diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go
index 8d185378..d7abb519 100644
--- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go
+++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go
@@ -383,6 +383,7 @@ type AclAccountRequestJoin struct {
 	InviteIdentity          []byte `protobuf:"bytes,1,opt,name=inviteIdentity,proto3" json:"inviteIdentity,omitempty"`
 	InviteRecordId          string `protobuf:"bytes,2,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"`
 	InviteIdentitySignature []byte `protobuf:"bytes,3,opt,name=inviteIdentitySignature,proto3" json:"inviteIdentitySignature,omitempty"`
+	Metadata                []byte `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata,omitempty"`
 }
 
 func (m *AclAccountRequestJoin) Reset()         { *m = AclAccountRequestJoin{} }
@@ -439,6 +440,13 @@ func (m *AclAccountRequestJoin) GetInviteIdentitySignature() []byte {
 	return nil
 }
 
+func (m *AclAccountRequestJoin) GetMetadata() []byte {
+	if m != nil {
+		return m.Metadata
+	}
+	return nil
+}
+
 // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor
 type AclAccountRequestAccept struct {
 	Identity          []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
@@ -500,6 +508,51 @@ func (m *AclAccountRequestAccept) GetEncryptedReadKeys() []byte {
 	return nil
 }
 
+// AclAccountRequestDecline contains the reference to join record
+type AclAccountRequestDecline struct {
+	RequestRecordId string `protobuf:"bytes,1,opt,name=requestRecordId,proto3" json:"requestRecordId,omitempty"`
+}
+
+func (m *AclAccountRequestDecline) Reset()         { *m = AclAccountRequestDecline{} }
+func (m *AclAccountRequestDecline) String() string { return proto.CompactTextString(m) }
+func (*AclAccountRequestDecline) ProtoMessage()    {}
+func (*AclAccountRequestDecline) Descriptor() ([]byte, []int) {
+	return fileDescriptor_c8e9f754f34e929b, []int{7}
+}
+func (m *AclAccountRequestDecline) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *AclAccountRequestDecline) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	if deterministic {
+		return xxx_messageInfo_AclAccountRequestDecline.Marshal(b, m, deterministic)
+	} else {
+		b = b[:cap(b)]
+		n, err := m.MarshalToSizedBuffer(b)
+		if err != nil {
+			return nil, err
+		}
+		return b[:n], nil
+	}
+}
+func (m *AclAccountRequestDecline) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_AclAccountRequestDecline.Merge(m, src)
+}
+func (m *AclAccountRequestDecline) XXX_Size() int {
+	return m.Size()
+}
+func (m *AclAccountRequestDecline) XXX_DiscardUnknown() {
+	xxx_messageInfo_AclAccountRequestDecline.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_AclAccountRequestDecline proto.InternalMessageInfo
+
+func (m *AclAccountRequestDecline) GetRequestRecordId() string {
+	if m != nil {
+		return m.RequestRecordId
+	}
+	return ""
+}
+
 // AclAccountInviteRevoke revokes the invite record
 type AclAccountInviteRevoke struct {
 	InviteRecordId string `protobuf:"bytes,1,opt,name=inviteRecordId,proto3" json:"inviteRecordId,omitempty"`
@@ -509,7 +562,7 @@ func (m *AclAccountInviteRevoke) Reset()         { *m = AclAccountInviteRevoke{}
 func (m *AclAccountInviteRevoke) String() string { return proto.CompactTextString(m) }
 func (*AclAccountInviteRevoke) ProtoMessage()    {}
 func (*AclAccountInviteRevoke) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{7}
+	return fileDescriptor_c8e9f754f34e929b, []int{8}
 }
 func (m *AclAccountInviteRevoke) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -554,7 +607,7 @@ func (m *AclReadKeys) Reset()         { *m = AclReadKeys{} }
 func (m *AclReadKeys) String() string { return proto.CompactTextString(m) }
 func (*AclReadKeys) ProtoMessage()    {}
 func (*AclReadKeys) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{8}
+	return fileDescriptor_c8e9f754f34e929b, []int{9}
 }
 func (m *AclReadKeys) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -600,7 +653,7 @@ func (m *AclEncryptedReadKeys) Reset()         { *m = AclEncryptedReadKeys{} }
 func (m *AclEncryptedReadKeys) String() string { return proto.CompactTextString(m) }
 func (*AclEncryptedReadKeys) ProtoMessage()    {}
 func (*AclEncryptedReadKeys) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{9}
+	return fileDescriptor_c8e9f754f34e929b, []int{10}
 }
 func (m *AclEncryptedReadKeys) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -653,7 +706,7 @@ func (m *AclAccountPermissionChange) Reset()         { *m = AclAccountPermission
 func (m *AclAccountPermissionChange) String() string { return proto.CompactTextString(m) }
 func (*AclAccountPermissionChange) ProtoMessage()    {}
 func (*AclAccountPermissionChange) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{10}
+	return fileDescriptor_c8e9f754f34e929b, []int{11}
 }
 func (m *AclAccountPermissionChange) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -705,7 +758,7 @@ func (m *AclReadKeyChange) Reset()         { *m = AclReadKeyChange{} }
 func (m *AclReadKeyChange) String() string { return proto.CompactTextString(m) }
 func (*AclReadKeyChange) ProtoMessage()    {}
 func (*AclReadKeyChange) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{11}
+	return fileDescriptor_c8e9f754f34e929b, []int{12}
 }
 func (m *AclReadKeyChange) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -751,7 +804,7 @@ func (m *AclAccountRemove) Reset()         { *m = AclAccountRemove{} }
 func (m *AclAccountRemove) String() string { return proto.CompactTextString(m) }
 func (*AclAccountRemove) ProtoMessage()    {}
 func (*AclAccountRemove) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{12}
+	return fileDescriptor_c8e9f754f34e929b, []int{13}
 }
 func (m *AclAccountRemove) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -805,6 +858,7 @@ type AclContentValue struct {
 	//	*AclContentValue_PermissionChange
 	//	*AclContentValue_AccountRemove
 	//	*AclContentValue_ReadKeyChange
+	//	*AclContentValue_RequestDecline
 	Value isAclContentValue_Value `protobuf_oneof:"value"`
 }
 
@@ -812,7 +866,7 @@ func (m *AclContentValue) Reset()         { *m = AclContentValue{} }
 func (m *AclContentValue) String() string { return proto.CompactTextString(m) }
 func (*AclContentValue) ProtoMessage()    {}
 func (*AclContentValue) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{13}
+	return fileDescriptor_c8e9f754f34e929b, []int{14}
 }
 func (m *AclContentValue) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -868,6 +922,9 @@ type AclContentValue_AccountRemove struct {
 type AclContentValue_ReadKeyChange struct {
 	ReadKeyChange *AclReadKeyChange `protobuf:"bytes,7,opt,name=readKeyChange,proto3,oneof" json:"readKeyChange,omitempty"`
 }
+type AclContentValue_RequestDecline struct {
+	RequestDecline *AclAccountRequestDecline `protobuf:"bytes,8,opt,name=requestDecline,proto3,oneof" json:"requestDecline,omitempty"`
+}
 
 func (*AclContentValue_Invite) isAclContentValue_Value()           {}
 func (*AclContentValue_InviteRevoke) isAclContentValue_Value()     {}
@@ -876,6 +933,7 @@ func (*AclContentValue_RequestAccept) isAclContentValue_Value()    {}
 func (*AclContentValue_PermissionChange) isAclContentValue_Value() {}
 func (*AclContentValue_AccountRemove) isAclContentValue_Value()    {}
 func (*AclContentValue_ReadKeyChange) isAclContentValue_Value()    {}
+func (*AclContentValue_RequestDecline) isAclContentValue_Value()   {}
 
 func (m *AclContentValue) GetValue() isAclContentValue_Value {
 	if m != nil {
@@ -933,6 +991,13 @@ func (m *AclContentValue) GetReadKeyChange() *AclReadKeyChange {
 	return nil
 }
 
+func (m *AclContentValue) GetRequestDecline() *AclAccountRequestDecline {
+	if x, ok := m.GetValue().(*AclContentValue_RequestDecline); ok {
+		return x.RequestDecline
+	}
+	return nil
+}
+
 // XXX_OneofWrappers is for the internal use of the proto package.
 func (*AclContentValue) XXX_OneofWrappers() []interface{} {
 	return []interface{}{
@@ -943,6 +1008,7 @@ func (*AclContentValue) XXX_OneofWrappers() []interface{} {
 		(*AclContentValue_PermissionChange)(nil),
 		(*AclContentValue_AccountRemove)(nil),
 		(*AclContentValue_ReadKeyChange)(nil),
+		(*AclContentValue_RequestDecline)(nil),
 	}
 }
 
@@ -955,7 +1021,7 @@ func (m *AclData) Reset()         { *m = AclData{} }
 func (m *AclData) String() string { return proto.CompactTextString(m) }
 func (*AclData) ProtoMessage()    {}
 func (*AclData) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{14}
+	return fileDescriptor_c8e9f754f34e929b, []int{15}
 }
 func (m *AclData) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -999,7 +1065,7 @@ func (m *AclSyncMessage) Reset()         { *m = AclSyncMessage{} }
 func (m *AclSyncMessage) String() string { return proto.CompactTextString(m) }
 func (*AclSyncMessage) ProtoMessage()    {}
 func (*AclSyncMessage) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{15}
+	return fileDescriptor_c8e9f754f34e929b, []int{16}
 }
 func (m *AclSyncMessage) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -1047,7 +1113,7 @@ func (m *AclSyncContentValue) Reset()         { *m = AclSyncContentValue{} }
 func (m *AclSyncContentValue) String() string { return proto.CompactTextString(m) }
 func (*AclSyncContentValue) ProtoMessage()    {}
 func (*AclSyncContentValue) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{16}
+	return fileDescriptor_c8e9f754f34e929b, []int{17}
 }
 func (m *AclSyncContentValue) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -1117,7 +1183,7 @@ func (m *AclAddRecords) Reset()         { *m = AclAddRecords{} }
 func (m *AclAddRecords) String() string { return proto.CompactTextString(m) }
 func (*AclAddRecords) ProtoMessage()    {}
 func (*AclAddRecords) Descriptor() ([]byte, []int) {
-	return fileDescriptor_c8e9f754f34e929b, []int{17}
+	return fileDescriptor_c8e9f754f34e929b, []int{18}
 }
 func (m *AclAddRecords) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -1162,6 +1228,7 @@ func init() {
 	proto.RegisterType((*AclAccountInvite)(nil), "aclrecord.AclAccountInvite")
 	proto.RegisterType((*AclAccountRequestJoin)(nil), "aclrecord.AclAccountRequestJoin")
 	proto.RegisterType((*AclAccountRequestAccept)(nil), "aclrecord.AclAccountRequestAccept")
+	proto.RegisterType((*AclAccountRequestDecline)(nil), "aclrecord.AclAccountRequestDecline")
 	proto.RegisterType((*AclAccountInviteRevoke)(nil), "aclrecord.AclAccountInviteRevoke")
 	proto.RegisterType((*AclReadKeys)(nil), "aclrecord.AclReadKeys")
 	proto.RegisterType((*AclEncryptedReadKeys)(nil), "aclrecord.AclEncryptedReadKeys")
@@ -1180,64 +1247,67 @@ func init() {
 }
 
 var fileDescriptor_c8e9f754f34e929b = []byte{
-	// 912 bytes of a gzipped FileDescriptorProto
+	// 958 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45,
-	0x14, 0xde, 0x75, 0x1c, 0xbb, 0x3e, 0x9b, 0xa4, 0xcb, 0x00, 0xad, 0x15, 0x8a, 0x09, 0x23, 0x15,
-	0xaa, 0x0a, 0x35, 0xc8, 0x08, 0x51, 0x21, 0x44, 0xd9, 0xa6, 0x15, 0x76, 0xf8, 0xd5, 0x44, 0xa5,
-	0x52, 0xaf, 0x98, 0xce, 0x8e, 0xd2, 0x85, 0xdd, 0x9d, 0xcd, 0xec, 0xc4, 0x95, 0x9f, 0x01, 0x21,
-	0xf1, 0x08, 0xf0, 0x36, 0x5c, 0xf6, 0x06, 0x89, 0x4b, 0x94, 0xbc, 0x08, 0x9a, 0x99, 0x5d, 0xef,
-	0x9f, 0x63, 0x21, 0x2e, 0x12, 0xcf, 0x9c, 0xf9, 0xce, 0x77, 0xbe, 0xf3, 0x33, 0x63, 0xc3, 0x67,
-	0x4c, 0x24, 0x89, 0x48, 0xf3, 0x8c, 0x32, 0x7e, 0x28, 0x9e, 0xff, 0xc4, 0x99, 0x3a, 0xa4, 0x2c,
-	0xd6, 0x7f, 0x92, 0x33, 0x21, 0xc3, 0x4c, 0x0a, 0x25, 0x0e, 0xcd, 0xff, 0xbc, 0xb2, 0xde, 0x33,
-	0x06, 0x34, 0x5a, 0x19, 0xf0, 0xef, 0x2e, 0xec, 0x10, 0xfa, 0x32, 0x60, 0x31, 0x31, 0x06, 0x34,
-	0x86, 0x61, 0x46, 0x97, 0xb1, 0xa0, 0xe1, 0xd8, 0x3d, 0x70, 0xef, 0xec, 0x90, 0x72, 0x8b, 0x6e,
-	0xc1, 0x28, 0x8f, 0x4e, 0x53, 0xaa, 0xce, 0x25, 0x1f, 0xf7, 0xcc, 0x59, 0x65, 0x40, 0x77, 0xc1,
-	0xa7, 0x8c, 0xf1, 0x4c, 0x09, 0x39, 0x0f, 0x79, 0xaa, 0x22, 0xb5, 0x1c, 0x6f, 0x19, 0x50, 0xc7,
-	0x8e, 0x3e, 0x80, 0xd7, 0x4a, 0xdb, 0xc9, 0x8a, 0xb1, 0x6f, 0xc0, 0xdd, 0x03, 0xfc, 0x39, 0xa0,
-	0xba, 0xc2, 0xa7, 0x91, 0x7a, 0x31, 0xdf, 0xa4, 0x73, 0x0f, 0x7a, 0x51, 0x68, 0x04, 0x8e, 0x48,
-	0x2f, 0x0a, 0xf1, 0x19, 0x8c, 0xaa, 0xf4, 0x6e, 0xc0, 0x20, 0x93, 0x7c, 0x31, 0xb7, 0x5e, 0x23,
-	0x52, 0xec, 0xd0, 0x3e, 0x5c, 0x8b, 0x4a, 0xd9, 0x36, 0xb7, 0xd5, 0x1e, 0x21, 0xe8, 0x87, 0x54,
-	0xd1, 0x22, 0x1d, 0xb3, 0xd6, 0xc5, 0x50, 0x51, 0xc2, 0x73, 0x45, 0x93, 0xcc, 0x48, 0xdf, 0x22,
-	0x95, 0x01, 0xff, 0xe5, 0xc2, 0x50, 0xc7, 0x14, 0x42, 0x35, 0x98, 0xdd, 0x16, 0xf3, 0x2d, 0x18,
-	0x25, 0x34, 0x57, 0x5c, 0x7e, 0xc5, 0xcb, 0xb0, 0x95, 0x41, 0xa7, 0x68, 0x1a, 0x3c, 0x0f, 0x4d,
-	0xe8, 0x11, 0x29, 0xb7, 0xba, 0xd8, 0x3c, 0x65, 0x72, 0x99, 0x29, 0x1e, 0x12, 0x4e, 0x43, 0xed,
-	0x6e, 0xeb, 0xd7, 0xb1, 0x37, 0x95, 0x6e, 0xb7, 0x94, 0xea, 0x56, 0x94, 0x6a, 0xaa, 0x56, 0x0c,
-	0x6c, 0x2b, 0x3a, 0x07, 0xf8, 0x43, 0xf0, 0x03, 0x16, 0x07, 0x8c, 0x89, 0xf3, 0x54, 0xcd, 0xd3,
-	0x45, 0xa4, 0xb8, 0xe6, 0x8f, 0xcc, 0x4a, 0x8b, 0xb0, 0x09, 0x56, 0x06, 0xfc, 0x87, 0x0b, 0x6f,
-	0x56, 0x2e, 0x84, 0x9f, 0x9d, 0xf3, 0x5c, 0x1d, 0x8b, 0x28, 0x45, 0xef, 0xc1, 0x9e, 0x85, 0xcd,
-	0x9b, 0xd5, 0x69, 0x59, 0x2b, 0x9c, 0xed, 0xe0, 0xbc, 0x6c, 0x6d, 0xcb, 0x8a, 0xee, 0xc3, 0xcd,
-	0xa6, 0x67, 0x95, 0x8f, 0x6d, 0xdc, 0x55, 0xc7, 0xf8, 0x57, 0x17, 0x6e, 0x76, 0x34, 0x06, 0x66,
-	0x0e, 0x37, 0x76, 0xef, 0x0e, 0x5c, 0x97, 0x16, 0xdc, 0x92, 0xd6, 0x36, 0xeb, 0x2a, 0xb7, 0xfb,
-	0x92, 0x17, 0xaa, 0xba, 0x07, 0xf8, 0x0b, 0xb8, 0xd1, 0xae, 0x32, 0xe1, 0x0b, 0xf1, 0x33, 0x5f,
-	0x53, 0x0b, 0x77, 0x5d, 0x2d, 0xf0, 0xfb, 0xe0, 0x99, 0x91, 0xb7, 0x84, 0x7a, 0x90, 0x64, 0x31,
-	0x25, 0xee, 0xc1, 0x96, 0xbe, 0x2b, 0xc5, 0x16, 0xff, 0x08, 0x6f, 0x04, 0x2c, 0x7e, 0xdc, 0x96,
-	0xb0, 0x31, 0xed, 0xb5, 0xc9, 0xf4, 0xae, 0x4a, 0x66, 0x09, 0xfb, 0x55, 0x32, 0xdf, 0x73, 0x99,
-	0x44, 0x79, 0x1e, 0x89, 0xf4, 0xe8, 0x05, 0x4d, 0x4f, 0xf9, 0xc6, 0x38, 0x0f, 0xc0, 0xcb, 0x56,
-	0x78, 0x1b, 0x61, 0x6f, 0xfa, 0xf6, 0xbd, 0xea, 0x31, 0x0b, 0x58, 0xfc, 0x24, 0xe7, 0xb2, 0x22,
-	0xcd, 0x49, 0xdd, 0x03, 0x3f, 0x31, 0xd3, 0x5a, 0x28, 0x29, 0x02, 0x06, 0xe0, 0x51, 0xab, 0xc5,
-	0xc8, 0xd6, 0xe5, 0xf0, 0xa6, 0xef, 0x34, 0x49, 0x3b, 0xe5, 0x20, 0x75, 0x1f, 0x7c, 0x56, 0xbf,
-	0x04, 0x84, 0x27, 0x62, 0xb1, 0x39, 0x8f, 0x56, 0xc8, 0xde, 0xff, 0x08, 0xf9, 0x4b, 0x1f, 0xae,
-	0x07, 0x2c, 0x3e, 0x12, 0xa9, 0xe2, 0xa9, 0xfa, 0x81, 0xc6, 0xe7, 0x1c, 0x7d, 0x0c, 0x03, 0xdb,
-	0x75, 0x13, 0xd0, 0x9b, 0xbe, 0xd5, 0x64, 0x6c, 0x8c, 0xcf, 0xcc, 0x21, 0x05, 0x18, 0x7d, 0x09,
-	0x3b, 0x51, 0x6d, 0xa4, 0x4c, 0x59, 0xbd, 0xe9, 0xbb, 0x1b, 0x9c, 0x2d, 0x70, 0xe6, 0x90, 0x86,
-	0x23, 0x7a, 0x04, 0x9e, 0xac, 0xae, 0xb3, 0x99, 0x66, 0x6f, 0x7a, 0xb0, 0x96, 0xa7, 0x76, 0xed,
-	0x67, 0x0e, 0xa9, 0xbb, 0xa1, 0x63, 0xd8, 0x95, 0xf5, 0x0b, 0x67, 0x9e, 0x31, 0x6f, 0x8a, 0x37,
-	0xf1, 0x58, 0xe4, 0xcc, 0x21, 0x4d, 0x57, 0x74, 0x02, 0x7e, 0xd6, 0x1a, 0x30, 0xf3, 0xe0, 0x79,
-	0xd3, 0xdb, 0x6b, 0xe9, 0xda, 0xd3, 0x38, 0x73, 0x48, 0x87, 0x00, 0x1d, 0xc1, 0x2e, 0xad, 0xb7,
-	0xda, 0x3c, 0x8e, 0x57, 0x55, 0xdb, 0x42, 0xb4, 0xb2, 0x86, 0x8f, 0x26, 0x91, 0xf5, 0x31, 0x1c,
-	0x0f, 0xd7, 0x91, 0x34, 0x26, 0xd5, 0xa6, 0x57, 0x33, 0x3c, 0x1c, 0xc2, 0xf6, 0x42, 0x77, 0x1e,
-	0x3f, 0x36, 0x5f, 0x2e, 0x8f, 0xf4, 0xd7, 0xd0, 0xa7, 0x00, 0x74, 0x35, 0x17, 0xc5, 0x34, 0xef,
-	0x37, 0x59, 0xeb, 0x43, 0x43, 0x6a, 0x68, 0x7c, 0x0c, 0x7b, 0x01, 0x8b, 0x4f, 0x96, 0x29, 0xfb,
-	0x86, 0xe7, 0x39, 0x3d, 0xe5, 0xe8, 0x3e, 0x0c, 0xd9, 0x8a, 0x4a, 0x0b, 0x9c, 0x34, 0xa9, 0x34,
-	0xb6, 0x41, 0x57, 0xc2, 0xf1, 0x33, 0x78, 0x7d, 0xcd, 0xb9, 0x91, 0x17, 0x86, 0xf6, 0x59, 0xca,
-	0x0b, 0xce, 0x71, 0xab, 0x72, 0xab, 0xf3, 0x99, 0x43, 0x6a, 0xe8, 0x2a, 0xdd, 0x19, 0xec, 0x36,
-	0x70, 0xe8, 0x13, 0xfd, 0x9c, 0x95, 0x94, 0x3a, 0xe3, 0xfa, 0xa3, 0xd0, 0xfd, 0xa9, 0x40, 0x4a,
-	0xf4, 0xdd, 0xaf, 0x01, 0x75, 0xdf, 0x0c, 0x74, 0x0d, 0xfa, 0xdf, 0x8a, 0x94, 0xfb, 0x0e, 0x1a,
-	0xc1, 0xf6, 0x77, 0x2f, 0x53, 0x2e, 0x7d, 0x57, 0x2f, 0x83, 0x30, 0x89, 0x52, 0xbf, 0x87, 0x00,
-	0x06, 0x4f, 0x65, 0xa4, 0xb8, 0xf4, 0xb7, 0xf4, 0x5a, 0x77, 0x89, 0x4b, 0xbf, 0xff, 0xf0, 0xc1,
-	0x9f, 0x17, 0x13, 0xf7, 0xd5, 0xc5, 0xc4, 0xfd, 0xe7, 0x62, 0xe2, 0xfe, 0x76, 0x39, 0x71, 0x5e,
-	0x5d, 0x4e, 0x9c, 0xbf, 0x2f, 0x27, 0xce, 0xb3, 0xdb, 0xff, 0xe9, 0xd7, 0xd9, 0xf3, 0x81, 0xf9,
-	0xf8, 0xe8, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x51, 0x62, 0x48, 0x8d, 0xcd, 0x09, 0x00, 0x00,
+	0x14, 0xde, 0x75, 0x1c, 0x3b, 0x3e, 0x9b, 0xb8, 0x66, 0x80, 0xd6, 0x0a, 0xc5, 0x84, 0x45, 0x85,
+	0xaa, 0x42, 0x0d, 0x32, 0x42, 0x54, 0x08, 0x51, 0xb6, 0x49, 0x85, 0x1d, 0x28, 0xa0, 0x89, 0x4a,
+	0xa5, 0x5e, 0x31, 0x9d, 0x1d, 0xa5, 0x0b, 0xbb, 0x3b, 0x9b, 0xd9, 0xb1, 0x2b, 0x3f, 0x04, 0x12,
+	0x8f, 0xc0, 0x8b, 0x70, 0xcf, 0x65, 0x6e, 0x90, 0x10, 0x57, 0x28, 0x79, 0x11, 0x34, 0x33, 0xbb,
+	0xde, 0xdf, 0x58, 0x88, 0x8b, 0xc4, 0x33, 0x67, 0xce, 0xf9, 0xce, 0x77, 0x7e, 0x6d, 0xf8, 0x9c,
+	0xf2, 0x28, 0xe2, 0x71, 0x9a, 0x10, 0xca, 0x0e, 0xf9, 0x8b, 0x9f, 0x18, 0x95, 0x87, 0x84, 0x86,
+	0xea, 0x4f, 0x30, 0xca, 0x85, 0x9f, 0x08, 0x2e, 0xf9, 0xa1, 0xfe, 0x9f, 0x16, 0xd2, 0xfb, 0x5a,
+	0x80, 0x06, 0x6b, 0x81, 0xfb, 0x9b, 0x0d, 0xbb, 0x98, 0xbc, 0xf2, 0x68, 0x88, 0xb5, 0x00, 0x8d,
+	0xa1, 0x9f, 0x90, 0x55, 0xc8, 0x89, 0x3f, 0xb6, 0x0f, 0xec, 0xbb, 0xbb, 0x38, 0xbf, 0xa2, 0xdb,
+	0x30, 0x48, 0x83, 0xb3, 0x98, 0xc8, 0x85, 0x60, 0xe3, 0x8e, 0x7e, 0x2b, 0x04, 0xe8, 0x1e, 0x8c,
+	0x08, 0xa5, 0x2c, 0x91, 0x5c, 0xcc, 0x7d, 0x16, 0xcb, 0x40, 0xae, 0xc6, 0x5b, 0x5a, 0xa9, 0x21,
+	0x47, 0x1f, 0xc2, 0x6b, 0xb9, 0xec, 0x74, 0x8d, 0xd8, 0xd5, 0xca, 0xcd, 0x07, 0xf7, 0x0b, 0x40,
+	0x65, 0x86, 0xcf, 0x02, 0xf9, 0x72, 0xbe, 0x89, 0xe7, 0x10, 0x3a, 0x81, 0xaf, 0x09, 0x0e, 0x70,
+	0x27, 0xf0, 0xdd, 0x73, 0x18, 0x14, 0xe1, 0xdd, 0x84, 0x5e, 0x22, 0xd8, 0x72, 0x6e, 0xac, 0x06,
+	0x38, 0xbb, 0xa1, 0x7d, 0xd8, 0x09, 0x72, 0xda, 0x26, 0xb6, 0xf5, 0x1d, 0x21, 0xe8, 0xfa, 0x44,
+	0x92, 0x2c, 0x1c, 0x7d, 0x56, 0xc9, 0x90, 0x41, 0xc4, 0x52, 0x49, 0xa2, 0x44, 0x53, 0xdf, 0xc2,
+	0x85, 0xc0, 0xfd, 0xd3, 0x86, 0xbe, 0xf2, 0xc9, 0xb9, 0xac, 0x20, 0xdb, 0x35, 0xe4, 0xdb, 0x30,
+	0x88, 0x48, 0x2a, 0x99, 0xf8, 0x9a, 0xe5, 0x6e, 0x0b, 0x81, 0x0a, 0x51, 0x17, 0x78, 0xee, 0x6b,
+	0xd7, 0x03, 0x9c, 0x5f, 0x55, 0xb2, 0x59, 0x4c, 0xc5, 0x2a, 0x91, 0xcc, 0xc7, 0x8c, 0xf8, 0xca,
+	0xdc, 0xe4, 0xaf, 0x21, 0xaf, 0x32, 0xdd, 0xae, 0x31, 0x55, 0xa5, 0xc8, 0xd9, 0x14, 0xa5, 0xe8,
+	0x99, 0x52, 0x34, 0x1e, 0xdc, 0x8f, 0x60, 0xe4, 0xd1, 0xd0, 0xa3, 0x94, 0x2f, 0x62, 0x39, 0x8f,
+	0x97, 0x81, 0x64, 0x0a, 0x3f, 0xd0, 0x27, 0x45, 0xc2, 0x04, 0x58, 0x08, 0xdc, 0xdf, 0x6d, 0x78,
+	0xb3, 0x30, 0xc1, 0xec, 0x7c, 0xc1, 0x52, 0x79, 0xc2, 0x83, 0x18, 0xbd, 0x0f, 0x43, 0xa3, 0x36,
+	0xaf, 0x66, 0xa7, 0x26, 0x2d, 0xf4, 0x4c, 0x05, 0xe7, 0x79, 0x69, 0x6b, 0x52, 0xf4, 0x00, 0x6e,
+	0x55, 0x2d, 0x8b, 0x78, 0x4c, 0xe1, 0xae, 0x7b, 0x56, 0x15, 0x8a, 0x98, 0x24, 0xba, 0xc6, 0x26,
+	0x8b, 0xeb, 0xbb, 0xfb, 0x8b, 0x0d, 0xb7, 0x1a, 0xfc, 0x3d, 0xdd, 0xa3, 0x1b, 0x2b, 0x7b, 0x17,
+	0x6e, 0x08, 0xa3, 0x5c, 0xa3, 0x5d, 0x17, 0xab, 0x0a, 0xd4, 0x6b, 0x96, 0x66, 0x8c, 0x9b, 0x0f,
+	0xee, 0x31, 0x8c, 0x1b, 0x74, 0x8e, 0x19, 0x0d, 0x83, 0x98, 0xb5, 0xf9, 0xb4, 0x5b, 0x7d, 0xba,
+	0x5f, 0xc2, 0xcd, 0x7a, 0x1d, 0x31, 0x5b, 0xf2, 0x9f, 0x59, 0x4b, 0xb6, 0xed, 0xb6, 0x6c, 0xbb,
+	0x1f, 0x80, 0xa3, 0x87, 0xca, 0xd0, 0x52, 0xad, 0x2a, 0xb2, 0x3e, 0xb4, 0x0f, 0xb6, 0xd4, 0x34,
+	0x66, 0x57, 0xf7, 0x47, 0x78, 0xc3, 0xa3, 0xe1, 0xe3, 0x7a, 0x20, 0x1b, 0x93, 0xd7, 0x9a, 0x92,
+	0xce, 0x75, 0x29, 0x59, 0xc1, 0x7e, 0x11, 0xcc, 0xf7, 0x4c, 0x44, 0x41, 0x9a, 0x06, 0x3c, 0x3e,
+	0x7a, 0x49, 0xe2, 0x33, 0xb6, 0xd1, 0xcf, 0x43, 0x70, 0x92, 0xb5, 0xbe, 0xf1, 0x30, 0x9c, 0xbe,
+	0x7d, 0xbf, 0x58, 0x97, 0x1e, 0x0d, 0x9f, 0xa6, 0x4c, 0x14, 0xa0, 0x29, 0x2e, 0x5b, 0xb8, 0x4f,
+	0xf5, 0x3c, 0x64, 0x4c, 0x32, 0x87, 0x1e, 0x38, 0xc4, 0x70, 0xd1, 0xb4, 0x55, 0x3a, 0x9c, 0xe9,
+	0x3b, 0x55, 0xd0, 0x46, 0x3a, 0x70, 0xd9, 0xc6, 0x3d, 0x2f, 0x8f, 0x19, 0x66, 0x11, 0x5f, 0x6e,
+	0x8e, 0xa3, 0xe6, 0xb2, 0xf3, 0x3f, 0x5c, 0xfe, 0xdd, 0x85, 0x1b, 0x1e, 0x0d, 0x8f, 0x78, 0x2c,
+	0x59, 0x2c, 0x7f, 0x20, 0xe1, 0x82, 0xa1, 0x4f, 0xa0, 0x67, 0xaa, 0xae, 0x1d, 0x3a, 0xd3, 0xb7,
+	0xaa, 0x88, 0x95, 0xf6, 0x99, 0x59, 0x38, 0x53, 0x46, 0x5f, 0xc1, 0x6e, 0x50, 0x6a, 0x29, 0x9d,
+	0x56, 0x67, 0xfa, 0xee, 0x06, 0x63, 0xa3, 0x38, 0xb3, 0x70, 0xc5, 0x10, 0x1d, 0x83, 0x23, 0x8a,
+	0x85, 0xa1, 0x67, 0xc2, 0x99, 0x1e, 0xb4, 0xe2, 0x94, 0x16, 0xcb, 0xcc, 0xc2, 0x65, 0x33, 0x74,
+	0x02, 0x7b, 0xa2, 0x3c, 0xb6, 0x7a, 0xc4, 0x9d, 0xa9, 0xbb, 0x09, 0xc7, 0x68, 0xce, 0x2c, 0x5c,
+	0x35, 0x45, 0xa7, 0x30, 0x4a, 0x6a, 0x0d, 0xa6, 0x57, 0xaa, 0x33, 0xbd, 0xd3, 0x0a, 0x57, 0xef,
+	0xc6, 0x99, 0x85, 0x1b, 0x00, 0xe8, 0x08, 0xf6, 0x48, 0xb9, 0xd4, 0x7a, 0xfd, 0x5e, 0x97, 0x6d,
+	0xa3, 0xa2, 0x98, 0x55, 0x6c, 0x14, 0x88, 0x28, 0xb7, 0xe1, 0xb8, 0xdf, 0x06, 0x52, 0xe9, 0x54,
+	0x13, 0x5e, 0xb9, 0x75, 0x9f, 0xc0, 0x50, 0x54, 0x56, 0xca, 0x78, 0x47, 0xa3, 0xbc, 0xb7, 0x29,
+	0x57, 0x99, 0xea, 0xcc, 0xc2, 0x35, 0xe3, 0x47, 0x7d, 0xd8, 0x5e, 0xaa, 0x46, 0x72, 0x1f, 0xeb,
+	0x6f, 0xc3, 0x63, 0xf5, 0xbd, 0xf9, 0x19, 0x00, 0x59, 0xb7, 0x59, 0x36, 0x1c, 0xfb, 0x55, 0xf8,
+	0x72, 0x0f, 0xe2, 0x92, 0xb6, 0x7b, 0x02, 0x43, 0x8f, 0x86, 0xa7, 0xab, 0x98, 0x3e, 0x61, 0x69,
+	0x4a, 0xce, 0x18, 0x7a, 0x00, 0x7d, 0xba, 0x86, 0x52, 0x4c, 0x27, 0x55, 0x28, 0xa5, 0x5b, 0x81,
+	0xcb, 0xd5, 0xdd, 0xe7, 0xf0, 0x7a, 0xcb, 0xbb, 0xa6, 0xe7, 0xfb, 0x66, 0xcb, 0xa5, 0x19, 0xe6,
+	0xb8, 0x16, 0xfd, 0xfa, 0x7d, 0x66, 0xe1, 0x92, 0x76, 0x11, 0xee, 0x0c, 0xf6, 0x2a, 0x7a, 0xe8,
+	0x53, 0xb5, 0x1d, 0x73, 0x48, 0x15, 0x71, 0x79, 0xc7, 0x34, 0x7f, 0xdb, 0xe0, 0x5c, 0xfb, 0xde,
+	0x37, 0x80, 0x9a, 0x2b, 0x08, 0xed, 0x40, 0xf7, 0x5b, 0x1e, 0xb3, 0x91, 0x85, 0x06, 0xb0, 0xfd,
+	0xdd, 0xab, 0x98, 0x89, 0x91, 0xad, 0x8e, 0x9e, 0x1f, 0x05, 0xf1, 0xa8, 0x83, 0x00, 0x7a, 0xcf,
+	0x44, 0x20, 0x99, 0x18, 0x6d, 0xa9, 0xb3, 0x2a, 0x3a, 0x13, 0xa3, 0xee, 0xa3, 0x87, 0x7f, 0x5c,
+	0x4e, 0xec, 0x8b, 0xcb, 0x89, 0xfd, 0xcf, 0xe5, 0xc4, 0xfe, 0xf5, 0x6a, 0x62, 0x5d, 0x5c, 0x4d,
+	0xac, 0xbf, 0xae, 0x26, 0xd6, 0xf3, 0x3b, 0xff, 0xe9, 0xe7, 0xe4, 0x8b, 0x9e, 0xfe, 0xf8, 0xf8,
+	0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0xb3, 0x39, 0x6c, 0x7e, 0x0a, 0x00, 0x00,
 }
 
 func (m *RawAclRecord) Marshal() (dAtA []byte, err error) {
@@ -1490,6 +1560,13 @@ func (m *AclAccountRequestJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.Metadata) > 0 {
+		i -= len(m.Metadata)
+		copy(dAtA[i:], m.Metadata)
+		i = encodeVarintAclrecord(dAtA, i, uint64(len(m.Metadata)))
+		i--
+		dAtA[i] = 0x22
+	}
 	if len(m.InviteIdentitySignature) > 0 {
 		i -= len(m.InviteIdentitySignature)
 		copy(dAtA[i:], m.InviteIdentitySignature)
@@ -1558,6 +1635,36 @@ func (m *AclAccountRequestAccept) MarshalToSizedBuffer(dAtA []byte) (int, error)
 	return len(dAtA) - i, nil
 }
 
+func (m *AclAccountRequestDecline) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *AclAccountRequestDecline) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *AclAccountRequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.RequestRecordId) > 0 {
+		i -= len(m.RequestRecordId)
+		copy(dAtA[i:], m.RequestRecordId)
+		i = encodeVarintAclrecord(dAtA, i, uint64(len(m.RequestRecordId)))
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
 func (m *AclAccountInviteRevoke) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -1952,6 +2059,27 @@ func (m *AclContentValue_ReadKeyChange) MarshalToSizedBuffer(dAtA []byte) (int,
 	}
 	return len(dAtA) - i, nil
 }
+func (m *AclContentValue_RequestDecline) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *AclContentValue_RequestDecline) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	if m.RequestDecline != nil {
+		{
+			size, err := m.RequestDecline.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintAclrecord(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x42
+	}
+	return len(dAtA) - i, nil
+}
 func (m *AclData) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -2254,6 +2382,10 @@ func (m *AclAccountRequestJoin) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovAclrecord(uint64(l))
 	}
+	l = len(m.Metadata)
+	if l > 0 {
+		n += 1 + l + sovAclrecord(uint64(l))
+	}
 	return n
 }
 
@@ -2278,6 +2410,19 @@ func (m *AclAccountRequestAccept) Size() (n int) {
 	return n
 }
 
+func (m *AclAccountRequestDecline) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.RequestRecordId)
+	if l > 0 {
+		n += 1 + l + sovAclrecord(uint64(l))
+	}
+	return n
+}
+
 func (m *AclAccountInviteRevoke) Size() (n int) {
 	if m == nil {
 		return 0
@@ -2469,6 +2614,18 @@ func (m *AclContentValue_ReadKeyChange) Size() (n int) {
 	}
 	return n
 }
+func (m *AclContentValue_RequestDecline) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.RequestDecline != nil {
+		l = m.RequestDecline.Size()
+		n += 1 + l + sovAclrecord(uint64(l))
+	}
+	return n
+}
 func (m *AclData) Size() (n int) {
 	if m == nil {
 		return 0
@@ -3463,6 +3620,40 @@ func (m *AclAccountRequestJoin) Unmarshal(dAtA []byte) error {
 				m.InviteIdentitySignature = []byte{}
 			}
 			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Metadata", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowAclrecord
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Metadata = append(m.Metadata[:0], dAtA[iNdEx:postIndex]...)
+			if m.Metadata == nil {
+				m.Metadata = []byte{}
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipAclrecord(dAtA[iNdEx:])
@@ -3634,6 +3825,88 @@ func (m *AclAccountRequestAccept) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *AclAccountRequestDecline) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowAclrecord
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AclAccountRequestDecline: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AclAccountRequestDecline: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequestRecordId", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowAclrecord
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.RequestRecordId = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipAclrecord(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *AclAccountInviteRevoke) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -4495,6 +4768,41 @@ func (m *AclContentValue) Unmarshal(dAtA []byte) error {
 			}
 			m.Value = &AclContentValue_ReadKeyChange{v}
 			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequestDecline", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowAclrecord
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthAclrecord
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			v := &AclAccountRequestDecline{}
+			if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			m.Value = &AclContentValue_RequestDecline{v}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipAclrecord(dAtA[iNdEx:])
diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto
index 2ca06396..7219aecd 100644
--- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto
+++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto
@@ -44,6 +44,7 @@ message AclAccountRequestJoin {
     bytes inviteIdentity = 1;
     string inviteRecordId = 2;
     bytes inviteIdentitySignature = 3;
+    bytes metadata = 4;
 }
 
 // AclAccountRequestAccept contains the reference to join record and all read keys, encrypted with the identity of the requestor
@@ -53,6 +54,11 @@ message AclAccountRequestAccept {
     bytes encryptedReadKeys = 3;
 }
 
+// AclAccountRequestDecline contains the reference to join record
+message AclAccountRequestDecline {
+    string requestRecordId = 1;
+}
+
 // AclAccountInviteRevoke revokes the invite record
 message AclAccountInviteRevoke {
     string inviteRecordId = 1;
@@ -96,6 +102,7 @@ message AclContentValue {
         AclAccountPermissionChange permissionChange = 5;
         AclAccountRemove accountRemove = 6;
         AclReadKeyChange readKeyChange = 7;
+        AclAccountRequestDecline requestDecline = 8;
     }
 }
 
diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go
index dde9ae23..496b865d 100644
--- a/commonspace/object/acl/list/aclstate.go
+++ b/commonspace/object/acl/list/aclstate.go
@@ -14,20 +14,22 @@ import (
 var log = logger.NewNamedSugared("common.commonspace.acllist")
 
 var (
-	ErrNoSuchUser              = errors.New("no such user")
-	ErrFailedToDecrypt         = errors.New("failed to decrypt key")
-	ErrUserRemoved             = errors.New("user was removed from the document")
-	ErrDocumentForbidden       = errors.New("your user was forbidden access to the document")
-	ErrUserAlreadyExists       = errors.New("user already exists")
-	ErrNoSuchRecord            = errors.New("no such record")
-	ErrNoSuchInvite            = errors.New("no such invite")
-	ErrOldInvite               = errors.New("invite is too old")
-	ErrInsufficientPermissions = errors.New("insufficient permissions")
-	ErrNoReadKey               = errors.New("acl state doesn't have a read key")
-	ErrNoInvite                = errors.New("can't delete invite record")
-	ErrInvalidSignature        = errors.New("signature is invalid")
-	ErrIncorrectRoot           = errors.New("incorrect root")
-	ErrIncorrectRecordSequence = errors.New("incorrect prev id of a record")
+	ErrNoSuchAccount             = errors.New("no such account")
+	ErrIncorrectInviteKey        = errors.New("incorrect invite key")
+	ErrIncorrectIdentity         = errors.New("incorrect identity")
+	ErrFailedToDecrypt           = errors.New("failed to decrypt key")
+	ErrUserRemoved               = errors.New("user was removed from the document")
+	ErrDocumentForbidden         = errors.New("your user was forbidden access to the document")
+	ErrUserAlreadyExists         = errors.New("user already exists")
+	ErrNoSuchRecord              = errors.New("no such record")
+	ErrNoSuchRequest             = errors.New("no such request")
+	ErrNoSuchInvite              = errors.New("no such invite")
+	ErrInsufficientPermissions   = errors.New("insufficient permissions")
+	ErrIncorrectNumberOfAccounts = errors.New("incorrect number of accounts")
+	ErrNoReadKey                 = errors.New("acl state doesn't have a read key")
+	ErrInvalidSignature          = errors.New("signature is invalid")
+	ErrIncorrectRoot             = errors.New("incorrect root")
+	ErrIncorrectRecordSequence   = errors.New("incorrect prev id of a record")
 )
 
 type UserPermissionPair struct {
@@ -42,6 +44,7 @@ type AclState struct {
 	userStates       map[string]AclUserState
 	statesAtRecord   map[string][]AclUserState
 	inviteKeys       map[string]crypto.PubKey
+	requestRecords   map[string]RequestRecord
 	key              crypto.PrivKey
 	pubKey           crypto.PubKey
 	keyStore         crypto.KeyStorage
@@ -60,6 +63,8 @@ func newAclStateWithKeys(
 		userReadKeys:   make(map[string]crypto.SymKey),
 		userStates:     make(map[string]AclUserState),
 		statesAtRecord: make(map[string][]AclUserState),
+		inviteKeys:     make(map[string]crypto.PubKey),
+		requestRecords: make(map[string]RequestRecord),
 	}, nil
 }
 
@@ -69,6 +74,8 @@ func newAclState(id string) *AclState {
 		userReadKeys:   make(map[string]crypto.SymKey),
 		userStates:     make(map[string]AclUserState),
 		statesAtRecord: make(map[string][]AclUserState),
+		inviteKeys:     make(map[string]crypto.PubKey),
+		requestRecords: make(map[string]RequestRecord),
 	}
 }
 
@@ -100,7 +107,7 @@ func (st *AclState) StateAtRecord(id string, pubKey crypto.PubKey) (AclUserState
 			return perm, nil
 		}
 	}
-	return AclUserState{}, ErrNoSuchUser
+	return AclUserState{}, ErrNoSuchAccount
 }
 
 func (st *AclState) applyRecord(record *AclRecord) (err error) {
@@ -229,7 +236,7 @@ func (st *AclState) applyPermissionChange(ch *aclrecordproto.AclAccountPermissio
 	}
 	state, exists := st.userStates[mapKeyFromPubKey(chIdentity)]
 	if !exists {
-		return ErrNoSuchUser
+		return ErrNoSuchAccount
 	}
 	state.Permissions = AclPermissions(ch.Permissions)
 	return nil
diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go
index 97b19ac5..6ec52b28 100644
--- a/commonspace/object/acl/list/models.go
+++ b/commonspace/object/acl/list/models.go
@@ -16,6 +16,11 @@ type AclRecord struct {
 	Signature []byte
 }
 
+type RequestRecord struct {
+	RequestIdentity crypto.PubKey
+	RequestMetadata []byte
+}
+
 type AclUserState struct {
 	PubKey      crypto.PubKey
 	Permissions AclPermissions
diff --git a/commonspace/object/acl/list/validator.go b/commonspace/object/acl/list/validator.go
index b4972732..6fa8be20 100644
--- a/commonspace/object/acl/list/validator.go
+++ b/commonspace/object/acl/list/validator.go
@@ -1,5 +1,147 @@
 package list
 
-type Validator interface {
-	Validate()
+import (
+	"github.com/anyproto/any-sync/commonspace/object/acl/aclrecordproto"
+	"github.com/anyproto/any-sync/util/crypto"
+)
+
+type ContentValidator interface {
+	ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error)
+	ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error)
+}
+
+type contentValidator struct {
+	keyStore crypto.KeyStorage
+	aclState *AclState
+}
+
+func (c *contentValidator) ValidatePermissionChange(ch *aclrecordproto.AclAccountPermissionChange, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	chIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity)
+	if err != nil {
+		return err
+	}
+	_, exists := c.aclState.userStates[mapKeyFromPubKey(chIdentity)]
+	if !exists {
+		return ErrNoSuchAccount
+	}
+	return
+}
+
+func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	_, err = c.keyStore.PubKeyFromProto(ch.InviteKey)
+	return
+}
+
+func (c *contentValidator) ValidateInviteRevoke(ch *aclrecordproto.AclAccountInviteRevoke, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	_, exists := c.aclState.inviteKeys[ch.InviteRecordId]
+	if !exists {
+		return ErrNoSuchInvite
+	}
+	return
+}
+
+func (c *contentValidator) ValidateRequestJoin(ch *aclrecordproto.AclAccountRequestJoin, id string, authorIdentity crypto.PubKey) (err error) {
+	inviteKey, exists := c.aclState.inviteKeys[ch.InviteRecordId]
+	if !exists {
+		return ErrNoSuchInvite
+	}
+	inviteIdentity, err := c.keyStore.PubKeyFromProto(ch.InviteIdentity)
+	if err != nil {
+		return
+	}
+	if !authorIdentity.Equals(inviteIdentity) {
+		return ErrIncorrectIdentity
+	}
+	rawInviteIdentity, err := inviteIdentity.Raw()
+	if err != nil {
+		return err
+	}
+	ok, err := inviteKey.Verify(rawInviteIdentity, ch.InviteIdentitySignature)
+	if err != nil {
+		return ErrInvalidSignature
+	}
+	if !ok {
+		return ErrInvalidSignature
+	}
+	return
+}
+
+func (c *contentValidator) ValidateRequestAccept(ch *aclrecordproto.AclAccountRequestAccept, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	record, exists := c.aclState.requestRecords[ch.RequestRecordId]
+	if !exists {
+		return ErrNoSuchRequest
+	}
+	acceptIdentity, err := c.keyStore.PubKeyFromProto(ch.Identity)
+	if err != nil {
+		return
+	}
+	if !acceptIdentity.Equals(record.RequestIdentity) {
+		return ErrIncorrectIdentity
+	}
+	return
+}
+
+func (c *contentValidator) ValidateRequestDecline(ch *aclrecordproto.AclAccountRequestDecline, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	_, exists := c.aclState.requestRecords[ch.RequestRecordId]
+	if !exists {
+		return ErrNoSuchRequest
+	}
+	return
+}
+
+func (c *contentValidator) ValidateRemove(ch *aclrecordproto.AclAccountRemove, id string, authorIdentity crypto.PubKey) (err error) {
+	if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
+		return ErrInsufficientPermissions
+	}
+	identity, err := c.keyStore.PubKeyFromProto(ch.Identity)
+	if err != nil {
+		return
+	}
+	_, exists := c.aclState.userStates[mapKeyFromPubKey(identity)]
+	if !exists {
+		return ErrNoSuchAccount
+	}
+	return c.validateAccountReadKeys(ch.AccountKeys)
+}
+
+func (c *contentValidator) ValidateReadKeyChange(ch *aclrecordproto.AclReadKeyChange, id string, authorIdentity crypto.PubKey) (err error) {
+	return c.validateAccountReadKeys(ch.AccountKeys)
+}
+
+func (c *contentValidator) validateAccountReadKeys(accountKeys []*aclrecordproto.AclEncryptedReadKeys) (err error) {
+	if len(accountKeys) != len(c.aclState.userStates) {
+		return ErrIncorrectNumberOfAccounts
+	}
+	for _, encKeys := range accountKeys {
+		identity, err := c.keyStore.PubKeyFromProto(encKeys.Identity)
+		if err != nil {
+			return err
+		}
+		_, exists := c.aclState.userStates[mapKeyFromPubKey(identity)]
+		if !exists {
+			return ErrNoSuchAccount
+		}
+	}
+	return
 }