Backwards compat: Put the confidential-identities module back in the node classpath by default. Separating it out into a standalone "app" needs more thought and design work, if we do it at all.

node/build.gradle

@@ -73,6 +73,10 @@ dependencies {
     compile project(':tools:cliutils')
     compile project(':common-validation')
     compile project(':common-configuration-parsing')
+    
+    // Backwards compatibility goo: Apps expect confidential-identities to be loaded by default.
+    // We could eventually gate this on a target-version check.
+    compile project(':confidential-identities')
 
     // Log4J: logging framework (with SLF4J bindings)
     compile "org.apache.logging.log4j:log4j-slf4j-impl:${log4j_version}"

node/src/main/kotlin/net/corda/node/internal/SwapIdentitiesHandler.kt

@@ -0,0 +1,22 @@
+package net.corda.node.internal
+
+import co.paralleluniverse.fibers.Suspendable
+import net.corda.confidential.SwapIdentitiesFlow
+import net.corda.core.flows.FlowLogic
+import net.corda.core.flows.FlowSession
+import net.corda.core.flows.InitiatedBy
+import net.corda.core.internal.warnOnce
+
+/**
+ * Exists for backwards compatibility - the old confidential-identities API didn't use inlined flows. One day we'll need to disable this,
+ * but it is a complex versioning problem because we don't know which peers we might interact with. Disabling it will probably have to be
+ * gated on a minPlatformVersion bump.
+ */
+@InitiatedBy(SwapIdentitiesFlow::class)
+class SwapIdentitiesHandler(private val otherSide: FlowSession) : FlowLogic<Unit>() {
+    @Suspendable
+    override fun call() {
+        subFlow(SwapIdentitiesFlow(otherSide))
+        logger.warnOnce("Insecure API to swap anonymous identities was used by ${otherSide.counterparty} (${otherSide.getCounterpartyFlowInfo()})")
+    }
+}