0 : -1);
-}
-
-} // namespace ZeroTier
diff --git a/attic/CertificateOfTrust.hpp b/attic/CertificateOfTrust.hpp
deleted file mode 100644
index 6e3c87439..000000000
--- a/attic/CertificateOfTrust.hpp
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef ZT_CERTIFICATEOFTRUST_HPP
-#define ZT_CERTIFICATEOFTRUST_HPP
-
-#include "Constants.hpp"
-#include "Identity.hpp"
-#include "C25519.hpp"
-#include "Buffer.hpp"
-
-namespace ZeroTier {
-
-class RuntimeEnvironment;
-
-/**
- * Certificate of peer to peer trust
- */
-class CertificateOfTrust
-{
-public:
-	/**
-	 * Trust levels, with 0 indicating anti-trust
-	 */
-	enum Level
-	{
-		/**
-		 * Negative trust is reserved for informing peers that another peer is misbehaving, etc. Not currently used.
-		 */
-		LEVEL_NEGATIVE = 0,
-
-		/**
-		 * Default trust -- for most peers
-		 */
-		LEVEL_DEFAULT = 1,
-
-		/**
-		 * Above normal trust, e.g. common network membership
-		 */
-		LEVEL_MEDIUM = 25,
-
-		/**
-		 * High trust -- e.g. an upstream or a controller
-		 */
-		LEVEL_HIGH = 50,
-
-		/**
-		 * Right now ultimate is only for roots
-		 */
-		LEVEL_ULTIMATE = 100
-	};
-
-	/**
-	 * Role bit masks
-	 */
-	enum Role
-	{
-		/**
-		 * Target is permitted to represent issuer on the network as a federated root / relay
-		 */
-		ROLE_UPSTREAM = 0x00000001
-	};
-
-	CertificateOfTrust() :
-		_timestamp(0),
-		_roles(0),
-		_issuer(),
-		_target(),
-		_level(LEVEL_DEFAULT),
-		_signature() {}
-
-	/**
-	 * Create and sign this certificate of trust
-	 *
-	 * @param ts Cert timestamp
-	 * @param rls Roles bitmap
-	 * @param iss Issuer identity (must have secret key!)
-	 * @param tgt Target identity
-	 * @param l Trust level
-	 * @return True on successful signature
-	 */
-	bool create(uint64_t ts,uint64_t rls,const Identity &iss,const Identity &tgt,Level l);
-
-	/**
-	 * Verify this COT and its signature
-	 *
-	 * @param RR Runtime environment for looking up peers
-	 * @return 0 == OK, 1 == waiting for WHOIS, -1 == BAD signature or credential
-	 */
-	int verify(const RuntimeEnvironment *RR) const;
-
-	inline bool roleUpstream() const { return ((_roles & (uint64_t)ROLE_UPSTREAM) != 0); }
-
-	inline uint64_t timestamp() const { return _timestamp; }
-	inline uint64_t roles() const { return _roles; }
-	inline const Address &issuer() const { return _issuer; }
-	inline const Identity &target() const { return _target; }
-	inline Level level() const { return _level; }
-
-	inline operator bool() const { return (_issuer); }
-
-	template<unsigned int C>
-	inline void serialize(Buffer<C> &b) const
-	{
-		b.append(_timestamp);
-		b.append(_roles);
-		_issuer.appendTo(b);
-		_target.serialize(b);
-		b.append((uint16_t)_level);
-		b.append((uint8_t)1); // 1 == ed25519 signature
-		b.append((uint16_t)ZT_C25519_SIGNATURE_LEN);
-		b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
-		b.append((uint16_t)0); // length of additional fields
-	}
-
-	template<unsigned int C>
-	inline unsigned int deserialize(const Buffer<C> &b,unsigned int startAt = 0)
-	{
-		unsigned int p = startAt;
-		_timestamp = b.template at<uint64_t>(p); p += 8;
-		_roles = b.template at<uint64_t>(p); p += 8;
-		_issuer.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH;
-		p += _target.deserialize(b,p);
-		_level = b.template at<uint16_t>(p); p += 2;
-		p += b.template at<uint16_t>(p); p += 2;
-		return (p - startAt);
-	}
-
-private:
-	uint64_t _timestamp;
-	uint64_t _roles;
-	Address _issuer;
-	Identity _target;
-	Level _level;
-	C25519::Signature _signature;
-};
-
-} // namespace ZeroTier
-
-#endif
diff --git a/attic/LockingPtr.hpp b/attic/LockingPtr.hpp
deleted file mode 100644
index c373129ad..000000000
--- a/attic/LockingPtr.hpp
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2016  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef ZT_LOCKINGPTR_HPP
-#define ZT_LOCKINGPTR_HPP
-
-#include "Mutex.hpp"
-
-namespace ZeroTier {
-
-/**
- * A simple pointer that locks and holds a mutex until destroyed
- *
- * Care must be taken when using this. It's not very sophisticated and does
- * not handle being copied except for the simple return use case. When it is
- * copied it hands off the mutex to the copy and clears it in the original,
- * meaning that the mutex is unlocked when the last LockingPtr<> in a chain
- * of such handoffs is destroyed. If this chain of handoffs "forks" (more than
- * one copy is made) then non-determinism may ensue.
- *
- * This does not delete or do anything else with the pointer. It also does not
- * take care of locking the lock. That must be done beforehand.
- */
-template<typename T>
-class LockingPtr
-{
-public:
-	LockingPtr() :
-		_ptr((T *)0),
-		_lock((Mutex *)0)
-	{
-	}
-
-	LockingPtr(T *obj,Mutex *lock) :
-		_ptr(obj),
-		_lock(lock)
-	{
-	}
-
-	LockingPtr(const LockingPtr &p) :
-		_ptr(p._ptr),
-		_lock(p._lock)
-	{
-		const_cast<LockingPtr *>(&p)->_lock = (Mutex *)0;
-	}
-
-	~LockingPtr()
-	{
-		if (_lock)
-			_lock->unlock();
-	}
-
-	inline LockingPtr &operator=(const LockingPtr &p)
-	{
-		_ptr = p._ptr;
-		_lock = p._lock;
-		const_cast<LockingPtr *>(&p)->_lock = (Mutex *)0;
-		return *this;
-	}
-
-	inline operator bool() const throw() { return (_ptr != (T *)0); }
-	inline T &operator*() const throw() { return *_ptr; }
-	inline T *operator->() const throw() { return _ptr; }
-
-	/**
-	 * @return Raw pointer to held object
-	 */
-	inline T *ptr() const throw() { return _ptr; }
-
-	inline bool operator==(const LockingPtr &sp) const throw() { return (_ptr == sp._ptr); }
-	inline bool operator!=(const LockingPtr &sp) const throw() { return (_ptr != sp._ptr); }
-	inline bool operator>(const LockingPtr &sp) const throw() { return (_ptr > sp._ptr); }
-	inline bool operator<(const LockingPtr &sp) const throw() { return (_ptr < sp._ptr); }
-	inline bool operator>=(const LockingPtr &sp) const throw() { return (_ptr >= sp._ptr); }
-	inline bool operator<=(const LockingPtr &sp) const throw() { return (_ptr <= sp._ptr); }
-
-private:
-	T *_ptr;
-	Mutex *_lock;
-};
-
-} // namespace ZeroTier
-
-#endif