#
#
# patch "Makefile.am"
#  from [fbd8a4f969f93fad2158db91ca84782b0665f7f8]
#    to [217871be55814e6257f04ba0047f3bb5a3bbe411]
# 
# patch "automate.cc"
#  from [7a0b4b83bd698f3c37cc19747cd0516006339f08]
#    to [f32f8c1c12e9f9619e6509c919175d14d19ca385]
# 
# patch "basic_io.cc"
#  from [c229de5420267b08ab3a751c60f7aa4bcb099cef]
#    to [5fe2b07c9c855f04033f9706f4896d88aff67c04]
# 
# patch "basic_io.hh"
#  from [9ad16beabaf2b1c272a356e8cf41bba97f7e1562]
#    to [4741427400a5856c500a67a2c082411532c4d986]
# 
# patch "cert.cc"
#  from [7b5c4be73e3946f7ae25bf707a30c2c7cf039af7]
#    to [6515bc1907360fd9fc8ba434e7ba45d68dd606ef]
# 
# patch "cert.hh"
#  from [71a5ac357a0a437c5556a69297c0116ef41917a8]
#    to [ffb9389995cdd69b5a462df061ce2e5435477279]
# 
# patch "cmd_files.cc"
#  from [841f414708a785f55cef6f9dec0577328741085f]
#    to [6cdfea1e49831f5e3f9a548401bd8c3b9aa4df36]
# 
# patch "cmd_key_cert.cc"
#  from [eba5cb5fad09136c4a23e56a823f3134de5dea4c]
#    to [c212a63e5462953e19e38f06e16c86e4b2d850b2]
# 
# patch "cmd_list.cc"
#  from [d673c46c744088510cfd0fc8b8b972f94708d52d]
#    to [9f1ec539fa47ee8c2fd012efcea5c8487a569cc2]
# 
# patch "cmd_ws_commit.cc"
#  from [a849392a7e25e92eacfd1785c8576d5252fd344b]
#    to [95ed7d5c272e078e54128aa90e196b48a90c7fab]
# 
# patch "crypto_tests.cc"
#  from [e9e0a323f735f61f2072d0c5d4932778a719ecc8]
#    to [ae19397a3156f4b436d2c4d1ceb3e1a2572bf2b6]
# 
# patch "cset.cc"
#  from [1b5ab695cac69a67c94fac4e8704ebebc8f9b475]
#    to [9b353b589c88ba2dfebab556810dfe25f804836b]
# 
# patch "database.cc"
#  from [a8f9a8d7830f46b87228484b95a213c86f970e86]
#    to [7824696ceab64bfe65e0f77224b188c96965fbcd]
# 
# patch "database.hh"
#  from [c2ec8e6a52921e8964fedf07836c54878ca7e353]
#    to [b476f80bd5ff21757783d4b27a6a0884a047c7f2]
# 
# patch "diff_patch.cc"
#  from [bf0138e49ccc702cb042fa0f95e272e3a072ea96]
#    to [a776ae64e12afe57dd93f0071b6c4d6a6fdeaad2]
# 
# patch "enumerator.cc"
#  from [4400e1ce3ef83739301e15c27f7bad6d42817736]
#    to [9a2b6e6bc15bf241f1f7c6e1479a6aab922fbb66]
# 
# patch "enumerator.hh"
#  from [d1dac4129cf193b9a2531ca785690a093e4e1248]
#    to [587214918025eac004c70356ab24517ed4ceda63]
# 
# patch "epoch.cc"
#  from [c9f85974e9799b788d75863843977c8fc405d38d]
#    to [83f997c2d966b6385ce2e20d0d0f267c1c895e4a]
# 
# patch "file_io.cc"
#  from [358fb964dc42e7f936a136342b93bb3a4744d1b3]
#    to [88604da5f32ba3d524c9bf5308f8630763f5df38]
# 
# patch "file_io.hh"
#  from [e5375aaf306962177570b5c5b67b65a6ef64732f]
#    to [e477a87af2f1d3326d5f07f9c9ed6ab322809fe6]
# 
# patch "graph.cc"
#  from [321bc48c571ca17ccce0045b5edbda76688191eb]
#    to [be600b6812d5a9d04a79e577d25b9024c1d83286]
# 
# patch "graph.hh"
#  from [a463fb39255436e51b39d02c3488bd2e349a0fdc]
#    to [b2c02c3ae87acf55b9d63e27ffc3d0ed4e2d2ca4]
# 
# patch "key_store.cc"
#  from [d9d884883cba69e5cf6a3a4d452eabe6880d164e]
#    to [d8d068fa9076627f607598d5546cb51e0bdf74fc]
# 
# patch "key_store.hh"
#  from [78b1f281a7dcd30fbd3404b2b954e0470a362c85]
#    to [3263454aadcc978d44864e6d44ce8ebc8e3e55cd]
# 
# patch "keys.cc"
#  from [e7e47cab5f6efeae027fa0eefdddd64438c9a074]
#    to [0f0d0b90f126d2e96177f0c7cbf52b6db43252ef]
# 
# patch "keys.hh"
#  from [2247bc16bb59873ced93ccc907e10d4615af6861]
#    to [7e4973b9b7487997352b107cc27d1ecffbcca160]
# 
# patch "legacy.cc"
#  from [f257347af7b06837e17a114fe1dcad09a02f0cdf]
#    to [ca81033c0dec6748f9ff1f6b080aec3889715931]
# 
# patch "lua_hooks.cc"
#  from [5f4045fd523ea215bfc705555b03c4f2dbd38b45]
#    to [b1e1461c693fee496ca2a286ac3e0c1cdd31b9d3]
# 
# patch "lua_hooks.hh"
#  from [2604a4a3a5244ba91c7b74a60a5bb762b114ddc5]
#    to [61b70c6eabc81ce9cda31e8bf8eba7cdb3efc0dc]
# 
# patch "netsync.cc"
#  from [4d388b36d00bcfa1aba5ffcb1f767f6737488673]
#    to [306b88eccea2ad9de314702b6af3082741dcd278]
# 
# patch "packet.cc"
#  from [80cc020335599c6250e070a8a7553bbded3c240e]
#    to [bf8e98ffb5ae6c741c7cd5641c1577e845cb4f80]
# 
# patch "project.cc"
#  from [6262745ddc861ff5aa139ec8c4ef25b300db84a0]
#    to [328149055826ef8e70d51f033738dd3f2ab1fa90]
# 
# patch "project.hh"
#  from [4fce04f721322c557064635b86cfaf13fd54fc00]
#    to [a2a668429cf9ea6163db1695c6780554d185ae8b]
# 
# patch "rcs_import.cc"
#  from [a4f2185e49e9a6df855815da305411888161fe76]
#    to [b5a20e87d2eb6fe385c44f9b6c02c754d74dc358]
# 
# patch "revision.cc"
#  from [725c74dec3553f8e4a5f5d341b7101518fb83aba]
#    to [4a41ef9fed97cf361449b9d452d55a4d90477f74]
# 
# patch "roster.cc"
#  from [0ab37af195f9be17a9a4ffe1db7a2c6b2b84440d]
#    to [1d508653551de89ff92e579572bb4f810b067e9c]
# 
# patch "roster_delta.cc"
#  from [dc0b4bc54afd8cca8a3f1364597c0f469d90eaee]
#    to [1c7bb6d30b4a3701b962bab9e8956881f0a4fcea]
# 
# patch "schema_migration.cc"
#  from [984d2be648568890ff9994d457d84c434e74d285]
#    to [4aa8a68eb05b00589579480c30bcd2b8e3c6e71e]
# 
# patch "sha1.cc"
#  from [a63699d0eae30164c447c33cc632a6c768d6ec2b]
#    to [233a3432e8469854a7840fc02bfd872379b2f40b]
# 
# patch "tester.cc"
#  from [c4ddb0b7774c9b6a2a7a97b4fe0cfd65b712bb90]
#    to [f8a82bbf46eb65c1bb81606083157468f3f16316]
# 
# patch "transforms.cc"
#  from [16f38ee4a45f73737a16534bb82f46863b3730cb]
#    to [9b1b91ae6f41712a54898a347a63579c17971667]
# 
# patch "transforms.hh"
#  from [54ea9d901a7f870c2e5ee46b5c3a99e868eb1ad9]
#    to [79df8cc6117ecb60117ffa7dc22511dc45a84216]
# 
# patch "vocab.cc"
#  from [adc1c12688fdc842175abf939de38f92b3654df7]
#    to [d966715de6cefce23b41320e88cdb28ca035405f]
# 
# patch "vocab.hh"
#  from [8c831a796771018eb1b2d28f56dc8e2f9b4d4e55]
#    to [6d861210ecb11e8378ca3dfa2365f414973526ed]
# 
# patch "vocab_terms.hh"
#  from [80283d95bc08f3a9f8c1c503ebeebb51b03c384e]
#    to [c7639f8cb74d33a18455a9f46814c1c6839e3d37]
# 
# patch "work.cc"
#  from [7855294ba0c0228c5c0c19c15dc974f03e6ecf05]
#    to [7daaba0b69cfb1eadf3b2d4c2148e9f908f857b6]
# 
# patch "xdelta.cc"
#  from [79962de38df4229c73bf840092fdb177a116c92d]
#    to [a5a5ce3a1ed7c9dead79c526e382237697d54c04]
# 
# patch "xdelta.hh"
#  from [de21a784eef8cf890418f3e9685a47005742763e]
#    to [f8be14aa8c299a8b1bb241c4eafabcb34fff20f6]
#
============================================================
--- Makefile.am	fbd8a4f969f93fad2158db91ca84782b0665f7f8
+++ Makefile.am	217871be55814e6257f04ba0047f3bb5a3bbe411
@@ -348,7 +348,7 @@ unit_tester_LDADD = $(UNIT_TEST_OBJ_SUPP
 unit_tester_SOURCES = $(UNIT_TEST_SOURCES) $(UNIT_TEST_SRC_SUPPORT)
 unit_tester_LDADD = $(UNIT_TEST_OBJ_SUPPORT)
 
-tester_SOURCES = tester.cc
+tester_SOURCES = tester.cc transforms.cc
 nodist_tester_SOURCES = testlib.c
 tester_LDADD = $(addprefix mtn-, $(patsubst %.cc, %.$(OBJEXT), \
 		 $(filter %.cc, $(SANITY_CORE_SOURCES) $(LUAEXT_SOURCES) \
============================================================
--- automate.cc	7a0b4b83bd698f3c37cc19747cd0516006339f08
+++ automate.cc	f32f8c1c12e9f9619e6509c919175d14d19ca385
@@ -37,6 +37,7 @@
 #include "globish.hh"
 #include "charset.hh"
 #include "safe_map.hh"
+#include "xdelta.hh"
 
 using std::allocator;
 using std::basic_ios;
@@ -1681,7 +1682,7 @@ CMD_AUTOMATE(tags, N_("[BRANCH_PATTERN]"
         {
           basic_io::stanza stz;
           stz.push_str_pair(symbol("tag"), tag->name());
-          stz.push_hex_pair(symbol("revision"), tag->ident.inner());
+          stz.push_binary_pair(symbol("revision"), tag->ident.inner());
           stz.push_str_pair(symbol("signer"), tag->key());
           stz.push_str_multi(symbol("branches"), branch_names);
           prt.print_stanza(stz);
@@ -1760,7 +1761,7 @@ CMD_AUTOMATE(genkey, N_("KEYID PASSPHRAS
 
   basic_io::printer prt;
   basic_io::stanza stz;
-  hexenc<id> privhash, pubhash;
+  id privhash, pubhash;
   vector<string> publocs, privlocs;
   key_hash_code(ident, kp.pub, pubhash);
   key_hash_code(ident, kp.priv, privhash);
@@ -1769,8 +1770,8 @@ CMD_AUTOMATE(genkey, N_("KEYID PASSPHRAS
   privlocs.push_back("keystore");
 
   stz.push_str_pair(syms::name, ident());
-  stz.push_hex_pair(syms::public_hash, pubhash);
-  stz.push_hex_pair(syms::private_hash, privhash);
+  stz.push_binary_pair(syms::public_hash, pubhash);
+  stz.push_binary_pair(syms::private_hash, privhash);
   stz.push_str_multi(syms::public_location, publocs);
   stz.push_str_multi(syms::private_location, privlocs);
   prt.print_stanza(stz);
@@ -1875,7 +1876,7 @@ CMD_AUTOMATE(get_content_changed, N_("RE
        i != mark.file_content.end(); ++i)
     {
       basic_io::stanza st;
-      st.push_hex_pair(basic_io::syms::content_mark, i->inner());
+      st.push_binary_pair(basic_io::syms::content_mark, i->inner());
       prt.print_stanza(st);
     }
     output.write(prt.buf.data(), prt.buf.size());
@@ -2083,12 +2084,12 @@ CMD_AUTOMATE(cert, N_("REVISION-ID NAME 
   CMD_REQUIRES_DATABASE(app);
 
   cert c;
-  revision_id rid(idx(args, 0)());
+  revision_id rid(decode_hexenc(idx(args, 0)()));
 
   transaction_guard guard(db);
   N(db.revision_exists(rid),
     F("no such revision '%s'") % rid);
-  make_simple_cert(rid.inner(), cert_name(idx(args, 1)()),
+  make_simple_cert(rid, cert_name(idx(args, 1)()),
                    cert_value(idx(args, 2)()), db, app.keys, c);
   revision<cert> rc(c);
   db.put_revision_cert(rc);
============================================================
--- basic_io.cc	c229de5420267b08ab3a751c60f7aa4bcb099cef
+++ basic_io.cc	5fe2b07c9c855f04033f9706f4896d88aff67c04
@@ -14,6 +14,7 @@
 
 #include "basic_io.hh"
 #include "sanity.hh"
+#include "transforms.hh"
 #include "vocab.hh"
 
 using std::logic_error;
@@ -66,6 +67,11 @@ basic_io::stanza::stanza() : indent(0)
 basic_io::stanza::stanza() : indent(0)
 {}
 
+void basic_io::stanza::push_binary_pair(symbol const & k, id const & v)
+{
+  push_hex_pair(k, hexenc<id>(encode_hexenc(v())));
+}
+
 void basic_io::stanza::push_hex_pair(symbol const & k, hexenc<id> const & v)
 {
   entries.push_back(make_pair(k, ""));
@@ -78,11 +84,12 @@ void basic_io::stanza::push_hex_pair(sym
     indent = k().size();
 }
 
-void basic_io::stanza::push_hex_triple(symbol const & k,
-                                       string const & n,
-                                       hexenc<id> const & v)
+void basic_io::stanza::push_binary_triple(symbol const & k,
+                                          string const & n,
+                                          id const & v)
 {
-  entries.push_back(make_pair(k, escape(n) + " " + "[" + v() + "]"));
+  string const & s(encode_hexenc(v()));
+  entries.push_back(make_pair(k, escape(n) + " " + "[" + s + "]"));
   if (k().size() > indent)
     indent = k().size();
 }
============================================================
--- basic_io.hh	9ad16beabaf2b1c272a356e8cf41bba97f7e1562
+++ basic_io.hh	4741427400a5856c500a67a2c082411532c4d986
@@ -253,8 +253,9 @@ namespace basic_io
     size_t indent;
     std::vector<std::pair<symbol, std::string> > entries;
     void push_hex_pair(symbol const & k, hexenc<id> const & v);
-    void push_hex_triple(symbol const & k, std::string const & n,
-			 hexenc<id> const & v);
+    void push_binary_pair(symbol const & k, id const & v);
+    void push_binary_triple(symbol const & k, std::string const & n,
+			 id const & v);
     void push_str_pair(symbol const & k, std::string const & v);
     void push_str_triple(symbol const & k, std::string const & n,
 			 std::string const & v);
============================================================
--- cert.cc	7b5c4be73e3946f7ae25bf707a30c2c7cf039af7
+++ cert.cc	6515bc1907360fd9fc8ba434e7ba45d68dd606ef
@@ -103,7 +103,6 @@ bogus_cert_p
   }
 };
 
-
 void
 erase_bogus_certs(vector< manifest<cert> > & certs,
                   database & db)
@@ -115,15 +114,15 @@ erase_bogus_certs(vector< manifest<cert>
   vector< manifest<cert> > tmp_certs;
 
   // Sorry, this is a crazy data structure
-  typedef tuple< hexenc<id>, cert_name, base64<cert_value> > trust_key;
+  typedef tuple< manifest_id, cert_name, base64<cert_value> > trust_key;
   typedef map< trust_key, 
     pair< shared_ptr< set<rsa_keypair_id> >, it > > trust_map;
   trust_map trust;
 
   for (it i = certs.begin(); i != certs.end(); ++i)
     {
-      trust_key key = trust_key(i->inner().ident, 
-                                i->inner().name, 
+      trust_key key = trust_key(manifest_id(i->inner().ident.inner()),
+                                i->inner().name,
                                 i->inner().value);
       trust_map::iterator j = trust.find(key);
       shared_ptr< set<rsa_keypair_id> > s;
@@ -171,7 +170,7 @@ erase_bogus_certs(vector< revision<cert>
   vector< revision<cert> > tmp_certs;
 
   // sorry, this is a crazy data structure
-  typedef tuple< hexenc<id>, 
+  typedef tuple< revision_id,
     cert_name, base64<cert_value> > trust_key;
   typedef map< trust_key, 
     pair< shared_ptr< set<rsa_keypair_id> >, it > > trust_map;
@@ -228,18 +227,18 @@ cert::cert(std::string const & s)
   read_cert(s, *this);
 }
 
-cert::cert(hexenc<id> const & ident,
+cert::cert(revision_id const & ident,
            cert_name const & name,
            base64<cert_value> const & value,
            rsa_keypair_id const & key)
   : ident(ident), name(name), value(value), key(key)
 {}
 
-cert::cert(hexenc<id> const & ident,
-         cert_name const & name,
-         base64<cert_value> const & value,
-         rsa_keypair_id const & key,
-         base64<rsa_sha1_signature> const & sig)
+cert::cert(revision_id const & ident,
+           cert_name const & name,
+           base64<cert_value> const & value,
+           rsa_keypair_id const & key,
+           base64<rsa_sha1_signature> const & sig)
   : ident(ident), name(name), value(value), key(key), sig(sig)
 {}
 
@@ -276,7 +275,7 @@ read_cert(string const & in, cert & t)
   id hash = id(extract_substring(in, pos,
                                  constants::merkle_hash_length_in_bytes,
                                  "cert hash"));
-  id ident = id(extract_substring(in, pos,
+  revision_id ident = revision_id(extract_substring(in, pos,
                                   constants::merkle_hash_length_in_bytes,
                                   "cert ident"));
   string name, val, key, sig;
@@ -286,23 +285,20 @@ read_cert(string const & in, cert & t)
   extract_variable_length_string(in, sig, pos, "cert sig");
   assert_end_of_buffer(in, pos, "cert");
 
-  hexenc<id> hid;
   base64<cert_value> bval;
   base64<rsa_sha1_signature> bsig;
 
-  encode_hexenc(ident, hid);
   encode_base64(cert_value(val), bval);
   encode_base64(rsa_sha1_signature(sig), bsig);
 
-  cert tmp(hid, cert_name(name), bval, rsa_keypair_id(key), bsig);
+  cert tmp(ident, cert_name(name), bval, rsa_keypair_id(key), bsig);
 
-  hexenc<id> hcheck;
   id check;
-  cert_hash_code(tmp, hcheck);
-  decode_hexenc(hcheck, check);
+  cert_hash_code(tmp, check);
   if (!(check == hash))
     {
-      hexenc<id> hhash;
+      hexenc<id> hcheck, hhash;
+      encode_hexenc(check, hcheck);
       encode_hexenc(hash, hhash);
       throw bad_decode(F("calculated cert hash '%s' does not match '%s'")
                        % hcheck % hhash);
@@ -314,19 +310,16 @@ write_cert(cert const & t, string & out)
 write_cert(cert const & t, string & out)
 {
   string name, key;
-  hexenc<id> hash;
-  id ident_decoded, hash_decoded;
+  id hash;
   rsa_sha1_signature sig_decoded;
   cert_value value_decoded;
 
   cert_hash_code(t, hash);
   decode_base64(t.value, value_decoded);
   decode_base64(t.sig, sig_decoded);
-  decode_hexenc(t.ident, ident_decoded);
-  decode_hexenc(hash, hash_decoded);
 
-  out.append(hash_decoded());
-  out.append(ident_decoded());
+  out.append(hash());
+  out.append(t.ident.inner()());
   insert_variable_length_string(t.name(), out);
   insert_variable_length_string(value_decoded(), out);
   insert_variable_length_string(t.key(), out);
@@ -342,12 +335,12 @@ void
 }
 
 void
-cert_hash_code(cert const & t, hexenc<id> & out)
+cert_hash_code(cert const & t, id & out)
 {
   string tmp;
-  tmp.reserve(4+t.ident().size() + t.name().size() + t.value().size() +
-              t.key().size() + t.sig().size());
-  tmp.append(t.ident());
+  tmp.reserve(4+t.ident.inner()().size() + t.name().size() +
+              t.value().size() + t.key().size() + t.sig().size());
+  tmp.append(t.ident.inner()());
   tmp += ':';
   tmp.append(t.name());
   tmp += ':';
@@ -473,7 +466,7 @@ void
 }
 
 void
-make_simple_cert(hexenc<id> const & id,
+make_simple_cert(revision_id const & id,
                  cert_name const & nm,
                  cert_value const & cv,
                  database & db,
@@ -497,7 +490,7 @@ put_simple_revision_cert(revision_id con
                          key_store & keys)
 {
   cert t;
-  make_simple_cert(id.inner(), nm, val, db, keys, t);
+  make_simple_cert(id, nm, val, db, keys, t);
   revision<cert> cc(t);
   db.put_revision_cert(cc);
 }
============================================================
--- cert.hh	71a5ac357a0a437c5556a69297c0116ef41917a8
+++ cert.hh	ffb9389995cdd69b5a462df061ce2e5435477279
@@ -34,16 +34,16 @@ struct cert
   // This is to make revision<cert> and manifest<cert> work.
   explicit cert(std::string const & s);
 
-  cert(hexenc<id> const & ident,
+  cert(revision_id const & ident,
       cert_name const & name,
       base64<cert_value> const & value,
       rsa_keypair_id const & key);
-  cert(hexenc<id> const & ident,
+  cert(revision_id const & ident,
       cert_name const & name,
       base64<cert_value> const & value,
       rsa_keypair_id const & key,
       base64<rsa_sha1_signature> const & sig);
-  hexenc<id> ident;
+  revision_id ident;
   cert_name name;
   base64<cert_value> value;
   rsa_keypair_id key;
@@ -59,7 +59,7 @@ void write_cert(cert const & t, std::str
 // These 3 are for netio support.
 void read_cert(std::string const & in, cert & t);
 void write_cert(cert const & t, std::string & out);
-void cert_hash_code(cert const & t, hexenc<id> & out);
+void cert_hash_code(cert const & t, id & out);
 
 typedef enum {cert_ok, cert_bad, cert_unknown} cert_status;
 
@@ -71,7 +71,7 @@ void load_key_pair(key_store & keys,
 
 // Only used in cert.cc, and in revision.cc in what looks
 // like migration code.
-void make_simple_cert(hexenc<id> const & id,
+void make_simple_cert(revision_id const & id,
                       cert_name const & nm,
                       cert_value const & cv,
                       database & db,
============================================================
--- cmd_files.cc	841f414708a785f55cef6f9dec0577328741085f
+++ cmd_files.cc	6cdfea1e49831f5e3f9a548401bd8c3b9aa4df36
@@ -204,9 +204,9 @@ CMD(identify, "identify", "", CMD_REF(de
       read_data_stdin(dat);
     }
 
-  hexenc<id> ident;
+  id ident;
   calculate_ident(dat, ident);
-  cout << ident << '\n';
+  cout << encode_hexenc(ident()) << '\n';
 }
 
 // Name: identify
@@ -235,10 +235,9 @@ CMD_AUTOMATE(identify, N_("PATH"),
   data dat;
   read_data_for_command_line(path, dat);
   
-  hexenc<id> ident;
+  id ident;
   calculate_ident(dat, ident);
-  
-  output << ident << '\n';
+  cout << encode_hexenc(ident()) << '\n';
 }
 
 static void
============================================================
--- cmd_key_cert.cc	eba5cb5fad09136c4a23e56a823f3134de5dea4c
+++ cmd_key_cert.cc	c212a63e5462953e19e38f06e16c86e4b2d850b2
@@ -231,7 +231,7 @@ CMD(trusted, "trusted", "", CMD_REF(key_
 
   hexenc<id> ident;
   if (!rids.empty())
-    ident = rids.begin()->inner();
+    ident = hexenc<id>(encode_hexenc(rids.begin()->inner()()));
 
   cert_name cname;
   internalize_cert_name(idx(args, 1), cname);
============================================================
--- cmd_list.cc	d673c46c744088510cfd0fc8b8b972f94708d52d
+++ cmd_list.cc	9f1ec539fa47ee8c2fd012efcea5c8487a569cc2
@@ -209,7 +209,7 @@ CMD(keys, "keys", "", CMD_REF(list), "[P
            i != pubkeys.end(); i++)
         {
           base64<rsa_pub_key> pub_encoded;
-          hexenc<id> hash_code;
+          id hash_code;
           rsa_keypair_id keyid = i->first;
           bool indb = i->second;
 
@@ -223,9 +223,9 @@ CMD(keys, "keys", "", CMD_REF(list), "[P
             }
           key_hash_code(keyid, pub_encoded, hash_code);
           if (indb)
-            cout << hash_code << ' ' << keyid << '\n';
+            cout << encode_hexenc(hash_code()) << ' ' << keyid << '\n';
           else
-            cout << hash_code << ' ' << keyid << "   (*)\n";
+            cout << encode_hexenc(hash_code()) << ' ' << keyid << "   (*)\n";
         }
       if (!all_in_db)
         cout << (F("(*) - only in %s/")
@@ -240,10 +240,10 @@ CMD(keys, "keys", "", CMD_REF(list), "[P
            i != privkeys.end(); i++)
         {
           keypair kp;
-          hexenc<id> hash_code;
+          id hash_code;
           app.keys.get_key_pair(*i, kp);
           key_hash_code(*i, kp.priv, hash_code);
-          cout << hash_code << ' ' << *i << '\n';
+          cout << encode_hexenc(hash_code()) << ' ' << *i << '\n';
         }
       cout << '\n';
     }
@@ -576,7 +576,7 @@ CMD_AUTOMATE(keys, "",
   vector<rsa_keypair_id> dbkeys;
   vector<rsa_keypair_id> kskeys;
   // public_hash, private_hash, public_location, private_location
-  map<string, boost::tuple<hexenc<id>, hexenc<id>,
+  map<string, boost::tuple<id, id,
                            vector<string>,
                            vector<string> > > items;
   if (db.database_specified())
@@ -592,8 +592,7 @@ CMD_AUTOMATE(keys, "",
        i != dbkeys.end(); i++)
     {
       base64<rsa_pub_key> pub_encoded;
-      hexenc<id> hash_code;
-
+      id hash_code;
       db.get_key(*i, pub_encoded);
       key_hash_code(*i, pub_encoded, hash_code);
       items[(*i)()].get<0>() = hash_code;
@@ -604,7 +603,7 @@ CMD_AUTOMATE(keys, "",
        i != kskeys.end(); i++)
     {
       keypair kp;
-      hexenc<id> privhash, pubhash;
+      id privhash, pubhash;
       keys.get_key_pair(*i, kp);
       key_hash_code(*i, kp.pub, pubhash);
       key_hash_code(*i, kp.priv, privhash);
@@ -614,16 +613,16 @@ CMD_AUTOMATE(keys, "",
       items[(*i)()].get<3>().push_back("keystore");
     }
   basic_io::printer prt;
-  for (map<string, boost::tuple<hexenc<id>, hexenc<id>,
-                                     vector<string>,
-                                     vector<string> > >::iterator
+  for (map<string, boost::tuple<id, id,
+                                vector<string>,
+                                vector<string> > >::iterator
          i = items.begin(); i != items.end(); ++i)
     {
       basic_io::stanza stz;
       stz.push_str_pair(syms::name, i->first);
-      stz.push_hex_pair(syms::public_hash, i->second.get<0>());
+      stz.push_binary_pair(syms::public_hash, i->second.get<0>());
       if (!i->second.get<1>()().empty())
-        stz.push_hex_pair(syms::private_hash, i->second.get<1>());
+        stz.push_binary_pair(syms::private_hash, i->second.get<1>());
       stz.push_str_multi(syms::public_location, i->second.get<2>());
       if (!i->second.get<3>().empty())
         stz.push_str_multi(syms::private_location, i->second.get<3>());
@@ -675,9 +674,9 @@ CMD_AUTOMATE(certs, N_("REV"),
 
   transaction_guard guard(db, false);
 
-  revision_id rid(idx(args, 0)());
+  hexenc<id> ident(idx(args, 0)());
+  revision_id rid(decode_hexenc(ident()));
   N(db.revision_exists(rid), F("no such revision '%s'") % rid);
-  hexenc<id> ident(rid.inner());
 
   vector< revision<cert> > ts;
   // FIXME_PROJECTS: after projects are implemented,
@@ -719,7 +718,7 @@ CMD_AUTOMATE(certs, N_("REV"),
       signers.insert(keyid);
 
       bool trusted =
-        db.hook_get_revision_cert_trust(signers, ident,
+        db.hook_get_revision_cert_trust(signers, rid,
                                         name, tv);
 
       st.push_str_pair(syms::key, keyid());
============================================================
--- cmd_ws_commit.cc	a849392a7e25e92eacfd1785c8576d5252fd344b
+++ cmd_ws_commit.cc	95ed7d5c272e078e54128aa90e196b48a90c7fab
@@ -22,6 +22,7 @@
 #include "ui.hh"
 #include "app_state.hh"
 #include "basic_io.hh"
+#include "xdelta.hh"
 
 using std::cout;
 using std::make_pair;
@@ -275,10 +276,10 @@ CMD(revert, "revert", "", CMD_REF(worksp
           file_t f = downcast_to_file_t(node);
           if (file_exists(new_path))
             {
-              hexenc<id> ident;
+              file_id ident;
               calculate_ident(new_path, ident);
               // don't touch unchanged files
-              if (ident == f->content.inner())
+              if (ident == f->content)
                 continue;
               else
                 L(FL("skipping unchanged %s") % new_path);
@@ -1192,9 +1193,9 @@ CMD(commit, "commit", "ci", CMD_REF(work
                     app.db.get_file_version(old_content, old_data);
                     read_data(path, new_data);
                     // sanity check
-                    hexenc<id> tid;
-                    calculate_ident(new_data, tid);
-                    N(tid == new_content.inner(),
+                    file_id tid;
+                    calculate_ident(file_data(new_data), tid);
+                    N(tid == new_content,
                       F("file '%s' modified during commit, aborting")
                       % path);
                     delta del;
@@ -1221,9 +1222,9 @@ CMD(commit, "commit", "ci", CMD_REF(work
                 data new_data;
                 read_data(path, new_data);
                 // sanity check
-                hexenc<id> tid;
-                calculate_ident(new_data, tid);
-                N(tid == new_content.inner(),
+                file_id tid;
+                calculate_ident(file_data(new_data), tid);
+                N(tid == new_content,
                   F("file '%s' modified during commit, aborting")
                   % path);
                 app.db.put_file(new_content, file_data(new_data));
============================================================
--- crypto_tests.cc	e9e0a323f735f61f2072d0c5d4932778a719ecc8
+++ crypto_tests.cc	ae19397a3156f4b436d2c4d1ceb3e1a2572bf2b6
@@ -1053,7 +1053,8 @@ UNIT_TEST(crypto, calculate_ident)
   // iterations, the MCTs are run for 1,000,0000 so that they can
   // double up as a benchmark for SHA.
 
-  hexenc<id> output, output2;
+  id output, output2;
+  hexenc<id> houtput2;
 
   //SHA Short Message Test
   data input(decode_hexenc("5e"));
@@ -1062,9 +1063,9 @@ UNIT_TEST(crypto, calculate_ident)
   calculate_ident(input, output);
 
   //L(FL(" Input: %s") % input);
-  //L(FL("Output: %s") % output);
+  //L(FL("Output: %s") % encode_hexenc(output));
 
-  UNIT_TEST_CHECK(output() == ident);
+  UNIT_TEST_CHECK(output() == decode_hexenc(ident));
   L(FL("SHA Short Message Test:  Passed\n\n"));
 
 
@@ -1107,16 +1108,18 @@ UNIT_TEST(crypto, calculate_ident)
           // L(FL("message: %s") % messageString );
 
           calculate_ident(messageData, output2);
-          // L(FL("output: %s") % output2 );
+          encode_hexenc(output2, houtput2);
 
-          MD[i] = output2();
+          // L(FL("output: %s") % houtput2);
+
+          MD[i] = houtput2();
         }
 
-      L(FL("  %03d:  %s") % j % output2 );
+      L(FL("  %03d:  %s") % j % houtput2);
 
-      UNIT_TEST_CHECK(output2() == expected_SHA_MCT[j]);
+      UNIT_TEST_CHECK(houtput2() == expected_SHA_MCT[j]);
 
-      MD[j] = output2();
+      MD[j] = houtput2();
       Seed  = MD[j];
     }
 
============================================================
--- cset.cc	1b5ab695cac69a67c94fac4e8704ebebc8f9b475
+++ cset.cc	9b353b589c88ba2dfebab556810dfe25f804836b
@@ -290,7 +290,7 @@ print_cset(basic_io::printer & printer,
     {
       basic_io::stanza st;
       st.push_file_pair(syms::add_file, i->first);
-      st.push_hex_pair(syms::content, i->second.inner());
+      st.push_binary_pair(syms::content, i->second.inner());
       printer.print_stanza(st);
     }
 
@@ -299,8 +299,8 @@ print_cset(basic_io::printer & printer,
     {
       basic_io::stanza st;
       st.push_file_pair(syms::patch, i->first);
-      st.push_hex_pair(syms::from, i->second.first.inner());
-      st.push_hex_pair(syms::to, i->second.second.inner());
+      st.push_binary_pair(syms::from, i->second.first.inner());
+      st.push_binary_pair(syms::to, i->second.second.inner());
       printer.print_stanza(st);
     }
 
============================================================
--- database.cc	a8f9a8d7830f46b87228484b95a213c86f970e86
+++ database.cc	7824696ceab64bfe65e0f77224b188c96965fbcd
@@ -211,7 +211,7 @@ class database_impl
              query const & q);
   void execute(query const & q);
 
-  bool table_has_entry(hexenc<id> const & key, string const & column,
+  bool table_has_entry(id const & key, string const & column,
                        string const & table);
 
   //
@@ -271,37 +271,37 @@ class database_impl
   bool roster_base_available(revision_id const & ident);
   
   // "do we have any entry for 'ident' that is a delta"
-  bool delta_exists(hexenc<id> const & ident,
-                    hexenc<id> const & base,
+  bool delta_exists(file_id const & ident,
+                    file_id const & base,
                     string const & table);
 
-  bool file_or_manifest_base_exists(hexenc<id> const & ident,
+  bool file_or_manifest_base_exists(id const & ident,
                                     std::string const & table);
 
-  void get_file_or_manifest_base_unchecked(hexenc<id> const & new_id,
+  void get_file_or_manifest_base_unchecked(id const & new_id,
                                            data & dat,
                                            string const & table);
-  void get_file_or_manifest_delta_unchecked(hexenc<id> const & ident,
-                                            hexenc<id> const & base,
+  void get_file_or_manifest_delta_unchecked(id const & ident,
+                                            id const & base,
                                             delta & del,
                                             string const & table);
   void get_roster_base(revision_id const & ident,
                        roster_t & roster, marking_map & marking);
-  void get_roster_delta(hexenc<id> const & ident,
-                        hexenc<id> const & base,
+  void get_roster_delta(id const & ident,
+                        id const & base,
                         roster_delta & del);
 
   friend struct file_and_manifest_reconstruction_graph;
   friend struct roster_reconstruction_graph;
 
-  LRUWritebackCache<hexenc<id>, data, datasz> vcache;
+  LRUWritebackCache<id, data, datasz> vcache;
 
-  void get_version(hexenc<id> const & ident,
+  void get_version(id const & ident,
                    data & dat,
                    string const & data_table,
                    string const & delta_table);
 
-  void drop(hexenc<id> const & base,
+  void drop(id const & base,
             string const & table);
   void put_file_delta(file_id const & ident,
                       file_id const & base,
@@ -310,8 +310,8 @@ class database_impl
   void put_roster_delta(revision_id const & ident,
                         revision_id const & base,
                         roster_delta const & del);
-  void put_version(hexenc<id> const & old_id,
-                   hexenc<id> const & new_id,
+  void put_version(file_id const & old_id,
+                   file_id const & new_id,
                    delta const & del,
                    string const & data_table,
                    string const & delta_table);
@@ -319,7 +319,7 @@ class database_impl
   //
   // --== The ancestry graph ==--
   //
-  void get_ids(string const & table, set< hexenc<id> > & ids);
+  void get_ids(string const & table, set<id> & ids);
 
   //
   // --== Rosters ==--
@@ -353,7 +353,7 @@ class database_impl
   void get_certs(vector<cert> & certs,
                  string const & table);
   
-  void get_certs(hexenc<id> const & ident,
+  void get_certs(id const & ident,
                  vector<cert> & certs,
                  string const & table);
 
@@ -361,12 +361,12 @@ class database_impl
                  vector<cert> & certs,
                  string const & table);
 
-  void get_certs(hexenc<id> const & ident,
+  void get_certs(id const & ident,
                  cert_name const & name,
                  vector<cert> & certs,
                  string const & table);
 
-  void get_certs(hexenc<id> const & ident,
+  void get_certs(id const & ident,
                  cert_name const & name,
                  base64<cert_value> const & val,
                  vector<cert> & certs,
@@ -1140,13 +1140,13 @@ bool
 }
 
 bool
-database_impl::table_has_entry(hexenc<id> const & key,
+database_impl::table_has_entry(id const & key,
                                std::string const & column,
                                std::string const & table)
 {
   results res;
   query q("SELECT 1 FROM " + table + " WHERE " + column + " = ? LIMIT 1");
-  fetch(res, one_col, any_rows, q % blob(decode_hexenc(key())));
+  fetch(res, one_col, any_rows, q % blob(key()));
   return !res.empty();
 }
 
@@ -1278,7 +1278,7 @@ bool
 
 
 bool
-database_impl::file_or_manifest_base_exists(hexenc<id> const & ident,
+database_impl::file_or_manifest_base_exists(id const & ident,
                                             string const & table)
 {
   // just check for a delayed file, since there are no delayed manifests
@@ -1288,10 +1288,10 @@ bool
 }
 
 bool
-database::file_or_manifest_base_exists(hexenc<id> const & ident,
+database::file_or_manifest_base_exists(file_id const & ident,
                                        string const & table)
 {
-  return imp->file_or_manifest_base_exists(ident, table);
+  return imp->file_or_manifest_base_exists(ident.inner(), table);
 }
 
 // returns true if we are currently storing (or planning to store) a
@@ -1317,21 +1317,21 @@ bool
 }
 
 bool
-database::delta_exists(hexenc<id> const & ident,
+database::delta_exists(id const & ident,
                        string const & table)
 {
   return imp->table_has_entry(ident, "id", table);
 }
 
 bool
-database_impl::delta_exists(hexenc<id> const & ident,
-                            hexenc<id> const & base,
+database_impl::delta_exists(file_id const & ident,
+                            file_id const & base,
                             string const & table)
 {
   results res;
   query q("SELECT 1 FROM " + table + " WHERE id = ? and base = ? LIMIT 1");
   fetch(res, one_col, any_rows,
-        q % blob(decode_hexenc(ident())) % blob(decode_hexenc(base())));
+        q % blob(ident.inner()()) % blob(base.inner()()));
   return !res.empty();
 }
 
@@ -1393,7 +1393,7 @@ void
 }
 
 void
-database_impl::get_ids(string const & table, set< hexenc<id> > & ids)
+database_impl::get_ids(string const & table, set<id> & ids)
 {
   results res;
   query q("SELECT id FROM " + table);
@@ -1401,15 +1401,15 @@ database_impl::get_ids(string const & ta
 
   for (size_t i = 0; i < res.size(); ++i)
     {
-      ids.insert(hexenc<id>(encode_hexenc(res[i][0])));
+      ids.insert(id(res[i][0]));
     }
 }
 
 // for files and legacy manifest support
 void
-database_impl::get_file_or_manifest_base_unchecked(hexenc<id> const & ident,
-                                                    data & dat,
-                                                    string const & table)
+database_impl::get_file_or_manifest_base_unchecked(id const & ident,
+                                                   data & dat,
+                                                   string const & table)
 {
   if (have_delayed_file(file_id(ident)))
     {
@@ -1421,7 +1421,7 @@ database_impl::get_file_or_manifest_base
 
   results res;
   query q("SELECT data FROM " + table + " WHERE id = ?");
-  fetch(res, one_col, one_row, q % blob(decode_hexenc(ident())));
+  fetch(res, one_col, one_row, q % blob(ident()));
 
   gzip<data> rdata(res[0][0]);
   data rdata_unpacked;
@@ -1432,17 +1432,17 @@ void
 
 // for files and legacy manifest support
 void
-database_impl::get_file_or_manifest_delta_unchecked(hexenc<id> const & ident,
-                                                     hexenc<id> const & base,
-                                                     delta & del,
-                                                     string const & table)
+database_impl::get_file_or_manifest_delta_unchecked(id const & ident,
+                                                    id const & base,
+                                                    delta & del,
+                                                    string const & table)
 {
   I(ident() != "");
   I(base() != "");
   results res;
   query q("SELECT delta FROM " + table + " WHERE id = ? AND base = ?");
   fetch(res, one_col, one_row,
-        q % blob(decode_hexenc(ident())) % blob(decode_hexenc(base())));
+        q % blob(ident()) % blob(base()));
 
   gzip<delta> del_packed(res[0][0]);
   decode_gzip(del_packed, del);
@@ -1464,10 +1464,10 @@ database_impl::get_roster_base(revision_
     }
   results res;
   query q("SELECT checksum, data FROM rosters WHERE id = ?");
-  fetch(res, 2, one_row, q % blob(decode_hexenc(ident.inner()())));
+  fetch(res, 2, one_row, q % blob(ident.inner()()));
 
-  hexenc<id> checksum(res[0][0]);
-  hexenc<id> calculated;
+  id checksum(res[0][0]);
+  id calculated;
   calculate_ident(data(res[0][1]), calculated);
   I(calculated == checksum);
 
@@ -1478,16 +1478,16 @@ void
 }
 
 void
-database_impl::get_roster_delta(hexenc<id> const & ident,
-                                hexenc<id> const & base,
+database_impl::get_roster_delta(id const & ident,
+                                id const & base,
                                 roster<delta> & del)
 {
   results res;
   query q("SELECT checksum, delta FROM roster_deltas WHERE id = ? AND base = ?");
-  fetch(res, 2, one_row, q % blob(decode_hexenc(ident())) % blob(decode_hexenc(base())));
+  fetch(res, 2, one_row, q % blob(ident()) % blob(base()));
 
-  hexenc<id> checksum(res[0][0]);
-  hexenc<id> calculated;
+  id checksum(res[0][0]);
+  id calculated;
   calculate_ident(data(res[0][1]), calculated);
   I(calculated == checksum);
 
@@ -1528,12 +1528,14 @@ database_impl::write_delayed_roster(revi
 
   // ident is a number, and we should calculate a checksum on what
   // we write
-  hexenc<id> checksum;
+  id checksum;
   calculate_ident(data(dat_packed()), checksum);
 
   // and then write it
-  query q("INSERT INTO rosters (id, checksum, data) VALUES (?, ?, ?)");
-  execute(q % blob(decode_hexenc(ident.inner()())) % text(checksum()) % blob(dat_packed()));
+  execute(query("INSERT INTO rosters (id, checksum, data) VALUES (?, ?, ?)")
+          % blob(ident.inner()())
+          % blob(checksum())
+          % blob(dat_packed()));
 }
 
 
@@ -1550,8 +1552,8 @@ database::put_file_delta(file_id const &
   encode_gzip(del.inner(), del_packed);
 
   imp->execute(query("INSERT INTO file_deltas VALUES (?, ?, ?)")
-               % blob(decode_hexenc(ident.inner()()))
-               % blob(decode_hexenc(base.inner()()))
+               % blob(ident.inner()())
+               % blob(base.inner()())
                % blob(del_packed()));
 }
 
@@ -1563,14 +1565,14 @@ database_impl::put_roster_delta(revision
   gzip<delta> del_packed;
   encode_gzip(del.inner(), del_packed);
 
-  hexenc<id> checksum;
+  id checksum;
   calculate_ident(data(del_packed()), checksum);
 
   query q("INSERT INTO roster_deltas (id, base, checksum, delta) VALUES (?, ?, ?, ?)");
   execute(q
-          % blob(decode_hexenc(ident.inner()()))
-          % blob(decode_hexenc(base.inner()()))
-          % text(checksum())
+          % blob(ident.inner()())
+          % blob(base.inner()())
+          % blob(checksum())
           % blob(del_packed()));
 }
 
@@ -1585,28 +1587,28 @@ struct file_and_manifest_reconstruction_
                                          string const & delta_table)
     : imp(imp), data_table(data_table), delta_table(delta_table)
   {}
-  virtual bool is_base(hexenc<id> const & node) const
+  virtual bool is_base(id const & node) const
   {
     return imp.vcache.exists(node)
       || imp.file_or_manifest_base_exists(node, data_table);
   }
-  virtual void get_next(hexenc<id> const & from, set< hexenc<id> > & next) const
+  virtual void get_next(id const & from, set<id> & next) const
   {
     next.clear();
     results res;
     query q("SELECT base FROM " + delta_table + " WHERE id = ?");
-    imp.fetch(res, one_col, any_rows, q % blob(decode_hexenc(from())));
+    imp.fetch(res, one_col, any_rows, q % blob(from()));
     for (results::const_iterator i = res.begin(); i != res.end(); ++i)
-      next.insert(hexenc<id>(encode_hexenc((*i)[0])));
+      next.insert(id((*i)[0]));
   }
 };
 
 // used for files and legacy manifest migration
 void
-database_impl::get_version(hexenc<id> const & ident,
-                            data & dat,
-                            string const & data_table,
-                            string const & delta_table)
+database_impl::get_version(id const & ident,
+                           data & dat,
+                           string const & data_table,
+                           string const & delta_table)
 {
   I(ident() != "");
 
@@ -1618,7 +1620,7 @@ database_impl::get_version(hexenc<id> co
 
   I(!selected_path.empty());
 
-  hexenc<id> curr = hexenc<id>(selected_path.back());
+  id curr = id(selected_path.back());
   selected_path.pop_back();
   data begin;
 
@@ -1633,7 +1635,7 @@ database_impl::get_version(hexenc<id> co
   for (reconstruction_path::reverse_iterator i = selected_path.rbegin();
        i != selected_path.rend(); ++i)
     {
-      hexenc<id> const nxt = hexenc<id>(*i);
+      id const nxt = id(*i);
 
       if (!vcache.exists(curr))
         {
@@ -1642,7 +1644,9 @@ database_impl::get_version(hexenc<id> co
           vcache.insert_clean(curr, data(tmp));
         }
 
-      L(FL("following delta %s -> %s") % curr % nxt);
+      L(FL("following delta %s -> %s")
+        % encode_hexenc(curr())
+        % encode_hexenc(nxt()));
       delta del;
       get_file_or_manifest_delta_unchecked(nxt, curr, del, delta_table);
       apply_delta(appl, del());
@@ -1655,7 +1659,7 @@ database_impl::get_version(hexenc<id> co
   appl->finish(tmp);
   dat = data(tmp);
 
-  hexenc<id> final;
+  id final;
   calculate_ident(dat, final);
   I(final == ident);
 
@@ -1667,18 +1671,18 @@ struct roster_reconstruction_graph : pub
 {
   database_impl & imp;
   roster_reconstruction_graph(database_impl & imp) : imp(imp) {}
-  virtual bool is_base(hexenc<id> const & node) const
+  virtual bool is_base(id const & node) const
   {
     return imp.roster_base_available(revision_id(node));
   }
-  virtual void get_next(hexenc<id> const & from, set< hexenc<id> > & next) const
+  virtual void get_next(id const & from, set<id> & next) const
   {
     next.clear();
     results res;
     query q("SELECT base FROM roster_deltas WHERE id = ?");
-    imp.fetch(res, one_col, any_rows, q % blob(decode_hexenc(from())));
+    imp.fetch(res, one_col, any_rows, q % blob(from()));
     for (results::const_iterator i = res.begin(); i != res.end(); ++i)
-      next.insert(hexenc<id>(encode_hexenc((*i)[0])));
+      next.insert(id((*i)[0]));
   }
 };
 
@@ -1755,9 +1759,9 @@ database_impl::extract_from_deltas(revis
       // recording the deltas visited here in a set as to avoid inspecting
       // them later seems to be of little value, as it imposes a cost here,
       // but can seldom be exploited.
-      set< hexenc<id> > deltas;
+      set<id> deltas;
       graph.get_next(ident.inner(), deltas);
-      for (set< hexenc<id> >::const_iterator i = deltas.begin();
+      for (set<id>::const_iterator i = deltas.begin();
            i != deltas.end(); ++i)
         {
           roster_delta del;
@@ -1772,7 +1776,7 @@ database_impl::extract_from_deltas(revis
 
   int path_length(selected_path.size());
   int i(0);
-  hexenc<id> target_rev;
+  id target_rev;
 
   for (reconstruction_path::const_iterator p = selected_path.begin();
        p != selected_path.end(); ++p)
@@ -1840,7 +1844,7 @@ database::get_roster_version(revision_id
     get_reconstruction_path(ros_id.inner(), graph, selected_path);
   }
 
-  hexenc<id> curr = selected_path.back();
+  id curr = selected_path.back();
   selected_path.pop_back();
   // we know that this isn't already in the cache (because of the early exit
   // above), so we should create new objects and spend time filling them in.
@@ -1851,8 +1855,10 @@ database::get_roster_version(revision_id
   for (reconstruction_path::reverse_iterator i = selected_path.rbegin();
        i != selected_path.rend(); ++i)
     {
-      hexenc<id> const nxt = *i;
-      L(FL("following delta %s -> %s") % curr % nxt);
+      id const nxt = *i;
+      L(FL("following delta %s -> %s")
+        % encode_hexenc(curr())
+        % encode_hexenc(nxt()));
       roster_delta del;
       imp->get_roster_delta(nxt, curr, del);
       apply_roster_delta(del, *roster, *marking);
@@ -1883,11 +1889,11 @@ void
 
 
 void
-database_impl::drop(hexenc<id> const & ident,
+database_impl::drop(id const & ident,
                     string const & table)
 {
   string drop = "DELETE FROM " + table + " WHERE id = ?";
-  execute(query(drop) % blob(decode_hexenc(ident())));
+  execute(query(drop) % blob(ident()));
 }
 
 // ------------------------------------------------------------
@@ -1924,7 +1930,7 @@ database::get_file_ids(set<file_id> & id
 database::get_file_ids(set<file_id> & ids)
 {
   ids.clear();
-  set< hexenc<id> > tmp;
+  set<id> tmp;
   imp->get_ids("files", tmp);
   imp->get_ids("file_deltas", tmp);
   add_decoration_to_container(tmp, ids);
@@ -1934,7 +1940,7 @@ database::get_revision_ids(set<revision_
 database::get_revision_ids(set<revision_id> & ids)
 {
   ids.clear();
-  set< hexenc<id> > tmp;
+  set<id> tmp;
   imp->get_ids("revisions", tmp);
   add_decoration_to_container(tmp, ids);
 }
@@ -1943,7 +1949,7 @@ database::get_roster_ids(set<revision_id
 database::get_roster_ids(set<revision_id> & ids)
 {
   ids.clear();
-  set< hexenc<id> > tmp;
+  set<id> tmp;
   imp->get_ids("rosters", tmp);
   add_decoration_to_container(tmp, ids);
   imp->get_ids("roster_deltas", tmp);
@@ -2014,19 +2020,19 @@ database::put_file_version(file_id const
   }
   
   transaction_guard guard(*this);  
-  if (file_or_manifest_base_exists(old_id.inner(), "files"))
+  if (file_or_manifest_base_exists(old_id, "files"))
     {
       // descendent of a head version replaces the head, therefore old head
       // must be disposed of
       imp->drop_or_cancel_file(old_id);
     }
-  if (!file_or_manifest_base_exists(new_id.inner(), "files"))
+  if (!file_or_manifest_base_exists(new_id, "files"))
     {
       imp->schedule_delayed_file(new_id, new_data);
       imp->drop(new_id.inner(), "file_deltas");
     }
     
-  if (!imp->delta_exists(old_id.inner(), new_id.inner(), "file_deltas"))
+  if (!imp->delta_exists(old_id, new_id, "file_deltas"))
     {
       put_file_delta(old_id, new_id, reverse_delta);
       guard.commit();
@@ -2267,7 +2273,7 @@ database::deltify_revision(revision_id c
                j = edge_changes(i).deltas_applied.begin();
              j != edge_changes(i).deltas_applied.end(); ++j)
           {
-            if (file_or_manifest_base_exists(delta_entry_src(j).inner(), "files") &&
+            if (file_or_manifest_base_exists(delta_entry_src(j), "files") &&
                 file_version_exists(delta_entry_dst(j)))
               {
                 file_data old_data;
@@ -2601,12 +2607,12 @@ bool
 }
 
 bool
-database::public_key_exists(hexenc<id> const & hash)
+database::public_key_exists(id const & hash)
 {
   results res;
   imp->fetch(res, one_col, any_rows,
              query("SELECT id FROM public_keys WHERE hash = ?")
-             % blob(decode_hexenc(hash())));
+             % blob(hash()));
   I((res.size() == 1) || (res.size() == 0));
   if (res.size() == 1)
     return true;
@@ -2627,14 +2633,14 @@ void
 }
 
 void
-database::get_pubkey(hexenc<id> const & hash,
+database::get_pubkey(id const & hash,
                      rsa_keypair_id & id,
                      base64<rsa_pub_key> & pub_encoded)
 {
   results res;
   imp->fetch(res, 2, one_row,
              query("SELECT id, keydata FROM public_keys WHERE hash = ?")
-             % blob(decode_hexenc(hash())));
+             % blob(hash()));
   id = rsa_keypair_id(res[0][0]);
   encode_base64(rsa_pub_key(res[0][1]), pub_encoded);
 }
@@ -2675,14 +2681,14 @@ database::put_key(rsa_keypair_id const &
 
   L(FL("putting public key %s") % pub_id);
 
-  hexenc<id> thash;
+  id thash;
   key_hash_code(pub_id, pub_encoded, thash);
   I(!public_key_exists(thash));
 
   rsa_pub_key pub_key;
   decode_base64(pub_encoded, pub_key);
   imp->execute(query("INSERT INTO public_keys VALUES(?, ?, ?)")
-               % blob(decode_hexenc(thash()))
+               % blob(thash())
                % text(pub_id())
                % blob(pub_key()));
 
@@ -2770,7 +2776,7 @@ database_impl::cert_exists(cert const & 
                   "AND value = ? "
                   "AND keypair = ? "
                   "AND signature = ?")
-    % blob(decode_hexenc(t.ident()))
+    % blob(t.ident.inner()())
     % text(t.name())
     % blob(value())
     % text(t.key())
@@ -2786,7 +2792,7 @@ database_impl::put_cert(cert const & t,
 database_impl::put_cert(cert const & t,
                         string const & table)
 {
-  hexenc<id> thash;
+  id thash;
   cert_hash_code(t, thash);
   cert_value value;
   decode_base64(t.value, value);
@@ -2796,8 +2802,8 @@ database_impl::put_cert(cert const & t,
   string insert = "INSERT INTO " + table + " VALUES(?, ?, ?, ?, ?, ?)";
 
   execute(query(insert)
-          % blob(decode_hexenc(thash()))
-          % blob(decode_hexenc(t.ident()))
+          % blob(thash())
+          % blob(t.ident.inner()())
           % text(t.name())
           % blob(value())
           % text(t.key())
@@ -2816,7 +2822,7 @@ database_impl::results_to_certs(results 
       encode_base64(cert_value(res[i][2]), value);
       base64<rsa_sha1_signature> sig;
       encode_base64(rsa_sha1_signature(res[i][4]), sig);
-      t = cert(hexenc<id>(encode_hexenc(res[i][0])),
+      t = cert(revision_id(res[i][0]),
               cert_name(res[i][1]),
               value,
               rsa_keypair_id(res[i][3]),
@@ -2847,7 +2853,7 @@ void
 
 
 void
-database_impl::get_certs(hexenc<id> const & ident,
+database_impl::get_certs(id const & ident,
                          vector<cert> & certs,
                          string const & table)
 {
@@ -2855,7 +2861,7 @@ database_impl::get_certs(hexenc<id> cons
   query q("SELECT id, name, value, keypair, signature FROM " + table +
           " WHERE id = ?");
 
-  fetch(res, 5, any_rows, q % blob(decode_hexenc(ident())));
+  fetch(res, 5, any_rows, q % blob(ident()));
   results_to_certs(res, certs);
 }
 
@@ -2874,7 +2880,7 @@ void
 
 
 void
-database_impl::get_certs(hexenc<id> const & ident,
+database_impl::get_certs(id const & ident,
                          cert_name const & name,
                          vector<cert> & certs,
                          string const & table)
@@ -2884,7 +2890,7 @@ database_impl::get_certs(hexenc<id> cons
           " WHERE id = ? AND name = ?");
 
   fetch(res, 5, any_rows,
-        q % blob(decode_hexenc(ident()))
+        q % blob(ident())
           % text(name()));
   results_to_certs(res, certs);
 }
@@ -2909,7 +2915,7 @@ void
 
 
 void
-database_impl::get_certs(hexenc<id> const & ident,
+database_impl::get_certs(id const & ident,
                          cert_name const & name,
                          base64<cert_value> const & value,
                          vector<cert> & certs,
@@ -2922,7 +2928,7 @@ database_impl::get_certs(hexenc<id> cons
   cert_value binvalue;
   decode_base64(value, binvalue);
   fetch(res, 5, any_rows,
-        q % blob(decode_hexenc(ident()))
+        q % blob(ident())
           % text(name())
           % blob(binvalue()));
   results_to_certs(res, certs);
@@ -2960,7 +2966,7 @@ outdated_indicator
 }
 
 outdated_indicator
-database::get_revision_cert_nobranch_index(vector< pair<hexenc<id>,
+database::get_revision_cert_nobranch_index(vector< pair<revision_id,
                                            pair<revision_id, rsa_keypair_id> > > & idx)
 {
   // share some storage
@@ -2975,8 +2981,8 @@ database::get_revision_cert_nobranch_ind
   idx.reserve(res.size());
   for (results::const_iterator i = res.begin(); i != res.end(); ++i)
     {
-      idx.push_back(make_pair(hexenc<id>(encode_hexenc((*i)[0])),
-                              make_pair(revision_id(encode_hexenc((*i)[1])),
+      idx.push_back(make_pair(revision_id((*i)[0]),
+                              make_pair(revision_id((*i)[1]),
                                         rsa_keypair_id((*i)[2]))));
     }
   return imp->cert_stamper.get_indicator();
@@ -3069,7 +3075,7 @@ database::get_revision_certs(revision_id
 
 outdated_indicator
 database::get_revision_certs(revision_id const & ident,
-                             vector< hexenc<id> > & ts)
+                             vector<id> & ts)
 {
   results res;
   vector<cert> certs;
@@ -3077,15 +3083,15 @@ database::get_revision_certs(revision_id
              query("SELECT hash "
                    "FROM revision_certs "
                    "WHERE id = ?")
-             % blob(decode_hexenc(ident.inner()())));
+             % blob(ident.inner()()));
   ts.clear();
   for (size_t i = 0; i < res.size(); ++i)
-    ts.push_back(hexenc<id>(res[i][0]));
+    ts.push_back(id(res[i][0]));
   return imp->cert_stamper.get_indicator();
 }
 
 void
-database::get_revision_cert(hexenc<id> const & hash,
+database::get_revision_cert(id const & hash,
                             revision<cert> & c)
 {
   results res;
@@ -3094,14 +3100,14 @@ database::get_revision_cert(hexenc<id> c
              query("SELECT id, name, value, keypair, signature "
                    "FROM revision_certs "
                    "WHERE hash = ?")
-             % blob(decode_hexenc(hash())));
+             % blob(hash()));
   imp->results_to_certs(res, certs);
   I(certs.size() == 1);
   c = revision<cert>(certs[0]);
 }
 
 bool
-database::revision_cert_exists(hexenc<id> const & hash)
+database::revision_cert_exists(revision_id const & hash)
 {
   results res;
   vector<cert> certs;
@@ -3109,7 +3115,7 @@ database::revision_cert_exists(hexenc<id
              query("SELECT id "
                    "FROM revision_certs "
                    "WHERE hash = ?")
-             % blob(decode_hexenc(hash())));
+             % blob(hash.inner()()));
   I(res.size() == 0 || res.size() == 1);
   return (res.size() == 1);
 }
@@ -3718,14 +3724,14 @@ database::hook_get_manifest_cert_trust(s
 
 bool
 database::hook_get_manifest_cert_trust(set<rsa_keypair_id> const & signers,
-    hexenc<id> const & id, cert_name const & name, cert_value const & val)
+    manifest_id const & id, cert_name const & name, cert_value const & val)
 {
   return __app->lua.hook_get_manifest_cert_trust(signers, id, name, val);
 };
 
 bool
 database::hook_get_revision_cert_trust(set<rsa_keypair_id> const & signers,
-    hexenc<id> const & id, cert_name const & name, cert_value const & val)
+    revision_id const & id, cert_name const & name, cert_value const & val)
 {
   return __app->lua.hook_get_revision_cert_trust(signers, id, name, val);
 };
============================================================
--- database.hh	c2ec8e6a52921e8964fedf07836c54878ca7e353
+++ database.hh	b476f80bd5ff21757783d4b27a6a0884a047c7f2
@@ -138,16 +138,16 @@ private:
                             manifest_data & dat);
 
 private:
-  bool file_or_manifest_base_exists(hexenc<id> const & ident,
+  bool file_or_manifest_base_exists(file_id const & ident,
                                     std::string const & table);
-  bool delta_exists(hexenc<id> const & ident,
+  bool delta_exists(id const & ident,
                     std::string const & table);
   void put_file_delta(file_id const & ident,
                       file_id const & base,
                       file_delta const & del);
 
-  friend void rcs_put_raw_file_edge(hexenc<id> const & old_id,
-                                    hexenc<id> const & new_id,
+  friend void rcs_put_raw_file_edge(file_id const & old_id,
+                                    file_id const & new_id,
                                     delta const & del,
                                     database & db);
 
@@ -238,10 +238,10 @@ public:
 
   void get_public_keys(std::vector<rsa_keypair_id> & pubkeys);
 
-  bool public_key_exists(hexenc<id> const & hash);
+  bool public_key_exists(id const & hash);
   bool public_key_exists(rsa_keypair_id const & ident);
 
-  void get_pubkey(hexenc<id> const & hash,
+  void get_pubkey(id const & hash,
                   rsa_keypair_id & ident,
                   base64<rsa_pub_key> & pub_encoded);
 
@@ -264,12 +264,12 @@ public:
   // note: this section is ridiculous. please do something about it.
 public:
   bool revision_cert_exists(revision<cert> const & cert);
-  bool revision_cert_exists(hexenc<id> const & hash);
+  bool revision_cert_exists(revision_id const & hash);
 
   bool put_revision_cert(revision<cert> const & cert);
 
   // this variant has to be rather coarse and fast, for netsync's use
-  outdated_indicator get_revision_cert_nobranch_index(std::vector< std::pair<hexenc<id>,
+  outdated_indicator get_revision_cert_nobranch_index(std::vector< std::pair<revision_id,
                               std::pair<revision_id, rsa_keypair_id> > > & idx);
 
   // Only used by database_check.cc
@@ -305,9 +305,9 @@ public:
 
   // Used through get_revision_cert_hashes (project.cc)
   outdated_indicator get_revision_certs(revision_id const & ident,
-                          std::vector< hexenc<id> > & hashes);
+                          std::vector<id> & hashes);
 
-  void get_revision_cert(hexenc<id> const & hash,
+  void get_revision_cert(id const & hash,
                          revision<cert> & c);
 
   void get_manifest_certs(manifest_id const & ident,
@@ -435,9 +435,9 @@ public:
   void set_app(app_state * app);
 
   bool hook_get_manifest_cert_trust(std::set<rsa_keypair_id> const & signers,
-    hexenc<id> const & id, cert_name const & name, cert_value const & val);
+    manifest_id const & id, cert_name const & name, cert_value const & val);
   bool hook_get_revision_cert_trust(std::set<rsa_keypair_id> const & signers,
-    hexenc<id> const & id, cert_name const & name, cert_value const & val);
+    revision_id const & id, cert_name const & name, cert_value const & val);
   bool hook_get_author(rsa_keypair_id const & k,
                        std::string & author);
   bool hook_accept_testresult_change(std::map<rsa_keypair_id, bool> const & old_results,
============================================================
--- diff_patch.cc	bf0138e49ccc702cb042fa0f95e272e3a072ea96
+++ diff_patch.cc	a776ae64e12afe57dd93f0071b6c4d6a6fdeaad2
@@ -22,7 +22,7 @@
 #include "roster.hh"
 #include "safe_map.hh"
 #include "sanity.hh"
-#include "transforms.hh"
+#include "xdelta.hh"
 #include "simplestring_xform.hh"
 #include "vocab.hh"
 #include "revision.hh"
@@ -30,6 +30,7 @@
 #include "file_io.hh"
 #include "pcrewrap.hh"
 #include "lua_hooks.hh"
+#include "transforms.hh"
 
 using std::make_pair;
 using std::map;
@@ -808,18 +809,16 @@ content_merger::try_auto_merge(file_path
 
       if (merge3(ancestor_lines, left_lines, right_lines, merged_lines))
         {
-          hexenc<id> tmp_id;
+          file_id tmp_id;
           file_data merge_data;
           string tmp;
 
           L(FL("internal 3-way merged ok"));
           join_lines(merged_lines, tmp);
-          calculate_ident(data(tmp), tmp_id);
-          file_id merged_fid(tmp_id);
           merge_data = file_data(tmp);
+          calculate_ident(merge_data, merged_id);
 
-          merged_id = merged_fid;
-          adaptor.record_merge(left_id, right_id, merged_fid,
+          adaptor.record_merge(left_id, right_id, merged_id,
                                left_data, right_data, merge_data);
 
           return true;
@@ -880,16 +879,12 @@ content_merger::try_user_merge(file_path
                       ancestor_unpacked, left_unpacked,
                       right_unpacked, merged_unpacked))
     {
-      hexenc<id> tmp_id;
-      file_data merge_data;
+      file_data merge_data(merged_unpacked);
 
       L(FL("lua merge3 hook merged ok"));
-      calculate_ident(merged_unpacked, tmp_id);
-      file_id merged_fid(tmp_id);
-      merge_data = file_data(merged_unpacked);
+      calculate_ident(merge_data, merged_id);
 
-      merged_id = merged_fid;
-      adaptor.record_merge(left_id, right_id, merged_fid,
+      adaptor.record_merge(left_id, right_id, merged_id,
                            left_data, right_data, merge_data);
       return true;
     }
@@ -1462,7 +1457,6 @@ make_diff(string const & filename1,
 
 #ifdef BUILD_UNIT_TESTS
 #include "unit_tests.hh"
-#include "transforms.hh"
 #include "lexical_cast.hh"
 #include "randomfile.hh"
 
============================================================
--- enumerator.cc	4400e1ce3ef83739301e15c27f7bad6d42817736
+++ enumerator.cc	9a2b6e6bc15bf241f1f7c6e1479a6aab922fbb66
@@ -165,7 +165,7 @@ revision_enumerator::note_cert(revision_
 
 void
 revision_enumerator::note_cert(revision_id const & rid,
-			       hexenc<id> const & cert_hash)
+			       id const & cert_hash)
 {
   revision_certs.insert(make_pair(rid, cert_hash));
 }
@@ -173,11 +173,11 @@ revision_enumerator::get_revision_certs(
 
 void
 revision_enumerator::get_revision_certs(revision_id const & rid,
-					vector<hexenc<id> > & hashes)
+					vector<id> & hashes)
 {
   hashes.clear();
   bool found_one = false;
-  typedef multimap<revision_id, hexenc<id> >::const_iterator ci;
+  typedef multimap<revision_id, id>::const_iterator ci;
   pair<ci,ci> range = revision_certs.equal_range(rid);
   for (ci i = range.first; i != range.second; ++i)
     {
@@ -277,9 +277,9 @@ revision_enumerator::step()
             }
 
           // Queue up some or all of the rev's certs
-          vector<hexenc<id> > hashes;
+          vector<id> hashes;
           get_revision_certs(r, hashes);
-          for (vector<hexenc<id> >::const_iterator i = hashes.begin();
+          for (vector<id>::const_iterator i = hashes.begin();
                i != hashes.end(); ++i)
             {
               if (cb.queue_this_cert(*i))
============================================================
--- enumerator.hh	d1dac4129cf193b9a2531ca785690a093e4e1248
+++ enumerator.hh	587214918025eac004c70356ab24517ed4ceda63
@@ -31,13 +31,13 @@ enumerator_callbacks
   // to be notified about the contents of. The rev's children will be
   // traversed no matter what you return here.
   virtual bool process_this_rev(revision_id const & rev) = 0;
-  virtual bool queue_this_cert(hexenc<id> const & c) = 0;
-  virtual bool queue_this_file(hexenc<id> const & c) = 0;
+  virtual bool queue_this_cert(id const & c) = 0;
+  virtual bool queue_this_file(id const & c) = 0;
 
   virtual void note_file_data(file_id const & f) = 0;
   virtual void note_file_delta(file_id const & src, file_id const & dst) = 0;
   virtual void note_rev(revision_id const & rev) = 0;
-  virtual void note_cert(hexenc<id> const & c) = 0;
+  virtual void note_cert(id const & c) = 0;
   virtual ~enumerator_callbacks() {}
 };
 
@@ -45,8 +45,8 @@ enumerator_item
 enumerator_item
 {
   enum { fdata, fdelta, rev, cert } tag;
-  hexenc<id> ident_a;
-  hexenc<id> ident_b;
+  id ident_a;
+  id ident_b;
 };
 
 class
@@ -61,14 +61,14 @@ revision_enumerator
   std::deque<enumerator_item> items;
   std::multimap<revision_id, revision_id> graph;
   std::multimap<revision_id, revision_id> inverse_graph;
-  std::multimap<revision_id, hexenc<id> >  revision_certs;
+  std::multimap<revision_id, id>          revision_certs;
 
   bool all_parents_enumerated(revision_id const & child);
   void files_for_revision(revision_id const & r,
                           std::set<file_id> & full_files,
                           std::set<std::pair<file_id,file_id> > & del_files);
   void get_revision_certs(revision_id const & rid,
-			  std::vector<hexenc<id> > & certs);
+			  std::vector<id> & certs);
 
 public:
   revision_enumerator(enumerator_callbacks & cb,
@@ -76,7 +76,7 @@ public:
   void get_revision_parents(revision_id const & rid,
 			    std::vector<revision_id> & parents);
   void note_cert(revision_id const & rid,
-		 hexenc<id> const & cert_hash);
+                 id const & cert_hash);
   void step();
   bool done();
 };
============================================================
--- epoch.cc	c9f85974e9799b788d75863843977c8fc405d38d
+++ epoch.cc	83f997c2d966b6385ce2e20d0d0f267c1c895e4a
@@ -48,7 +48,7 @@ epoch_hash_code(branch_name const & bran
 {
   string tmp(branch() + ":" + epoch.inner()());
   data tdat(tmp);
-  hexenc<id> out;
+  id out;
   calculate_ident(tdat, out);
   eid = epoch_id(out);
 }
============================================================
--- file_io.cc	358fb964dc42e7f936a136342b93bb3a4744d1b3
+++ file_io.cc	88604da5f32ba3d524c9bf5308f8630763f5df38
@@ -550,25 +550,22 @@ ident_existing_file(file_path const & p,
       return false;
     }
 
-  hexenc<id> id;
-  calculate_ident(p, id);
-  ident = file_id(id);
-
+  calculate_ident(p, ident);
   return true;
 }
 
 void
 calculate_ident(file_path const & file,
-                hexenc<id> & ident)
+                file_id & ident)
 {
   // no conversions necessary, use streaming form
   // Best to be safe and check it isn't a dir.
   assert_path_is_file(file);
-  Botan::Pipe p(new Botan::Hash_Filter("SHA-160"), new Botan::Hex_Encoder());
+  Botan::Pipe p(new Botan::Hash_Filter("SHA-160"));
   Botan::DataSource_Stream infile(file.as_external(), true);
   p.process_msg(infile);
 
-  ident = hexenc<id>(lowercase(p.read_all_as_string()));
+  ident = file_id(p.read_all_as_string());
 }
 
 // Local Variables:
============================================================
--- file_io.hh	e5375aaf306962177570b5c5b67b65a6ef64732f
+++ file_io.hh	e477a87af2f1d3326d5f07f9c9ed6ab322809fe6
@@ -121,7 +121,7 @@ void calculate_ident(file_path const & f
 bool ident_existing_file(file_path const & p, file_id & ident, path::status status);
 
 void calculate_ident(file_path const & file,
-                     hexenc<id> & ident);
+                     file_id & ident);
 
 // Local Variables:
 // mode: C++
============================================================
--- graph.cc	321bc48c571ca17ccce0045b5edbda76688191eb
+++ graph.cc	be600b6812d5a9d04a79e577d25b9024c1d83286
@@ -24,7 +24,7 @@ void
 using hashmap::hash_set;
 
 void
-get_reconstruction_path(hexenc<id> const & start,
+get_reconstruction_path(id const & start,
                         reconstruction_graph const & graph,
                         reconstruction_path & path)
 {
@@ -61,7 +61,7 @@ get_reconstruction_path(hexenc<id> const
   }
 
   shared_ptr<reconstruction_path> selected_path;
-  set< hexenc<id> > seen_nodes;
+  set<id> seen_nodes;
 
   while (!selected_path)
     {
@@ -72,7 +72,7 @@ get_reconstruction_path(hexenc<id> const
            i != live_paths.end(); ++i)
         {
           shared_ptr<reconstruction_path> pth = *i;
-          hexenc<id> tip = pth->back();
+          id tip = pth->back();
 
           if (graph.is_base(tip))
             {
@@ -82,13 +82,13 @@ get_reconstruction_path(hexenc<id> const
           else
             {
               // This tip is not a root, so extend the path.
-              set< hexenc<id> > next;
+              set<id> next;
               graph.get_next(tip, next);
               I(!next.empty());
 
               // Replicate the path if there's a fork.
               bool first = true;
-              for (set< hexenc<id> >::const_iterator j = next.begin();
+              for (set<id>::const_iterator j = next.begin();
                     j != next.end(); ++j)
                 {
                   L(FL("considering %s -> %s") % tip % *j);
@@ -144,19 +144,19 @@ using std::pair;
 using boost::lexical_cast;
 using std::pair;
 
-typedef std::multimap< hexenc<id>, hexenc<id> > rg_map;
+typedef std::multimap<id, id> rg_map;
 struct mock_reconstruction_graph : public reconstruction_graph
 {
   rg_map ancestry;
-  set< hexenc<id> > bases;
-  mock_reconstruction_graph(rg_map const & ancestry, set< hexenc<id> > const & bases)
+  set<id> bases;
+  mock_reconstruction_graph(rg_map const & ancestry, set<id> const & bases)
     : ancestry(ancestry), bases(bases)
   {}
-  virtual bool is_base(hexenc<id> const & node) const
+  virtual bool is_base(id const & node) const
   {
     return bases.find(node) != bases.end();
   }
-  virtual void get_next(hexenc<id> const & from, set< hexenc<id> > & next) const
+  virtual void get_next(id const & from, set<id> & next) const
   {
     typedef rg_map::const_iterator ci;
     pair<ci, ci> range = ancestry.equal_range(from);
@@ -168,16 +168,16 @@ make_random_reconstruction_graph(size_t 
 static void
 make_random_reconstruction_graph(size_t num_nodes, size_t num_random_edges,
                                  size_t num_random_bases,
-                                 vector< hexenc<id> > & all_nodes, rg_map & ancestry,
-                                 set< hexenc<id> > & bases,
+                                 vector<id> & all_nodes, rg_map & ancestry,
+                                 set<id> & bases,
                                  randomizer & rng)
 {
   for (size_t i = 0; i != num_nodes; ++i)
     {
-      hexenc<id> hex_id;
+      id hash;
       string s(lexical_cast<string>(i));
-      calculate_ident(data(s), hex_id);
-      all_nodes.push_back(hex_id);
+      calculate_ident(data(s), hash);
+      all_nodes.push_back(hash);
     }
   // We put a single long chain of edges in, to make sure that everything is
   // reconstructable somehow.
@@ -200,7 +200,7 @@ static void
 }
 
 static void
-check_reconstruction_path(hexenc<id> const & start, reconstruction_graph const & graph,
+check_reconstruction_path(id const & start, reconstruction_graph const & graph,
                           reconstruction_path const & path)
 {
   I(!path.empty());
@@ -210,7 +210,7 @@ check_reconstruction_path(hexenc<id> con
   I(graph.is_base(*last));
   for (reconstruction_path::const_iterator i = path.begin(); i != last; ++i)
     {
-      set< hexenc<id> > children;
+      set<id> children;
       graph.get_next(*i, children);
       reconstruction_path::const_iterator next = i;
       ++next;
@@ -224,14 +224,14 @@ run_get_reconstruction_path_tests_on_ran
                                                   size_t num_random_bases,
                                                   randomizer & rng)
 {
-  vector< hexenc<id> > all_nodes;
+  vector<id> all_nodes;
   rg_map ancestry;
-  set< hexenc<id> > bases;
+  set<id> bases;
   make_random_reconstruction_graph(num_nodes, num_random_edges, num_random_bases,
                                    all_nodes, ancestry, bases,
                                    rng);
   mock_reconstruction_graph graph(ancestry, bases);
-  for (vector< hexenc<id> >::const_iterator i = all_nodes.begin();
+  for (vector<id>::const_iterator i = all_nodes.begin();
        i != all_nodes.end(); ++i)
     {
       reconstruction_path path;
============================================================
--- graph.hh	a463fb39255436e51b39d02c3488bd2e349a0fdc
+++ graph.hh	b2c02c3ae87acf55b9d63e27ffc3d0ed4e2d2ca4
@@ -26,15 +26,15 @@ struct reconstruction_graph
 
 struct reconstruction_graph
 {
-  virtual bool is_base(hexenc<id> const & node) const = 0;
-  virtual void get_next(hexenc<id> const & from, std::set< hexenc<id> > & next) const = 0;
+  virtual bool is_base(id const & node) const = 0;
+  virtual void get_next(id const & from, std::set<id> & next) const = 0;
   virtual ~reconstruction_graph() {};
 };
 
-typedef std::vector< hexenc<id> > reconstruction_path;
+typedef std::vector<id> reconstruction_path;
 
 void
-get_reconstruction_path(hexenc<id> const & start,
+get_reconstruction_path(id const & start,
                         reconstruction_graph const & graph,
                         reconstruction_path & path);
 
============================================================
--- key_store.cc	d9d884883cba69e5cf6a3a4d452eabe6880d164e
+++ key_store.cc	d8d068fa9076627f607598d5546cb51e0bdf74fc
@@ -153,12 +153,12 @@ bool
 }
 
 bool
-key_store::maybe_get_key_pair(hexenc<id> const & hash,
+key_store::maybe_get_key_pair(id const & hash,
                               rsa_keypair_id & keyid,
                               keypair & kp)
 {
   maybe_read_key_dir();
-  map<hexenc<id>, rsa_keypair_id>::const_iterator hi = hashes.find(hash);
+  map<id, rsa_keypair_id>::const_iterator hi = hashes.find(hash);
   if (hi == hashes.end())
     return false;
 
@@ -221,7 +221,7 @@ key_store::put_key_pair_memory(rsa_keypa
   res = keys.insert(make_pair(ident, kp));
   if (res.second)
     {
-      hexenc<id> hash;
+      id hash;
       key_hash_code(ident, kp.pub, hash);
       I(hashes.insert(make_pair(hash, ident)).second);
       return true;
@@ -243,9 +243,9 @@ key_store::delete_key(rsa_keypair_id con
   map<rsa_keypair_id, keypair>::iterator i = keys.find(ident);
   if (i != keys.end())
     {
-      hexenc<id> hash;
+      id hash;
       key_hash_code(ident, i->second.pub, hash);
-      map<hexenc<id>, rsa_keypair_id>::iterator j = hashes.find(hash);
+      map<id, rsa_keypair_id>::iterator j = hashes.find(hash);
       I(j != hashes.end());
       hashes.erase(j);
       keys.erase(i);
============================================================
--- key_store.hh	78b1f281a7dcd30fbd3404b2b954e0470a362c85
+++ key_store.hh	3263454aadcc978d44864e6d44ce8ebc8e3e55cd
@@ -29,7 +29,7 @@ private:
   bool have_read;
   app_state & app;
   std::map<rsa_keypair_id, keypair> keys;
-  std::map<hexenc<id>, rsa_keypair_id> hashes;
+  std::map<id, rsa_keypair_id> hashes;
 
   void get_key_file(rsa_keypair_id const & ident, system_path & file);
   void write_key(rsa_keypair_id const & ident);
@@ -50,7 +50,7 @@ public:
                     keypair & kp);
   bool maybe_get_key_pair(rsa_keypair_id const & ident,
                           keypair & kp);
-  bool maybe_get_key_pair(hexenc<id> const & hash,
+  bool maybe_get_key_pair(id const & hash,
                           rsa_keypair_id & ident,
                           keypair & kp);
 
============================================================
--- keys.cc	e7e47cab5f6efeae027fa0eefdddd64438c9a074
+++ keys.cc	0f0d0b90f126d2e96177f0c7cbf52b6db43252ef
@@ -569,7 +569,7 @@ key_hash_code(rsa_keypair_id const & ide
 void
 key_hash_code(rsa_keypair_id const & ident,
               base64<rsa_pub_key> const & pub,
-              hexenc<id> & out)
+              id & out)
 {
   data tdat(ident() + ":" + remove_ws(pub()));
   calculate_ident(tdat, out);
@@ -578,7 +578,7 @@ key_hash_code(rsa_keypair_id const & ide
 void
 key_hash_code(rsa_keypair_id const & ident,
               base64< rsa_priv_key > const & priv,
-              hexenc<id> & out)
+              id & out)
 {
   data tdat(ident() + ":" + remove_ws(priv()));
   calculate_ident(tdat, out);
@@ -592,7 +592,7 @@ keys_match(rsa_keypair_id const & id1,
            rsa_keypair_id const & id2,
            base64<rsa_pub_key> const & key2)
 {
-  hexenc<id> hash1, hash2;
+  id hash1, hash2;
   key_hash_code(id1, key1, hash1);
   key_hash_code(id2, key2, hash2);
   return hash1 == hash2;
@@ -604,7 +604,7 @@ keys_match(rsa_keypair_id const & id1,
            rsa_keypair_id const & id2,
            base64< rsa_priv_key > const & key2)
 {
-  hexenc<id> hash1, hash2;
+  id hash1, hash2;
   key_hash_code(id1, key1, hash1);
   key_hash_code(id2, key2, hash2);
   return hash1 == hash2;
============================================================
--- keys.hh	2247bc16bb59873ced93ccc907e10d4615af6861
+++ keys.hh	7e4973b9b7487997352b107cc27d1ecffbcca160
@@ -92,11 +92,11 @@ void key_hash_code(rsa_keypair_id const 
 
 void key_hash_code(rsa_keypair_id const & ident,
                    base64<rsa_pub_key> const & pub,
-                   hexenc<id> & out);
+                   id & out);
 
 void key_hash_code(rsa_keypair_id const & ident,
                    base64< rsa_priv_key > const & priv,
-                   hexenc<id> & out);
+                   id & out);
 
 bool keys_match(rsa_keypair_id const & id1,
                 base64<rsa_pub_key> const & key1,
============================================================
--- legacy.cc	f257347af7b06837e17a114fe1dcad09a02f0cdf
+++ legacy.cc	ca81033c0dec6748f9ff1f6b080aec3889715931
@@ -12,6 +12,7 @@
 #include "basic_io.hh"
 #include "constants.hh"
 #include "database.hh"
+#include "transforms.hh"
 
 using std::make_pair;
 using std::string;
@@ -163,7 +164,7 @@ namespace legacy
         else
           file_name = dat().substr(file_name_begin, pos - file_name_begin);
         man.insert(make_pair(file_path_internal(file_name),
-                             hexenc<id>(ident)));
+                             file_id(decode_hexenc(ident))));
         // skip past the '\n'
         ++pos;
       }
============================================================
--- lua_hooks.cc	5f4045fd523ea215bfc705555b03c4f2dbd38b45
+++ lua_hooks.cc	b1e1461c693fee496ca2a286ac3e0c1cdd31b9d3
@@ -342,7 +342,7 @@ shared_trust_function_body(Lua & ll,
 static inline bool
 shared_trust_function_body(Lua & ll,
                            set<rsa_keypair_id> const & signers,
-                           hexenc<id> const & id,
+                           hexenc<id> const & hash,
                            cert_name const & name,
                            cert_value const & val)
 {
@@ -360,7 +360,7 @@ shared_trust_function_body(Lua & ll,
 
   bool ok;
   bool exec_ok = ll
-    .push_str(id())
+    .push_str(hash())
     .push_str(name())
     .push_str(val())
     .call(4, 1)
@@ -370,6 +370,17 @@ shared_trust_function_body(Lua & ll,
   return exec_ok && ok;
 }
 
+static inline bool
+shared_trust_function_body(Lua & ll,
+                           set<rsa_keypair_id> const & signers,
+                           id const & hash,
+                           cert_name const & name,
+                           cert_value const & val)
+{
+  hexenc<id> hid(encode_hexenc(hash()));
+  return shared_trust_function_body(ll, signers, hid, name, val);
+};
+
 bool
 lua_hooks::hook_get_revision_cert_trust(set<rsa_keypair_id> const & signers,
                                        hexenc<id> const & id,
@@ -382,6 +393,17 @@ bool
 }
 
 bool
+lua_hooks::hook_get_revision_cert_trust(set<rsa_keypair_id> const & signers,
+                                       revision_id const & id,
+                                       cert_name const & name,
+                                       cert_value const & val)
+{
+  Lua ll(st);
+  ll.func("get_revision_cert_trust");
+  return shared_trust_function_body(ll, signers, id.inner(), name, val);
+}
+
+bool
 lua_hooks::hook_get_manifest_cert_trust(set<rsa_keypair_id> const & signers,
                                         hexenc<id> const & id,
                                         cert_name const & name,
@@ -393,6 +415,17 @@ bool
 }
 
 bool
+lua_hooks::hook_get_manifest_cert_trust(set<rsa_keypair_id> const & signers,
+                                        manifest_id const & id,
+                                        cert_name const & name,
+                                        cert_value const & val)
+{
+  Lua ll(st);
+  ll.func("get_manifest_cert_trust");
+  return shared_trust_function_body(ll, signers, id.inner(), name, val);
+}
+
+bool
 lua_hooks::hook_accept_testresult_change(map<rsa_keypair_id, bool> const & old_results,
                                          map<rsa_keypair_id, bool> const & new_results)
 {
============================================================
--- lua_hooks.hh	2604a4a3a5244ba91c7b74a60a5bb762b114ddc5
+++ lua_hooks.hh	61b70c6eabc81ce9cda31e8bf8eba7cdb3efc0dc
@@ -59,10 +59,18 @@ public:
                                    hexenc<id> const & id,
                                    cert_name const & name,
                                    cert_value const & val);
+  bool hook_get_revision_cert_trust(std::set<rsa_keypair_id> const & signers,
+                                   revision_id const & id,
+                                   cert_name const & name,
+                                   cert_value const & val);
   bool hook_get_manifest_cert_trust(std::set<rsa_keypair_id> const & signers,
                                     hexenc<id> const & id,
                                     cert_name const & name,
                                     cert_value const & val);
+  bool hook_get_manifest_cert_trust(std::set<rsa_keypair_id> const & signers,
+                                    manifest_id const & id,
+                                    cert_name const & name,
+                                    cert_value const & val);
   bool hook_accept_testresult_change(std::map<rsa_keypair_id, bool> const & old_results,
                                      std::map<rsa_keypair_id, bool> const & new_results);
 
============================================================
--- netsync.cc	4d388b36d00bcfa1aba5ffcb1f767f6737488673
+++ netsync.cc	306b88eccea2ad9de314702b6af3082741dcd278
@@ -391,12 +391,12 @@ session:
   // Enumerator_callbacks methods.
   set<file_id> file_items_sent;
   bool process_this_rev(revision_id const & rev);
-  bool queue_this_cert(hexenc<id> const & c);
-  bool queue_this_file(hexenc<id> const & f);
+  bool queue_this_cert(id const & c);
+  bool queue_this_file(id const & f);
   void note_file_data(file_id const & f);
   void note_file_delta(file_id const & src, file_id const & dst);
   void note_rev(revision_id const & rev);
-  void note_cert(hexenc<id> const & c);
+  void note_cert(id const & c);
 
   session(protocol_role role,
           protocol_voice voice,
@@ -658,23 +658,19 @@ session::process_this_rev(revision_id co
 bool
 session::process_this_rev(revision_id const & rev)
 {
-  id item;
-  decode_hexenc(rev.inner(), item);
-  return (rev_refiner.items_to_send.find(item)
+  return (rev_refiner.items_to_send.find(rev.inner())
           != rev_refiner.items_to_send.end());
 }
 
 bool
-session::queue_this_cert(hexenc<id> const & c)
+session::queue_this_cert(id const & c)
 {
-  id item;
-  decode_hexenc(c, item);
-  return (cert_refiner.items_to_send.find(item)
+  return (cert_refiner.items_to_send.find(c)
           != cert_refiner.items_to_send.end());
 }
 
 bool
-session::queue_this_file(hexenc<id> const & f)
+session::queue_this_file(id const & f)
 {
   return file_items_sent.find(file_id(f)) == file_items_sent.end();
 }
@@ -685,10 +681,8 @@ session::note_file_data(file_id const & 
   if (role == sink_role)
     return;
   file_data fd;
-  id item;
-  decode_hexenc(f.inner(), item);
   db.get_file_version(f, fd);
-  queue_data_cmd(file_item, item, fd.inner()());
+  queue_data_cmd(file_item, f.inner(), fd.inner()());
   file_items_sent.insert(f);
 }
 
@@ -698,11 +692,8 @@ session::note_file_delta(file_id const &
   if (role == sink_role)
     return;
   file_delta fdel;
-  id fid1, fid2;
-  decode_hexenc(src.inner(), fid1);
-  decode_hexenc(dst.inner(), fid2);
   db.get_arbitrary_file_delta(src, dst, fdel);
-  queue_delta_cmd(file_item, fid1, fid2, fdel.inner());
+  queue_delta_cmd(file_item, src.inner(), dst.inner(), fdel.inner());
   file_items_sent.insert(dst);
 }
 
@@ -712,26 +703,22 @@ session::note_rev(revision_id const & re
   if (role == sink_role)
     return;
   revision_t rs;
-  id item;
-  decode_hexenc(rev.inner(), item);
   db.get_revision(rev, rs);
   data tmp;
   write_revision(rs, tmp);
-  queue_data_cmd(revision_item, item, tmp());
+  queue_data_cmd(revision_item, rev.inner(), tmp());
 }
 
 void
-session::note_cert(hexenc<id> const & c)
+session::note_cert(id const & c)
 {
   if (role == sink_role)
     return;
-  id item;
-  decode_hexenc(c, item);
   revision<cert> cert;
   string str;
   db.get_revision_cert(c, cert);
   write_cert(cert.inner(), str);
-  queue_data_cmd(cert_item, item, str);
+  queue_data_cmd(cert_item, c, str);
 }
 
 
@@ -1304,7 +1291,7 @@ session::process_hello_cmd(rsa_keypair_i
 
   if (use_transport_auth)
     {
-      hexenc<id> their_key_hash;
+      id their_key_hash;
       encode_base64(their_key, their_key_encoded);
       key_hash_code(their_keyname, their_key_encoded, their_key_hash);
       L(FL("server key has name %s, hash %s") % their_keyname % their_key_hash);
@@ -1348,9 +1335,7 @@ session::process_hello_cmd(rsa_keypair_i
       I(db.public_key_exists(their_key_hash));
 
       // save their identity
-      id their_key_hash_decoded;
-      decode_hexenc(their_key_hash, their_key_hash_decoded);
-      this->remote_peer_key_hash = their_key_hash_decoded;
+      this->remote_peer_key_hash = their_key_hash;
     }
 
   // clients always include in the synchronization set, every branch that the
@@ -1375,10 +1360,8 @@ session::process_hello_cmd(rsa_keypair_i
       load_key_pair(keys, signing_key, our_kp);
 
       // get the hash identifier for our pubkey
-      hexenc<id> our_key_hash;
-      id our_key_hash_raw;
+      id our_key_hash;
       key_hash_code(signing_key, our_kp.pub, our_key_hash);
-      decode_hexenc(our_key_hash, our_key_hash_raw);
 
       // make a signature
       base64<rsa_sha1_signature> sig;
@@ -1388,7 +1371,7 @@ session::process_hello_cmd(rsa_keypair_i
 
       // make a new nonce of our own and send off the 'auth'
       queue_auth_cmd(this->role, our_include_pattern, our_exclude_pattern,
-                     our_key_hash_raw, nonce, mk_nonce(), sig_raw(),
+                     our_key_hash, nonce, mk_nonce(), sig_raw(),
                      their_key_encoded);
     }
   else
@@ -1521,18 +1504,15 @@ session::process_auth_cmd(protocol_role 
   I(this->remote_peer_key_hash().size() == 0);
   I(this->saved_nonce().size() == constants::merkle_hash_length_in_bytes);
 
-  hexenc<id> their_key_hash;
-  encode_hexenc(client, their_key_hash);
-
   globish_matcher their_matcher(their_include_pattern, their_exclude_pattern);
 
-  if (!db.public_key_exists(their_key_hash))
+  if (!db.public_key_exists(client))
     {
       // If it's not in the db, it still could be in the keystore if we
       // have the private key that goes with it.
       rsa_keypair_id their_key_id;
       keypair their_keypair;
-      if (keys.maybe_get_key_pair(their_key_hash, their_key_id, their_keypair))
+      if (keys.maybe_get_key_pair(client, their_key_id, their_keypair))
         db.put_key(their_key_id, their_keypair.pub);
       else
         {
@@ -1544,14 +1524,14 @@ session::process_auth_cmd(protocol_role 
                                       their_exclude_pattern);
           error(unknown_key,
                 (F("remote public key hash '%s' is unknown")
-                 % their_key_hash).str());
+                 % client).str());
         }
     }
 
   // Get their public key.
   rsa_keypair_id their_id;
   base64<rsa_pub_key> their_key;
-  db.get_pubkey(their_key_hash, their_id, their_key);
+  db.get_pubkey(client, their_id, their_key);
 
   lua.hook_note_netsync_start(session_id, "server", their_role,
                               peer_id, their_id,
@@ -1823,24 +1803,22 @@ session::data_exists(netcmd_item_type ty
 session::data_exists(netcmd_item_type type,
                      id const & item)
 {
-  hexenc<id> hitem;
-  encode_hexenc(item, hitem);
   switch (type)
     {
     case key_item:
       return key_refiner.local_item_exists(item)
-        || db.public_key_exists(hitem);
+        || db.public_key_exists(item);
     case file_item:
-      return db.file_version_exists(file_id(hitem));
+      return db.file_version_exists(file_id(item));
     case revision_item:
       return rev_refiner.local_item_exists(item)
-        || db.revision_exists(revision_id(hitem));
+        || db.revision_exists(revision_id(item));
     case cert_item:
       return cert_refiner.local_item_exists(item)
-        || db.revision_cert_exists(hitem);
+        || db.revision_cert_exists(revision_id(item));
     case epoch_item:
       return epoch_refiner.local_item_exists(item)
-        || db.epoch_exists(epoch_id(hitem));
+        || db.epoch_exists(epoch_id(item));
     }
   return false;
 }
@@ -1865,7 +1843,7 @@ session::load_data(netcmd_item_type type
       {
         branch_name branch;
         epoch_data epoch;
-        db.get_epoch(epoch_id(hitem), branch, epoch);
+        db.get_epoch(epoch_id(item), branch, epoch);
         write_epoch(branch, epoch, out);
       }
       break;
@@ -1873,7 +1851,7 @@ session::load_data(netcmd_item_type type
       {
         rsa_keypair_id keyid;
         base64<rsa_pub_key> pub_encoded;
-        db.get_pubkey(hitem, keyid, pub_encoded);
+        db.get_pubkey(item, keyid, pub_encoded);
         L(FL("public key '%s' is also called '%s'") % hitem % keyid);
         write_pubkey(keyid, pub_encoded, out);
       }
@@ -1883,7 +1861,7 @@ session::load_data(netcmd_item_type type
       {
         revision_data mdat;
         data dat;
-        db.get_revision(revision_id(hitem), mdat);
+        db.get_revision(revision_id(item), mdat);
         out = mdat.inner()();
       }
       break;
@@ -1892,7 +1870,7 @@ session::load_data(netcmd_item_type type
       {
         file_data fdat;
         data dat;
-        db.get_file_version(file_id(hitem), fdat);
+        db.get_file_version(file_id(item), fdat);
         out = fdat.inner()();
       }
       break;
@@ -1900,7 +1878,7 @@ session::load_data(netcmd_item_type type
     case cert_item:
       {
         revision<cert> c;
-        db.get_revision_cert(hitem, c);
+        db.get_revision_cert(item, c);
         string tmp;
         write_cert(c.inner(), out);
       }
@@ -1975,12 +1953,16 @@ session::process_data_cmd(netcmd_item_ty
         rsa_keypair_id keyid;
         base64<rsa_pub_key> pub;
         read_pubkey(dat, keyid, pub);
-        hexenc<id> tmp;
+        id tmp;
         key_hash_code(keyid, pub, tmp);
-        if (! (tmp == hitem))
-          throw bad_decode(F("hash check failed for public key '%s' (%s);"
-                             " wanted '%s' got '%s'")
-                           % hitem % keyid % hitem % tmp);
+        if (! (tmp == item))
+          {
+            string htmp(encode_hexenc(tmp())),
+                   hitem(encode_hexenc(item()));
+            throw bad_decode(F("hash check failed for public key '%s' (%s);"
+                               " wanted '%s' got '%s'")
+                             % hitem % keyid % hitem % htmp);
+          }
         if (db.put_key(keyid, pub))
           written_keys.push_back(keyid);
         else
@@ -1993,10 +1975,10 @@ session::process_data_cmd(netcmd_item_ty
       {
         cert c;
         read_cert(dat, c);
-        hexenc<id> tmp;
+        id tmp;
         cert_hash_code(c, tmp);
-        if (! (tmp == hitem))
-          throw bad_decode(F("hash check failed for revision cert '%s'")  % hitem);
+        if (! (tmp == item))
+          throw bad_decode(F("hash check failed for revision cert '%s'") % hitem);
         if (db.put_revision_cert(revision<cert>(c)))
           written_certs.push_back(c);
       }
@@ -2005,15 +1987,15 @@ session::process_data_cmd(netcmd_item_ty
     case revision_item:
       {
         L(FL("received revision '%s'") % hitem);
-        if (db.put_revision(revision_id(hitem), revision_data(dat)))
-          written_revisions.push_back(revision_id(hitem));
+        if (db.put_revision(revision_id(item), revision_data(dat)))
+          written_revisions.push_back(revision_id(item));
       }
       break;
 
     case file_item:
       {
         L(FL("received file '%s'") % hitem);
-        db.put_file(file_id(hitem), file_data(dat));
+        db.put_file(file_id(item), file_data(dat));
       }
       break;
     }
@@ -2028,9 +2010,6 @@ session::process_delta_cmd(netcmd_item_t
 {
   string typestr;
   netcmd_item_type_to_string(type, typestr);
-  hexenc<id> hbase, hident;
-  encode_hexenc(base, hbase);
-  encode_hexenc(ident, hident);
 
   pair<id,id> id_pair = make_pair(base, ident);
 
@@ -2040,7 +2019,7 @@ session::process_delta_cmd(netcmd_item_t
     {
     case file_item:
       {
-        file_id src_file(hbase), dst_file(hident);
+        file_id src_file(base), dst_file(ident);
         db.put_file_version(src_file, dst_file, file_delta(del));
       }
       break;
@@ -3134,9 +3113,7 @@ insert_with_parents(revision_id rev,
         {
           revs.insert(rid);
           ++revisions_ticker;
-          id rev_item;
-          decode_hexenc(rid.inner(), rev_item);
-          ref.note_local_item(rev_item);
+          ref.note_local_item(rev.inner());
           vector<revision_id> parents;
           rev_enumerator.get_revision_parents(rid, parents);
           for (vector<revision_id>::const_iterator i = parents.begin();
@@ -3183,12 +3160,10 @@ session::rebuild_merkle_trees(set<branch
             insert_with_parents(rid, rev_refiner, rev_enumerator,
                                 revision_ids, revisions_ticker);
             // Branch certs go in here, others later on.
-            hexenc<id> tmp;
             id item;
-            cert_hash_code(j->inner(), tmp);
-            decode_hexenc(tmp, item);
+            cert_hash_code(j->inner(), item);
             cert_refiner.note_local_item(item);
-            rev_enumerator.note_cert(rid, tmp);
+            rev_enumerator.note_cert(rid, item);
             if (inserted_keys.find(j->inner().key) == inserted_keys.end())
               inserted_keys.insert(j->inner().key);
           }
@@ -3219,15 +3194,13 @@ session::rebuild_merkle_trees(set<branch
         j = epochs.find(branch);
         I(j != epochs.end());
         epoch_id eid;
-        id epoch_item;
         epoch_hash_code(j->first, j->second, eid);
-        decode_hexenc(eid.inner(), epoch_item);
-        epoch_refiner.note_local_item(epoch_item);
+        epoch_refiner.note_local_item(eid.inner());
       }
   }
 
   {
-    typedef vector< pair<hexenc<id>,
+    typedef vector< pair<revision_id,
       pair<revision_id, rsa_keypair_id> > > cert_idx;
 
     cert_idx idx;
@@ -3238,18 +3211,16 @@ session::rebuild_merkle_trees(set<branch
 
     for (cert_idx::const_iterator i = idx.begin(); i != idx.end(); ++i)
       {
-        hexenc<id> const & hash = i->first;
+        revision_id const & hash = i->first;
         revision_id const & ident = i->second.first;
         rsa_keypair_id const & key = i->second.second;
 
-        rev_enumerator.note_cert(ident, hash);
+        rev_enumerator.note_cert(ident, hash.inner());
 
         if (revision_ids.find(ident) == revision_ids.end())
           continue;
 
-        id item;
-        decode_hexenc(hash, item);
-        cert_refiner.note_local_item(item);
+        cert_refiner.note_local_item(hash.inner());
         ++certs_ticker;
         if (inserted_keys.find(key) == inserted_keys.end())
             inserted_keys.insert(key);
@@ -3283,12 +3254,12 @@ session::rebuild_merkle_trees(set<branch
         {
           base64<rsa_pub_key> pub_encoded;
           db.get_key(*key, pub_encoded);
-          hexenc<id> keyhash;
+          id keyhash;
           key_hash_code(*key, pub_encoded, keyhash);
-          L(FL("noting key '%s' = '%s' to send") % *key % keyhash);
-          id key_item;
-          decode_hexenc(keyhash, key_item);
-          key_refiner.note_local_item(key_item);
+          // FIXME: conditional encode_hexenc
+          hexenc<id> hkeyhash(encode_hexenc(keyhash()));
+          L(FL("noting key '%s' = '%s' to send") % *key % hkeyhash);
+          key_refiner.note_local_item(keyhash);
           ++keys_ticker;
         }
     }
============================================================
--- packet.cc	80cc020335599c6250e070a8a7553bbded3c240e
+++ packet.cc	bf8e98ffb5ae6c741c7cd5641c1577e845cb4f80
@@ -74,7 +74,7 @@ packet_writer::consume_revision_cert(rev
 void
 packet_writer::consume_revision_cert(revision<cert> const & t)
 {
-  ost << "[rcert " << t.inner().ident() << '\n'
+  ost << "[rcert " << encode_hexenc(t.inner().ident.inner()()) << '\n'
       << "       " << t.inner().name() << '\n'
       << "       " << t.inner().key() << '\n'
       << "       " << trim_ws(t.inner().value()) << "]\n"
@@ -159,13 +159,14 @@ feed_packet_consumer
     validate_id(args);
     validate_base64(body);
 
+    id hash(decode_hexenc(args));
     data contents;
     unpack(base64<gzip<data> >(body), contents);
     if (is_revision)
-      cons.consume_revision_data(revision_id(hexenc<id>(args)),
+      cons.consume_revision_data(revision_id(hash),
                                  revision_data(contents));
     else
-      cons.consume_file_data(file_id(hexenc<id>(args)),
+      cons.consume_file_data(file_id(hash),
                              file_data(contents));
   }
 
@@ -178,10 +179,12 @@ feed_packet_consumer
     validate_no_more_args(iss);
     validate_base64(body);
 
+    id src_hash(decode_hexenc(src_id)),
+       dst_hash(decode_hexenc(dst_id));
     delta contents;
     unpack(base64<gzip<delta> >(body), contents);
-    cons.consume_file_delta(file_id(hexenc<id>(src_id)),
-                            file_id(hexenc<id>(dst_id)),
+    cons.consume_file_delta(file_id(src_hash),
+                            file_id(dst_hash),
                             file_delta(contents));
   }
   static void read_rest(istream& in, string& dest)
@@ -203,10 +206,12 @@ feed_packet_consumer
     string name;   iss >> name;   validate_certname(name);
     string keyid;  iss >> keyid;  validate_key(keyid);
     string val;    
-    read_rest(iss,val);           validate_arg_base64(val);    
+    read_rest(iss,val);           validate_arg_base64(val);
+
+    revision_id hash(decode_hexenc(certid));
     validate_base64(body);
     // canonicalize the base64 encodings to permit searches
-    cert t = cert(hexenc<id>(certid),
+    cert t = cert(hash,
                   cert_name(name),
                   base64<cert_value>(canonical_base64(val)),
                   rsa_keypair_id(keyid),
@@ -384,7 +389,7 @@ read_packets(istream & in, packet_consum
 
 #ifdef BUILD_UNIT_TESTS
 #include "unit_tests.hh"
-#include "transforms.hh"
+#include "xdelta.hh"
 
 using std::ostringstream;
 
@@ -497,9 +502,10 @@ UNIT_TEST(packet, roundabout)
     encode_base64(cert_value("peaches"), val);
     base64<rsa_sha1_signature> sig;
     encode_base64(rsa_sha1_signature("blah blah there is no way this is a valid signature"), sig);
-    // should be a type violation to use a file id here instead of a revision
-    // id, but no-one checks...
-    cert c(fid.inner(), cert_name("smell"), val,
+
+    // cert now accepts revision_id exclusively, so we need to cast the
+    // file_id to create a cert to test the packet writer with.
+    cert c(revision_id(fid.inner()()), cert_name("smell"), val,
            rsa_keypair_id("address@hidden"), sig);
     pw.consume_revision_cert(revision<cert>(c));
 
============================================================
--- project.cc	6262745ddc861ff5aa139ec8c4ef25b300db84a0
+++ project.cc	328149055826ef8e70d51f033738dd3f2ab1fa90
@@ -219,7 +219,7 @@ project_t::get_revision_cert_hashes(revi
 
 outdated_indicator
 project_t::get_revision_cert_hashes(revision_id const & rid,
-                                    std::vector<hexenc<id> > & hashes)
+                                    std::vector<id> & hashes)
 {
   return db.get_revision_certs(rid, hashes);
 }
============================================================
--- project.hh	4fce04f721322c557064635b86cfaf13fd54fc00
+++ project.hh	a2a668429cf9ea6163db1695c6780554d185ae8b
@@ -56,7 +56,7 @@ public:
                                   branch_name const & branch);
 
   outdated_indicator get_revision_cert_hashes(revision_id const & rid,
-                                              std::vector<hexenc<id> > & hashes);
+                                              std::vector<id> & hashes);
   outdated_indicator get_revision_certs(revision_id const & id,
                                         std::vector<revision<cert> > & certs);
   outdated_indicator get_revision_certs_by_name(revision_id const & id,
============================================================
--- rcs_import.cc	a4f2185e49e9a6df855815da305411888161fe76
+++ rcs_import.cc	b5a20e87d2eb6fe385c44f9b6c02c754d74dc358
@@ -41,6 +41,7 @@
 #include "sanity.hh"
 #include "transforms.hh"
 #include "ui.hh"
+#include "xdelta.hh"
 
 using std::make_pair;
 using std::map;
@@ -450,8 +451,8 @@ void
 // DB is stupid, but it's also stupid to put raw edge insert methods on the
 // DB itself. or is it? hmm.. encapsulation vs. usage guidance..
 void
-rcs_put_raw_file_edge(hexenc<id> const & old_id,
-                      hexenc<id> const & new_id,
+rcs_put_raw_file_edge(file_id const & old_id,
+                      file_id const & new_id,
                       delta const & del,
                       database & db)
 {
@@ -461,7 +462,7 @@ rcs_put_raw_file_edge(hexenc<id> const &
       return;
     }
 
-  if (db.file_version_exists(file_id(old_id)))
+  if (db.file_version_exists(old_id))
     {
       // we already have a way to get to this old version,
       // no need to insert another reconstruction path
@@ -470,18 +471,18 @@ rcs_put_raw_file_edge(hexenc<id> const &
   else
     {
       I(db.file_or_manifest_base_exists(new_id, "files")
-        || db.delta_exists(new_id, "file_deltas"));
-      db.put_file_delta(file_id(old_id), file_id(new_id), file_delta(del));
+        || db.delta_exists(new_id.inner(), "file_deltas"));
+      db.put_file_delta(old_id, new_id, file_delta(del));
     }
 }
 
 
 static void
 insert_into_db(data const & curr_data,
-               hexenc<id> const & curr_id,
+               file_id const & curr_id,
                vector< piece > const & next_lines,
                data & next_data,
-               hexenc<id> & next_id,
+               file_id & next_id,
                database & db)
 {
   // inserting into the DB
@@ -495,7 +496,7 @@ insert_into_db(data const & curr_data,
   }
   delta del;
   diff(curr_data, next_data, del);
-  calculate_ident(next_data, next_id);
+  calculate_ident(file_data(next_data), next_id);
   rcs_put_raw_file_edge(next_id, curr_id, del, db);
 }
 
@@ -562,7 +563,7 @@ process_branch(string const & begin_vers
 process_branch(string const & begin_version,
                vector< piece > const & begin_lines,
                data const & begin_data,
-               hexenc<id> const & begin_id,
+               file_id const & begin_id,
                rcs_file const & r,
                database & db,
                cvs_history & cvs)
@@ -573,7 +574,7 @@ process_branch(string const & begin_vers
                                            (begin_lines.begin(),
                                             begin_lines.end()));
   data curr_data(begin_data), next_data;
-  hexenc<id> curr_id(begin_id), next_id;
+  file_id curr_id(begin_id), next_id;
 
   while(! (r.deltas.find(curr_version) == r.deltas.end()))
     {
@@ -597,7 +598,7 @@ process_branch(string const & begin_vers
            next_version);
 
          insert_into_db(curr_data, curr_id,
-                     *next_lines, next_data, next_id, db);
+                        *next_lines, next_data, next_id, db);
       }
 
       // mark the beginning-of-branch time and state of this file if
@@ -626,7 +627,7 @@ process_branch(string const & begin_vers
         {
           string branch;
           data branch_data;
-          hexenc<id> branch_id;
+          file_id branch_id;
           vector< piece > branch_lines;
           bool priv = false;
           map<string, string>::const_iterator be = cvs.branch_first_entries.find(*i);
@@ -676,14 +677,13 @@ import_rcs_file_with_cvs(string const & 
     I(r.deltatexts.find(r.admin.head) != r.deltatexts.end());
     I(r.deltas.find(r.admin.head) != r.deltas.end());
 
-    hexenc<id> id;
-    data dat(r.deltatexts.find(r.admin.head)->second->text);
-    calculate_ident(dat, id);
-    file_id fid(id);
+    file_id fid;
+    file_data dat(r.deltatexts.find(r.admin.head)->second->text);
+    calculate_ident(dat, fid);
 
-    cvs.set_filename (filename, fid);
+    cvs.set_filename(filename, fid);
     cvs.index_branchpoint_symbols (r);
-    db.put_file(fid, file_data(dat));
+    db.put_file(fid, dat);
 
     {
       // create the head state in case it is a loner
@@ -695,7 +695,7 @@ import_rcs_file_with_cvs(string const & 
 
     global_pieces.reset();
     global_pieces.index_deltatext(r.deltatexts.find(r.admin.head)->second, head_lines);
-    process_branch(r.admin.head, head_lines, dat, id, r, db, cvs);
+    process_branch(r.admin.head, head_lines, dat.inner(), fid, r, db, cvs);
     global_pieces.reset();
   }
 
============================================================
--- revision.cc	725c74dec3553f8e4a5f5d341b7101518fb83aba
+++ revision.cc	4a41ef9fed97cf361449b9d452d55a4d90477f74
@@ -338,7 +338,7 @@ calculate_ancestors_from_graph(interner<
   while (! stk.empty())
     {
       ctx us = stk.top();
-      revision_id rev(hexenc<id>(intern.lookup(us)));
+      revision_id rev(intern.lookup(us));
 
       pair<gi,gi> parents = graph.equal_range(rev);
       bool pushed = false;
@@ -943,7 +943,7 @@ void anc_graph::write_certs()
           cert_value val(j->second.second);
 
           cert new_cert;
-          make_simple_cert(rev.inner(), name, val, db, keys, new_cert);
+          make_simple_cert(rev, name, val, db, keys, new_cert);
           revision<cert> rcert(new_cert);
           if (db.put_revision_cert(rcert))
             ++n_certs_out;
@@ -1703,7 +1703,7 @@ build_changesets_from_manifest_ancestry(
       cert_value tv;
       decode_base64(i->inner().value, tv);
       manifest_id child, parent;
-      child = manifest_id(i->inner().ident);
+      child = manifest_id(i->inner().ident.inner());
       parent = manifest_id(tv());
 
       u64 parent_node = graph.add_node_for_old_manifest(parent);
@@ -1779,7 +1779,7 @@ print_edge(basic_io::printer & printer,
            edge_entry const & e)
 {
   basic_io::stanza st;
-  st.push_hex_pair(syms::old_revision, edge_old_revision(e).inner());
+  st.push_binary_pair(syms::old_revision, edge_old_revision(e).inner());
   printer.print_stanza(st);
   print_cset(printer, edge_changes(e));
 }
@@ -1794,7 +1794,7 @@ print_insane_revision(basic_io::printer 
   printer.print_stanza(format_stanza);
 
   basic_io::stanza manifest_stanza;
-  manifest_stanza.push_hex_pair(syms::new_manifest, rev.new_manifest.inner());
+  manifest_stanza.push_binary_pair(syms::new_manifest, rev.new_manifest.inner());
   printer.print_stanza(manifest_stanza);
 
   for (edge_map::const_iterator edge = rev.edges.begin();
@@ -1912,7 +1912,7 @@ void calculate_ident(revision_t const & 
                      revision_id & ident)
 {
   data tmp;
-  hexenc<id> tid;
+  id tid;
   write_revision(cs, tmp);
   calculate_ident(tmp, tid);
   ident = revision_id(tid);
============================================================
--- roster.cc	0ab37af195f9be17a9a4ffe1db7a2c6b2b84440d
+++ roster.cc	1d508653551de89ff92e579572bb4f810b067e9c
@@ -2470,17 +2470,17 @@ push_marking(basic_io::stanza & st,
 {
 
   I(!null_id(mark.birth_revision));
-  st.push_hex_pair(basic_io::syms::birth, mark.birth_revision.inner());
+  st.push_binary_pair(basic_io::syms::birth, mark.birth_revision.inner());
 
   for (set<revision_id>::const_iterator i = mark.parent_name.begin();
        i != mark.parent_name.end(); ++i)
-    st.push_hex_pair(basic_io::syms::path_mark, i->inner());
+    st.push_binary_pair(basic_io::syms::path_mark, i->inner());
 
   if (is_file)
     {
       for (set<revision_id>::const_iterator i = mark.file_content.begin();
            i != mark.file_content.end(); ++i)
-        st.push_hex_pair(basic_io::syms::content_mark, i->inner());
+        st.push_binary_pair(basic_io::syms::content_mark, i->inner());
     }
   else
     I(mark.file_content.empty());
@@ -2490,7 +2490,7 @@ push_marking(basic_io::stanza & st,
     {
       for (set<revision_id>::const_iterator j = i->second.begin();
            j != i->second.end(); ++j)
-        st.push_hex_triple(basic_io::syms::attr_mark, i->first(), j->inner());
+        st.push_binary_triple(basic_io::syms::attr_mark, i->first(), j->inner());
     }
 }
 
@@ -2563,7 +2563,7 @@ roster_t::print_to(basic_io::printer & p
           {
             file_t ftmp = downcast_to_file_t(curr);
             st.push_str_pair(basic_io::syms::file, i.path());
-            st.push_hex_pair(basic_io::syms::content, ftmp->content.inner());
+            st.push_binary_pair(basic_io::syms::content, ftmp->content.inner());
           }
       }
 
============================================================
--- roster_delta.cc	dc0b4bc54afd8cca8a3f1364597c0f469d90eaee
+++ roster_delta.cc	1c7bb6d30b4a3701b962bab9e8956881f0a4fcea
@@ -317,7 +317,7 @@ namespace 
         basic_io::stanza st;
         push_nid(syms::add_file, i->second.first, st);
         push_loc(i->first, st);
-        st.push_hex_pair(syms::content, i->second.second.inner());
+        st.push_binary_pair(syms::content, i->second.second.inner());
         printer.print_stanza(st);
       }
     for (roster_delta_t::deltas_applied_t::const_iterator
@@ -325,7 +325,7 @@ namespace 
       {
         basic_io::stanza st;
         push_nid(syms::delta, i->first, st);
-        st.push_hex_pair(syms::content, i->second.inner());
+        st.push_binary_pair(syms::content, i->second.inner());
         printer.print_stanza(st);
       }
     for (roster_delta_t::attrs_cleared_t::const_iterator
============================================================
--- schema_migration.cc	984d2be648568890ff9994d457d84c434e74d285
+++ schema_migration.cc	4aa8a68eb05b00589579480c30bcd2b8e3c6e71e
@@ -273,9 +273,9 @@ sqlite_sha1_fn(sqlite3_context *f, int n
         }
     }
 
-  hexenc<id> sha;
-  calculate_ident(data(tmp), sha);
-  sqlite3_result_text(f, sha().c_str(), sha().size(), SQLITE_TRANSIENT);
+  id hash;
+  calculate_ident(data(tmp), hash);
+  sqlite3_result_blob(f, hash().c_str(), hash().size(), SQLITE_TRANSIENT);
 }
 
 static void
@@ -846,9 +846,10 @@ calculate_schema_id(sqlite3 * db, string
       schema += " PRAGMA user_version = ";
       schema += boost::lexical_cast<string>(code);
     }
-  hexenc<id> tid;
+
+  id tid;
   calculate_ident(data(schema), tid);
-  ident = tid();
+  ident = encode_hexenc(tid());
 }
 
 // Look through the migration_events table and return a pointer to the entry
============================================================
--- sha1.cc	a63699d0eae30164c447c33cc632a6c768d6ec2b
+++ sha1.cc	233a3432e8469854a7840fc02bfd872379b2f40b
@@ -105,7 +105,7 @@ CMD_HIDDEN(benchmark_sha1, "benchmark_sh
        i != registry().end(); ++i)
     {
       maker_to_be_benchmarked = i->second.second;
-      hexenc<id> foo;
+      id foo;
       double start = cpu_now();
       calculate_ident(test_data, foo);
       double end = cpu_now();
============================================================
--- tester.cc	c4ddb0b7774c9b6a2a7a97b4fe0cfd65b712bb90
+++ tester.cc	f8a82bbf46eb65c1bb81606083157468f3f16316
@@ -7,6 +7,8 @@
 #include "vector.hh"
 #include "sanity.hh"
 #include <boost/lexical_cast.hpp>
+#include <botan/hex.h>
+#include <botan/pipe.h>
 #include <cstring>
 
 using std::string;
============================================================
--- transforms.cc	16f38ee4a45f73737a16534bb82f46863b3730cb
+++ transforms.cc	9b1b91ae6f41712a54898a347a63579c17971667
@@ -181,40 +181,18 @@ template void unpack<delta>(base64< gzip
 template void unpack<data>(base64< gzip<data> > const &, data &);
 template void unpack<delta>(base64< gzip<delta> > const &, delta &);
 
-// diffing and patching
 
-void
-diff(data const & olddata,
-     data const & newdata,
-     delta & del)
-{
-  string unpacked;
-  compute_delta(olddata(), newdata(), unpacked);
-  del = delta(unpacked);
-}
-
-void
-patch(data const & olddata,
-      delta const & del,
-      data & newdata)
-{
-  string result;
-  apply_delta(olddata(), del(), result);
-  newdata = data(result);
-}
-
 // identifier (a.k.a. sha1 signature) calculation
 
 void
 calculate_ident(data const & dat,
-                hexenc<id> & ident)
+                id & ident)
 {
   try
     {
-      Botan::Pipe p(new Botan::Hash_Filter("SHA-160"),
-                    new Botan::Hex_Encoder(Botan::Hex_Encoder::Lowercase));
+      Botan::Pipe p(new Botan::Hash_Filter("SHA-160"));
       p.process_msg(dat());
-      ident = hexenc<id>(p.read_all_as_string());
+      ident = id(p.read_all_as_string());
     }
   catch (Botan::Exception & e)
     {
@@ -226,7 +204,7 @@ calculate_ident(file_data const & dat,
 calculate_ident(file_data const & dat,
                 file_id & ident)
 {
-  hexenc<id> tmp;
+  id tmp;
   calculate_ident(dat.inner(), tmp);
   ident = file_id(tmp);
 }
@@ -235,7 +213,7 @@ calculate_ident(manifest_data const & da
 calculate_ident(manifest_data const & dat,
                 manifest_id & ident)
 {
-  hexenc<id> tmp;
+  id tmp;
   calculate_ident(dat.inner(), tmp);
   ident = manifest_id(tmp);
 }
@@ -244,7 +222,7 @@ calculate_ident(revision_data const & da
 calculate_ident(revision_data const & dat,
                 revision_id & ident)
 {
-  hexenc<id> tmp;
+  id tmp;
   calculate_ident(dat.inner(), tmp);
   ident = revision_id(tmp);
 }
@@ -298,10 +276,10 @@ UNIT_TEST(transform, calculate_ident)
 UNIT_TEST(transform, calculate_ident)
 {
   data input(string("the only blender which can be turned into the most powerful vaccum cleaner"));
-  hexenc<id> output;
+  id output;
   string ident("86e03bdb3870e2a207dfd0dcbfd4c4f2e3bc97bd");
   calculate_ident(input, output);
-  UNIT_TEST_CHECK(output() == ident);
+  UNIT_TEST_CHECK(output() == decode_hexenc(ident));
 }
 
 UNIT_TEST(transform, corruption_check)
============================================================
--- transforms.hh	54ea9d901a7f870c2e5ee46b5c3a99e868eb1ad9
+++ transforms.hh	79df8cc6117ecb60117ffa7dc22511dc45a84216
@@ -54,7 +54,6 @@ void decode_base64(base64<T> const & in,
 void decode_base64(base64<T> const & in, T & out)
 { out = T(xform<Botan::Base64_Decoder>(in())); }
 
-
 // hex encoding
 
 template <typename T>
@@ -96,21 +95,10 @@ void unpack(base64< gzip<T> > const & in
 void unpack(base64< gzip<T> > const & in, T & out);
 
 
-// diffing and patching
-
-void diff(data const & olddata,
-          data const & newdata,
-          delta & del);
-
-void patch(data const & olddata,
-           delta const & del,
-           data & newdata);
-
-
 // version (a.k.a. sha1 fingerprint) calculation
 
 void calculate_ident(data const & dat,
-                     hexenc<id> & ident);
+                     id & ident);
 
 void calculate_ident(file_data const & dat,
                      file_id & ident);
============================================================
--- vocab.cc	adc1c12688fdc842175abf939de38f92b3654df7
+++ vocab.cc	d966715de6cefce23b41320e88cdb28ca035405f
@@ -13,6 +13,7 @@
 #include "hash_map.hh"
 #include "sanity.hh"
 #include "vocab.hh"
+#include "transforms.hh"
 
 using std::string;
 
@@ -158,13 +159,14 @@ symtab_impl
 
 // Sometimes it's handy to have a non-colliding, meaningless id.
 
-hexenc<id>
+id
 fake_id()
 {
   static u32 counter = 0;
   ++counter;
   I(counter >= 1); // detect overflow
-  return hexenc<id>((FL("00000000000000000000000000000000%08x") % counter).str());
+  string s((FL("00000000000000000000000000000000%08x") % counter).str());
+  return id(decode_hexenc(s));
 }
 
 // instantiation of various vocab functions
============================================================
--- vocab.hh	8c831a796771018eb1b2d28f56dc8e2f9b4d4e55
+++ vocab.hh	6d861210ecb11e8378ca3dfa2365f414973526ed
@@ -102,11 +102,12 @@ inline bool is_space(char x)
 // most of the time you want to use these typedefs and forget
 // about the stuff in vocab_terms.hh
 
-typedef revision< hexenc<id> >  revision_id;
-typedef manifest< hexenc<id> >  manifest_id;
-typedef     file< hexenc<id> >      file_id;
-typedef      key< hexenc<id> >       key_id;
-typedef    epoch< hexenc<id> >     epoch_id;
+typedef revision<id>  revision_id;
+typedef manifest<id>  manifest_id;
+typedef     file<id>      file_id;
+typedef      key<id>       key_id;
+typedef    epoch<id>     epoch_id;
+
 typedef    epoch< hexenc<data> > epoch_data;
 
 typedef revision< data >   revision_data;
@@ -150,6 +151,12 @@ inline bool
 
 // do these belong here?
 inline bool
+null_id(id const & i)
+{
+  return i().empty();
+}
+
+inline bool
 null_id(hexenc<id> const & i)
 {
   return i().empty();
@@ -174,7 +181,7 @@ null_id(revision_id const & i)
 }
 
 
-hexenc<id>
+id
 fake_id();
 
 // Local Variables:
============================================================
--- vocab_terms.hh	80283d95bc08f3a9f8c1c503ebeebb51b03c384e
+++ vocab_terms.hh	c7639f8cb74d33a18455a9f46814c1c6839e3d37
@@ -62,14 +62,18 @@ ATOMIC_NOVERIFY(merkle);      // raw enc
 
 // instantiate those bits of the template vocabulary actually in use.
 
+EXTERN template class       revision<id>;
+EXTERN template class         roster<id>;
+EXTERN template class       manifest<id>;
+EXTERN template class           file<id>;
+
+// hex encoded ids are no longer typed
 EXTERN template class           hexenc<id>;
-EXTERN template class revision< hexenc<id> >;
-EXTERN template class   roster< hexenc<id> >;
-EXTERN template class manifest< hexenc<id> >;
-EXTERN template class     file< hexenc<id> >;
-EXTERN template class      key< hexenc<id> >;
-EXTERN template class    epoch< hexenc<id> >;
 
+
+EXTERN template class              key<id>;
+EXTERN template class            epoch<id>;
+
 EXTERN template class     hexenc<inodeprint>;
 
 EXTERN template class           hexenc<data>;
@@ -104,9 +108,21 @@ EXTERN template class base64<data>;
 EXTERN template class base64<merkle>;
 EXTERN template class base64<data>;
 
+
 // instantiate those bits of the stream operator vocab (again) actually in
 // use. "again" since stream operators are friends, not members.
 
+/*
+hum... which operators are really needed and which not?
+EXTERN template std::ostream & operator<< <>(std::ostream &,           id   const &);
+EXTERN template std::ostream & operator<< <>(std::ostream &, revision<id> const &);
+EXTERN template std::ostream & operator<< <>(std::ostream &,   roster<id> const &);
+EXTERN template std::ostream & operator<< <>(std::ostream &, manifest<id> const &);
+*/
+EXTERN template std::ostream & operator<< <>(std::ostream &,     file<id> const &);
+//EXTERN template std::ostream & operator<< <>(std::ostream &,    epoch<id> const &);
+
+
 EXTERN template std::ostream & operator<< <>(std::ostream &,           hexenc<id>   const &);
 EXTERN template std::ostream & operator<< <>(std::ostream &, revision< hexenc<id> > const &);
 EXTERN template std::ostream & operator<< <>(std::ostream &,   roster< hexenc<id> > const &);
@@ -114,6 +130,8 @@ EXTERN template std::ostream & operator<
 EXTERN template std::ostream & operator<< <>(std::ostream &,     file< hexenc<id> > const &);
 EXTERN template std::ostream & operator<< <>(std::ostream &,    epoch< hexenc<id> > const &);
 
+
+
 EXTERN template std::ostream & operator<< <>(std::ostream &,     hexenc<inodeprint> const &);
 
 EXTERN template std::ostream & operator<< <>(std::ostream &,           roster<data> const &);
============================================================
--- work.cc	7855294ba0c0228c5c0c19c15dc974f03e6ecf05
+++ work.cc	7daaba0b69cfb1eadf3b2d4c2148e9f908f857b6
@@ -901,9 +901,8 @@ editable_working_tree::apply_delta(file_
   require_path_is_file(pth,
                        F("file '%s' does not exist") % pth,
                        F("file '%s' is a directory") % pth);
-  hexenc<id> curr_id_raw;
-  calculate_ident(pth, curr_id_raw);
-  file_id curr_id(curr_id_raw);
+  file_id curr_id;
+  calculate_ident(pth, curr_id);
   E(curr_id == old_id,
     F("content of file '%s' has changed, not overwriting") % pth);
   P(F("modifying %s") % pth);
============================================================
--- xdelta.cc	79962de38df4229c73bf840092fdb177a116c92d
+++ xdelta.cc	a5a5ce3a1ed7c9dead79c526e382237697d54c04
@@ -451,6 +451,30 @@ apply_delta(string const & a,
   da->finish(b);
 }
 
+
+// diffing and patching
+
+void
+diff(data const & olddata,
+     data const & newdata,
+     delta & del)
+{
+  string unpacked;
+  compute_delta(olddata(), newdata(), unpacked);
+  del = delta(unpacked);
+}
+
+void
+patch(data const & olddata,
+      delta const & del,
+      data & newdata)
+{
+  string result;
+  apply_delta(olddata(), del(), result);
+  newdata = data(result);
+}
+
+
 // piecewise-applicator stuff follows (warning: ugly)
 
 typedef string::size_type version_pos;
============================================================
--- xdelta.hh	de21a784eef8cf890418f3e9685a47005742763e
+++ xdelta.hh	f8be14aa8c299a8b1bb241c4eafabcb34fff20f6
@@ -11,6 +11,7 @@
 // PURPOSE.
 
 #include <boost/shared_ptr.hpp>
+#include "vocab.hh"
 
 void
 compute_delta(std::string const & a,
@@ -23,6 +24,17 @@ apply_delta(std::string const & a,
             std::string & b);
 
 
+// diffing and patching
+
+void diff(data const & olddata,
+          data const & newdata,
+          delta & del);
+
+void patch(data const & olddata,
+           delta const & del,
+           data & newdata);
+
+
 struct delta_applicator
 {
   virtual ~delta_applicator () {}