diff --git a/Podfile.lock b/Podfile.lock
index 2f672862a..79a4f123f 100644
--- a/Podfile.lock
+++ b/Podfile.lock
@@ -309,7 +309,7 @@ SPEC CHECKSUMS:
   SAMKeychain: 483e1c9f32984d50ca961e26818a534283b4cd5c
   SignalCoreKit: c2d8132cdedb95d35eb2f8ae7eac0957695d0a8b
   SignalMetadataKit: 6fa5e9a53c7f104568662521a2f3874672ff7a02
-  SignalServiceKit: d705b3264177c5d4162af9d266c9ca6af7181191
+  SignalServiceKit: 5c5b63a39d5054201ab59ef6daf0fa0a1a0c7887
   SQLCipher: efbdb52cdbe340bcd892b1b14297df4e07241b7f
   SSZipArchive: 8e859da2520142e09166bc9161967db296e9d02f
   Starscream: ef3ece99d765eeccb67de105bfa143f929026cf5
@@ -317,6 +317,6 @@ SPEC CHECKSUMS:
   YapDatabase: b418a4baa6906e8028748938f9159807fd039af4
   YYImage: 1e1b62a9997399593e4b9c4ecfbbabbf1d3f3b54
 
-PODFILE CHECKSUM: d7c222f400892f5c056cb2ec3517da1ac1e10238
+PODFILE CHECKSUM: 10152a1fffafd51206b62fdd8cac86a5de8cf083
 
 COCOAPODS: 1.7.2
diff --git a/Pods b/Pods
index c30c8edc5..d9ab8b130 160000
--- a/Pods
+++ b/Pods
@@ -1 +1 @@
-Subproject commit c30c8edc5df09744e7091da12c2839762cb580ae
+Subproject commit d9ab8b13002bf6ebc932ca4f45df56b577b6a188
diff --git a/Signal/Signal-Info.plist b/Signal/Signal-Info.plist
index 752b44856..2bddfb004 100644
--- a/Signal/Signal-Info.plist
+++ b/Signal/Signal-Info.plist
@@ -6,14 +6,10 @@
 	<dict>
 		<key>CarthageVersion</key>
 		<string>0.33.0</string>
-		<key>DateTime</key>
-		<string>Thu Jul 18 04:53:39 UTC 2019</string>
 		<key>OSXVersion</key>
-		<string>10.14.5</string>
+		<string>10.14.6</string>
 		<key>WebRTCCommit</key>
 		<string>1445d719bf05280270e9f77576f80f973fd847f8 M73</string>
-		<key>XCodeVersion</key>
-		<string>1000.1020</string>
 	</dict>
 	<key>CFBundleDevelopmentRegion</key>
 	<string>en</string>
diff --git a/Signal/src/AppDelegate.m b/Signal/src/AppDelegate.m
index a15eb1931..2bc85e8bd 100644
--- a/Signal/src/AppDelegate.m
+++ b/Signal/src/AppDelegate.m
@@ -1493,7 +1493,7 @@ static NSTimeInterval launchStartedAt;
     if (isPublicChatSetUp) { return; }
     NSString *title = NSLocalizedString(@"Loki Public Chat", @"");
     NSData *groupID = [[[LKGroupChatAPI.serverURL stringByAppendingString:@"."] stringByAppendingString:@(LKGroupChatAPI.publicChatID).stringValue] dataUsingEncoding:NSUTF8StringEncoding];
-    TSGroupModel *group = [[TSGroupModel alloc] initWithTitle:title memberIds:@[ OWSIdentityManager.sharedManager.identityKeyPair.hexEncodedPublicKey ] image:nil groupId:groupID];
+    TSGroupModel *group = [[TSGroupModel alloc] initWithTitle:title memberIds:@[ OWSIdentityManager.sharedManager.identityKeyPair.hexEncodedPublicKey, LKGroupChatAPI.serverURL ] image:nil groupId:groupID];
     __block TSGroupThread *thread;
     [OWSPrimaryStorage.dbReadWriteConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) {
         thread = [TSGroupThread getOrCreateThreadWithGroupModel:group transaction:transaction];
diff --git a/SignalServiceKit.podspec b/SignalServiceKit.podspec
index 7e4126d02..e4b5c150d 100644
--- a/SignalServiceKit.podspec
+++ b/SignalServiceKit.podspec
@@ -21,7 +21,7 @@ An Objective-C library for communicating with the Signal messaging service.
   s.source           = { :git => "https://github.com/signalapp/SignalServiceKit.git", :tag => s.version.to_s }
   s.social_media_url = 'https://twitter.com/FredericJacobs'
 
-  s.platform     = :ios, '9.0'
+  s.platform     = :ios, '10.0'
   #s.ios.deployment_target = '9.0'
   #s.osx.deployment_target = '10.9'
   s.requires_arc = true
diff --git a/SignalServiceKit/src/Loki/API/LokiGroupChatAPI.swift b/SignalServiceKit/src/Loki/API/LokiGroupChatAPI.swift
index 5309235d9..92a7e4cd8 100644
--- a/SignalServiceKit/src/Loki/API/LokiGroupChatAPI.swift
+++ b/SignalServiceKit/src/Loki/API/LokiGroupChatAPI.swift
@@ -8,27 +8,55 @@ public final class LokiGroupChatAPI : NSObject {
     private static let batchCount = 8
     @objc public static let publicChatMessageType = "network.loki.messenger.publicChat"
     @objc public static let publicChatID = 1
+    private static let tokenCollection = "LokiGroupChatTokenCollection"
     
-    internal static var userDisplayName: String {
-        return SSKEnvironment.shared.contactsManager.displayName(forPhoneIdentifier: userHexEncodedPublicKey) ?? "Anonymous"
-    }
-    
-    private static var userHexEncodedPublicKey: String {
-        return OWSIdentityManager.shared().identityKeyPair()!.hexEncodedPublicKey
-    }
+    internal static var userDisplayName: String { return SSKEnvironment.shared.contactsManager.displayName(forPhoneIdentifier: userHexEncodedPublicKey) ?? "Anonymous" }
+    private static var userKeyPair: ECKeyPair { return OWSIdentityManager.shared().identityKeyPair()! }
+    private static var userHexEncodedPublicKey: String { return userKeyPair.hexEncodedPublicKey }
     
     public enum Error : Swift.Error {
-        case tokenParsingFailed, messageParsingFailed
+        case tokenParsingFailed, tokenDecryptionFailed, messageParsingFailed
     }
     
-    public static func getEncryptedToken() -> Promise<String> {
+    private static func getTokenFromServer() -> Promise<String> {
         print("[Loki] Getting group chat auth token.")
-        let url = URL(string: "\(serverURL)/loki/v1/getToken")!
-        let parameters = [ "pubKey" : userHexEncodedPublicKey ]
-        let request = TSRequest(url: url, method: "POST", parameters: parameters)
+        let url = URL(string: "\(serverURL)/loki/v1/get_challenge?pubKey=\(userHexEncodedPublicKey)")!
+        let request = TSRequest(url: url)
         return TSNetworkManager.shared().makePromise(request: request).map { $0.responseObject }.map { rawResponse in
-            guard let json = rawResponse as? JSON, let encryptedToken = json["cipherText64"] as? String else { throw Error.tokenParsingFailed }
-            return encryptedToken
+            guard let json = rawResponse as? JSON, let base64EncodedChallenge = json["cipherText64"] as? String, let base64EncodedServerPublicKey = json["serverPubKey64"] as? String,
+                let challenge = Data(base64Encoded: base64EncodedChallenge), var serverPublicKey = Data(base64Encoded: base64EncodedServerPublicKey) else {
+                throw Error.tokenParsingFailed
+            }
+            // Discard the "05" prefix if needed
+            if (serverPublicKey.count == 33) {
+                let hexEncodedServerPublicKey = serverPublicKey.hexadecimalString
+                serverPublicKey = Data.data(fromHex: hexEncodedServerPublicKey.substring(from: 2))!
+            }
+            // The challenge is prefixed by the 16 bit IV
+            guard let tokenAsData = try? DiffieHellman.decrypt(challenge, publicKey: serverPublicKey, privateKey: userKeyPair.privateKey),
+                let token = String(bytes: tokenAsData, encoding: .utf8), token.count > 0 else {
+                throw Error.tokenDecryptionFailed
+            }
+            return token
+        }
+    }
+    
+    internal static func submitToken(_ token: String) -> Promise<String> {
+        print("[Loki] Submitting group chat auth token.")
+        let url = URL(string: "\(serverURL)/loki/v1/submit_challenge")!
+        let parameters = [ "pubKey" : userHexEncodedPublicKey, "token" : token ]
+        let request = TSRequest(url: url, method: "POST", parameters: parameters)
+        return TSNetworkManager.shared().makePromise(request: request).map { _ in token }
+    }
+    
+    internal static func getToken() -> Promise<String> {
+        if let token = storage.dbReadConnection.string(forKey: serverURL, inCollection: tokenCollection), token.count > 0 {
+            return Promise.value(token)
+        } else {
+            return getTokenFromServer().then { submitToken($0) }.map { token -> String in
+                storage.dbReadWriteConnection.setObject(token, forKey: serverURL, inCollection: tokenCollection)
+                return token
+            }
         }
     }
     
@@ -44,7 +72,8 @@ public final class LokiGroupChatAPI : NSObject {
             }
             return rawMessages.flatMap { message in
                 guard let annotations = message["annotations"] as? [JSON], let annotation = annotations.first, let value = annotation["value"] as? JSON,
-                    let serverID = message["id"] as? UInt, let body = message["text"] as? String, let hexEncodedPublicKey = value["source"] as? String, let displayName = value["from"] as? String, let timestamp = value["timestamp"] as? UInt64 else {
+                    let serverID = message["id"] as? UInt, let body = message["text"] as? String, let hexEncodedPublicKey = value["source"] as? String, let displayName = value["from"] as? String,
+                    let timestamp = value["timestamp"] as? UInt64 else {
                         print("[Loki] Couldn't parse message for group chat with ID: \(group) from: \(message).")
                         return nil
                 }
@@ -55,19 +84,25 @@ public final class LokiGroupChatAPI : NSObject {
     }
     
     public static func sendMessage(_ message: LokiGroupMessage, to group: UInt) -> Promise<LokiGroupMessage> {
-        print("[Loki] Sending message to group chat with ID: \(group).")
-        let url = URL(string: "\(serverURL)/channels/\(group)/messages")!
-        let parameters = message.toJSON()
-        let request = TSRequest(url: url, method: "POST", parameters: parameters)
-        request.allHTTPHeaderFields = [ "Content-Type" : "application/json", "Authorization" : "Bearer loki" ]
-        let displayName = userDisplayName
-        return TSNetworkManager.shared().makePromise(request: request).map { $0.responseObject }.map { rawResponse in
-            guard let json = rawResponse as? JSON, let message = json["data"] as? JSON, let serverID = message["id"] as? UInt, let body = message["text"] as? String, let dateAsString = message["created_at"] as? String, let date = ISO8601DateFormatter().date(from: dateAsString) else {
-                print("[Loki] Couldn't parse messages for group chat with ID: \(group) from: \(rawResponse).")
-                throw Error.messageParsingFailed
+        return getToken().then { token -> Promise<LokiGroupMessage> in
+            print("[Loki] Sending message to group chat with ID: \(group).")
+            let url = URL(string: "\(serverURL)/channels/\(group)/messages")!
+            let parameters = message.toJSON()
+            let request = TSRequest(url: url, method: "POST", parameters: parameters)
+            request.allHTTPHeaderFields = [ "Content-Type" : "application/json", "Authorization" : "Bearer \(token)" ]
+            let displayName = userDisplayName
+            return TSNetworkManager.shared().makePromise(request: request).map { $0.responseObject }.map { rawResponse in
+                // ISO8601DateFormatter doesn't support milliseconds before iOS 11
+                let dateFormatter = DateFormatter()
+                dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss.SSSZ"
+                guard let json = rawResponse as? JSON, let message = json["data"] as? JSON, let serverID = message["id"] as? UInt, let body = message["text"] as? String,
+                    let dateAsString = message["created_at"] as? String, let date = dateFormatter.date(from: dateAsString) else {
+                    print("[Loki] Couldn't parse messages for group chat with ID: \(group) from: \(rawResponse).")
+                    throw Error.messageParsingFailed
+                }
+                let timestamp = UInt64(date.timeIntervalSince1970) * 1000
+                return LokiGroupMessage(serverID: serverID, hexEncodedPublicKey: userHexEncodedPublicKey, displayName: displayName, body: body, type: publicChatMessageType, timestamp: timestamp)
             }
-            let timestamp = UInt64(date.timeIntervalSince1970) * 1000
-            return LokiGroupMessage(serverID: serverID, hexEncodedPublicKey: userHexEncodedPublicKey, displayName: displayName, body: body, type: publicChatMessageType, timestamp: timestamp)
         }
     }
     
diff --git a/SignalServiceKit/src/Loki/Crypto/DiffieHellman.swift b/SignalServiceKit/src/Loki/Crypto/DiffieHellman.swift
new file mode 100644
index 000000000..874a698e3
--- /dev/null
+++ b/SignalServiceKit/src/Loki/Crypto/DiffieHellman.swift
@@ -0,0 +1,39 @@
+import CryptoSwift
+import Curve25519Kit
+
+public enum DiffieHellman {
+    
+    public static let ivLength: Int32 = 16;
+    
+    public static func encrypt(_ plainTextData: Data, using symmetricKey: Data) throws -> Data {
+        let iv = Randomness.generateRandomBytes(ivLength)!
+        let ivBytes = [UInt8](iv)
+        let symmetricKeyBytes = [UInt8](symmetricKey)
+        let messageBytes = [UInt8](plainTextData)
+        let blockMode = CBC(iv: ivBytes)
+        let aes = try AES(key: symmetricKeyBytes, blockMode: blockMode)
+        let cipherText = try aes.encrypt(messageBytes)
+        let ivAndCipher = ivBytes + cipherText
+        return Data(bytes: ivAndCipher, count: ivAndCipher.count)
+    }
+    
+    public static func encrypt(_ plainTextData: Data, publicKey: Data, privateKey: Data) throws -> Data {
+        let symmetricKey = try Curve25519.generateSharedSecret(fromPublicKey: publicKey, privateKey: privateKey)
+        return try encrypt(plainTextData, using: symmetricKey)
+    }
+    
+    public static func decrypt(_ encryptedData: Data, using symmetricKey: Data) throws -> Data {
+        let symmetricKeyBytes = [UInt8](symmetricKey)
+        let ivBytes = [UInt8](encryptedData[..<ivLength])
+        let cipherBytes = [UInt8](encryptedData[ivLength...])
+        let blockMode = CBC(iv: ivBytes)
+        let aes = try AES(key: symmetricKeyBytes, blockMode: blockMode)
+        let decrypted = try aes.decrypt(cipherBytes)
+        return Data(bytes: decrypted, count: decrypted.count)
+    }
+    
+    public static func decrypt(_ encryptedData: Data, publicKey: Data, privateKey: Data) throws -> Data {
+        let symmetricKey = try Curve25519.generateSharedSecret(fromPublicKey: publicKey, privateKey: privateKey)
+        return try decrypt(encryptedData, using: symmetricKey)
+    }
+}
diff --git a/SignalServiceKit/src/Loki/Crypto/FallbackSessionCipher.swift b/SignalServiceKit/src/Loki/Crypto/FallbackSessionCipher.swift
index 336bdc4a6..bb3f77dff 100644
--- a/SignalServiceKit/src/Loki/Crypto/FallbackSessionCipher.swift
+++ b/SignalServiceKit/src/Loki/Crypto/FallbackSessionCipher.swift
@@ -72,7 +72,7 @@ private extension String {
     @objc public func encrypt(message: Data) -> Data? {
         guard let symmetricKey = symmetricKey else { return nil }
         do {
-            return try diffieHellmanEncrypt(plainText: message, symmetricKey: symmetricKey)
+            return try DiffieHellman.encrypt(message, using: symmetricKey)
         } catch {
             Logger.warn("FallBackSessionCipher: Failed to encrypt message")
             return nil
@@ -86,38 +86,10 @@ private extension String {
     @objc public func decrypt(message: Data) -> Data? {
         guard let symmetricKey = symmetricKey else { return nil }
         do {
-            return try diffieHellmanDecrypt(cipherText: message, symmetricKey: symmetricKey)
+            return try DiffieHellman.decrypt(message, using: symmetricKey)
         } catch {
             Logger.warn("FallBackSessionCipher: Failed to decrypt message")
             return nil
         }
     }
-    
-    // Encypt the message with the symmetric key and a 16 bit iv
-    private func diffieHellmanEncrypt(plainText: Data, symmetricKey: Data) throws -> Data {
-        let iv = Randomness.generateRandomBytes(ivLength)!
-        let ivBytes = [UInt8](iv)
-        
-        let symmetricKeyBytes = [UInt8](symmetricKey)
-        let messageBytes = [UInt8](plainText)
-        
-        let blockMode = CBC(iv: ivBytes)
-        let aes = try AES(key: symmetricKeyBytes, blockMode: blockMode)
-        let cipherText = try aes.encrypt(messageBytes)
-        let ivAndCipher = ivBytes + cipherText
-        return Data(bytes: ivAndCipher, count: ivAndCipher.count)
-    }
-    
-    // Decrypt the message with the symmetric key
-    private func diffieHellmanDecrypt(cipherText: Data, symmetricKey: Data) throws -> Data {
-        let symmetricKeyBytes = [UInt8](symmetricKey)
-        let ivBytes = [UInt8](cipherText[..<ivLength])
-        let cipherBytes = [UInt8](cipherText[ivLength...])
-        
-        let blockMode = CBC(iv: ivBytes)
-        let aes = try AES(key: symmetricKeyBytes, blockMode: blockMode)
-        let decrypted = try aes.decrypt(cipherBytes)
-        
-        return Data(bytes: decrypted, count: decrypted.count)
-    }
 }
diff --git a/SignalServiceKit/src/Messages/OWSOutgoingReceiptManager.m b/SignalServiceKit/src/Messages/OWSOutgoingReceiptManager.m
index 1eeab9089..35b330d3b 100644
--- a/SignalServiceKit/src/Messages/OWSOutgoingReceiptManager.m
+++ b/SignalServiceKit/src/Messages/OWSOutgoingReceiptManager.m
@@ -177,6 +177,9 @@ NSString *const kOutgoingReadReceiptManagerCollection = @"kOutgoingReadReceiptMa
         // If we aren't friends with the user then don't send out any receipts
         if (thread.friendRequestStatus != LKThreadFriendRequestStatusFriends) { continue; }
         
+        // Don't send any receipts for groups
+        if (thread.isGroupThread) { continue; }
+        
         OWSReceiptsForSenderMessage *message;
         NSString *receiptName;
         switch (receiptType) {
diff --git a/SignalServiceKit/src/Messages/OWSReadReceiptManager.m b/SignalServiceKit/src/Messages/OWSReadReceiptManager.m
index e08fe371f..b6a66f261 100644
--- a/SignalServiceKit/src/Messages/OWSReadReceiptManager.m
+++ b/SignalServiceKit/src/Messages/OWSReadReceiptManager.m
@@ -290,7 +290,10 @@ NSString *const OWSReadReceiptManagerAreReadReceiptsEnabled = @"areReadReceiptsE
                 OWSLogVerbose(@"Ignoring read receipt for self-sender.");
                 return;
             }
-
+            
+            // Don't send any receipts for groups
+            if (message.thread.isGroupThread) { return; }
+            
             if ([self areReadReceiptsEnabled]) {
                 OWSLogVerbose(@"Enqueuing read receipt for sender.");
                 [self.outgoingReceiptManager enqueueReadReceiptForEnvelope:messageAuthorId timestamp:message.timestamp];
diff --git a/SignalServiceKit/src/Util/TypingIndicators.swift b/SignalServiceKit/src/Util/TypingIndicators.swift
index f148a7555..fe9f53fc8 100644
--- a/SignalServiceKit/src/Util/TypingIndicators.swift
+++ b/SignalServiceKit/src/Util/TypingIndicators.swift
@@ -322,6 +322,9 @@ public class TypingIndicatorsImpl: NSObject, TypingIndicators {
             guard delegate.areTypingIndicatorsEnabled() else {
                 return
             }
+            
+            // Don't send any typing indicators for groups
+            guard !thread.isGroupThread() else { return }
 
             let message = TypingIndicatorMessage(thread: thread, action: action)
             messageSender.sendPromise(message: message).retainUntilComplete()