diff --git a/src/ringdht/ringaccount.cpp b/src/ringdht/ringaccount.cpp
index 2b6314bcc498d821d4045b984759d910bfc98940..8cedfa2b65bad437d80284e4b35274694fe4551c 100644
--- a/src/ringdht/ringaccount.cpp
+++ b/src/ringdht/ringaccount.cpp
@@ -140,25 +140,13 @@ struct RingAccount::PendingMessage
 };
 
 struct
-RingAccount::SavedTrustRequest {
+RingAccount::TrustRequest {
     dht::InfoHash device;
     time_t received;
     std::vector<uint8_t> payload;
     MSGPACK_DEFINE_MAP(device, received, payload)
 };
 
-struct
-RingAccount::TrustRequest {
-    dht::InfoHash from_device;
-    time_point received;
-    std::vector<uint8_t> payload;
-    TrustRequest() {}
-    TrustRequest(dht::InfoHash device, time_point r, std::vector<uint8_t>&& payload)
-            : from_device(device), received(r), payload(std::move(payload)) {}
-    TrustRequest(SavedTrustRequest&& sr)
-        : from_device(sr.device), received(clock::from_time_t(sr.received)), payload(std::move(sr.payload)) {}
-};
-
 struct RingAccount::Contact
 {
     /** Time of contact addition */
@@ -256,7 +244,8 @@ struct RingAccount::DeviceSync : public dht::EncryptedValue<DeviceSync>
     std::string device_name;
     std::map<dht::InfoHash, std::string> devices_known;
     std::map<dht::InfoHash, Contact> peers;
-    MSGPACK_DEFINE_MAP(date, device_name, devices_known, peers)
+    std::map<dht::InfoHash, TrustRequest> trust_requests;
+    MSGPACK_DEFINE_MAP(date, device_name, devices_known, peers, trust_requests)
 };
 
 static constexpr int ICE_COMPONENTS {1};
@@ -2172,37 +2161,7 @@ RingAccount::doRegister_()
                     }
 
                     RING_WARN("Got trust request from: %s / %s", peer_account.toString().c_str(), v.from.toString().c_str());
-
-                    // Check existing contact
-                    auto contact = this_.contacts_.find(peer_account);
-                    if (contact != this_.contacts_.end()) {
-                        // Contact exists, update confirmation status
-                        contact->second.confirmed = true;
-                        emitSignal<DRing::ConfigurationSignal::ContactAdded>(this_.getAccountID(), peer_account.toString(), true);
-                        // Send confirmation
-                        if (not v.confirm)
-                            this_.sendTrustRequestConfirm(peer_account);
-                        this_.syncDevices();
-                    } else {
-                        // Add trust request
-                        auto req = this_.trustRequests_.find(peer_account);
-                        if (req == this_.trustRequests_.end()) {
-                            req = this_.trustRequests_.emplace(peer_account, TrustRequest{
-                                v.from, clock::now(), std::move(v.payload)
-                            }).first;
-                        } else {
-                            req->second.from_device = v.from;
-                            req->second.received = clock::now();
-                            req->second.payload = std::move(v.payload);
-                        }
-                        this_.saveTrustRequests();
-                        emitSignal<DRing::ConfigurationSignal::IncomingTrustRequest>(
-                            this_.getAccountID(),
-                            req->first.toString(),
-                            req->second.payload,
-                            clock::to_time_t(req->second.received)
-                        );
-                    }
+                    this_.onTrustRequest(peer_account, v.from, time(nullptr), v.confirm, std::move(v.payload));
                 });
                 return true;
             }
@@ -2260,13 +2219,55 @@ RingAccount::doRegister_()
 }
 
 
+void
+RingAccount::onTrustRequest(const dht::InfoHash& peer_account, const dht::InfoHash& peer_device, time_t received, bool confirm, std::vector<uint8_t>&& payload)
+{
+     // Check existing contact
+    auto contact = contacts_.find(peer_account);
+    if (contact != contacts_.end()) {
+        // Send confirmation
+        if (not confirm)
+            sendTrustRequestConfirm(peer_account);
+        // Contact exists, update confirmation status
+        if (not contact->second.confirmed) {
+            contact->second.confirmed = true;
+            emitSignal<DRing::ConfigurationSignal::ContactAdded>(getAccountID(), peer_account.toString(), true);
+            syncDevices();
+        }
+    } else {
+        auto req = trustRequests_.find(peer_account);
+        if (req == trustRequests_.end()) {
+            // Add trust request
+            req = trustRequests_.emplace(peer_account, TrustRequest{
+                peer_device, received, std::move(payload)
+            }).first;
+        } else {
+            // Update trust request
+            if (received < req->second.received) {
+                req->second.device = peer_device;
+                req->second.received = received;
+                req->second.payload = std::move(payload);
+            } else {
+                RING_DBG("[Account %s] Ignoring outdated trust request from %s", getAccountID().c_str(), peer_account.toString().c_str());
+            }
+        }
+        saveTrustRequests();
+        emitSignal<DRing::ConfigurationSignal::IncomingTrustRequest>(
+            getAccountID(),
+            req->first.toString(),
+            req->second.payload,
+            received
+        );
+    }
+}
+
 void
 RingAccount::onPeerMessage(const dht::InfoHash& peer_device, std::function<void(const std::shared_ptr<dht::crypto::Certificate>& crt, const dht::InfoHash& peer_account)> cb)
 {
     // quick check in case we already explicilty banned this public key
     auto trustStatus = trust_.getCertificateStatus(peer_device.toString());
     if (trustStatus == tls::TrustStore::PermissionStatus::BANNED) {
-        RING_WARN("Discarding message from banned peer %s", peer_device.toString().c_str());
+        RING_WARN("[Account %s] Discarding message from banned peer %s", getAccountID().c_str(), peer_device.toString().c_str());
         return;
     }
 
@@ -2277,23 +2278,23 @@ RingAccount::onPeerMessage(const dht::InfoHash& peer_device, std::function<void(
 
         dht::InfoHash peer_account_id;
         if (not this_.foundPeerDevice(cert, peer_account_id)) {
-            RING_WARN("Discarding message from invalid peer certificate %s.", peer_device.toString().c_str());
+            RING_WARN("[Account %s] Discarding message from invalid peer certificate %s.", this_.getAccountID().c_str(), peer_device.toString().c_str());
             return;
         }
 
         if (not this_.dhtPublicInCalls_ and trustStatus != tls::TrustStore::PermissionStatus::ALLOWED) {
             if (!cert or cert->getId() != peer_device) {
-                RING_WARN("Can't find certificate of %s for incoming message.", peer_device.toString().c_str());
+                RING_WARN("[Account %s] Can't find certificate of %s for incoming message.", this_.getAccountID().c_str(), peer_device.toString().c_str());
                 return;
             }
 
             auto& this_ = *shared;
             if (!this_.trust_.isAllowed(*cert)) {
-                RING_WARN("Discarding message from untrusted peer %s.", peer_device.toString().c_str());
+                RING_WARN("[Account %s] Discarding message from untrusted peer %s.", this_.getAccountID().c_str(), peer_device.toString().c_str());
                 return;
             }
         } else if (not this_.dhtPublicInCalls_ or trustStatus == tls::TrustStore::PermissionStatus::BANNED) {
-            RING_WARN("Discarding message from untrusted or banned peer %s.", peer_device.toString().c_str());
+            RING_WARN("[Account %s] Discarding message from untrusted or banned peer %s.", this_.getAccountID().c_str(), peer_device.toString().c_str());
             return;
         }
 
@@ -2929,7 +2930,7 @@ RingAccount::getTrustRequests() const
 {
     std::map<std::string, std::string> ret;
     for (const auto& r : trustRequests_)
-        ret.emplace(r.first.toString(), ring::to_string(clock::to_time_t(r.second.received)));
+        ret.emplace(r.first.toString(), ring::to_string(r.second.received));
     return ret;
 }
 
@@ -2995,18 +2996,13 @@ void
 RingAccount::saveTrustRequests() const
 {
     std::ofstream file(idPath_+DIR_SEPARATOR_STR "incomingTrustRequests", std::ios::trunc);
-
-    std::map<dht::InfoHash, SavedTrustRequest> requests;
-    for (const auto& req : trustRequests_)
-        requests.emplace(req.first, SavedTrustRequest{req.second.from_device, clock::to_time_t(req.second.received), req.second.payload});
-
-    msgpack::pack(file, requests);
+    msgpack::pack(file, trustRequests_);
 }
 
 void
 RingAccount::loadTrustRequests()
 {
-    std::map<dht::InfoHash, SavedTrustRequest> requests;
+    std::map<dht::InfoHash, TrustRequest> requests;
     try {
         // read file
         auto file = fileutils::loadFile("incomingTrustRequests", idPath_);
@@ -3018,16 +3014,8 @@ RingAccount::loadTrustRequests()
         return;
     }
 
-    for (auto& d : requests)
-        trustRequests_.emplace(d.first, TrustRequest(std::move(d.second)));
-    for (auto& r : trustRequests_) {
-        emitSignal<DRing::ConfigurationSignal::IncomingTrustRequest>(
-            getAccountID(),
-            r.first.toString(),
-            r.second.payload,
-            clock::to_time_t(r.second.received)
-        );
-    }
+    for (auto& tr : requests)
+        onTrustRequest(tr.first, tr.second.device, tr.second.received, false, std::move(tr.second.payload));
 }
 
 /* sync */
@@ -3040,6 +3028,21 @@ RingAccount::syncDevices()
     sync_data.date = clock::now().time_since_epoch().count();
     sync_data.device_name = ringDeviceName_;
     sync_data.peers = contacts_;
+
+    static const size_t MAX_TRUST_REQUESTS = 20;
+    if (trustRequests_.size() <= MAX_TRUST_REQUESTS)
+        for (const auto& req : trustRequests_)
+            sync_data.trust_requests.emplace(req.first, TrustRequest{req.second.device, req.second.received, {}});
+    else {
+        size_t inserted = 0;
+        auto req = trustRequests_.lower_bound(dht::InfoHash::getRandom());
+        while (inserted++ < MAX_TRUST_REQUESTS) {
+            sync_data.trust_requests.emplace(req->first, TrustRequest{req->second.device, req->second.received, {}});
+            if (++req == trustRequests_.end())
+                req = trustRequests_.begin();
+        }
+    }
+
     for (const auto& dev : knownDevices_) {
         if (dev.first.toString() == ringDeviceId_)
             sync_data.devices_known.emplace(dev.first, ringDeviceName_);
@@ -3087,6 +3090,10 @@ RingAccount::onReceiveDeviceSync(DeviceSync&& sync)
         updateContact(peer.first, peer.second);
     saveContacts();
 
+    // Sync trust requests
+    for (const auto& tr : sync.trust_requests)
+        onTrustRequest(tr.first, tr.second.device, tr.second.received, false, {});
+
     it->second.last_sync = sync_date;
 }
 
diff --git a/src/ringdht/ringaccount.h b/src/ringdht/ringaccount.h
index 92448abee44ebbb40bc5766e2fd3c223ad0b9cc2..329b802adc2fc0b8c7d5b4ba1242d5d52111fd8d 100644
--- a/src/ringdht/ringaccount.h
+++ b/src/ringdht/ringaccount.h
@@ -331,7 +331,6 @@ class RingAccount : public SIPAccountBase {
          */
         struct PendingCall;
         struct PendingMessage;
-        struct SavedTrustRequest;
         struct TrustRequest;
         struct KnownDevice;
         struct ArchiveContent;
@@ -416,6 +415,8 @@ class RingAccount : public SIPAccountBase {
          */
         void onPeerMessage(const dht::InfoHash& peer_device, std::function<void(const std::shared_ptr<dht::crypto::Certificate>& crt, const dht::InfoHash& account_id)>);
 
+        void onTrustRequest(const dht::InfoHash& peer_account, const dht::InfoHash& peer_device, time_t received , bool confirm, std::vector<uint8_t>&& payload);
+
         /**
          * Maps require port via UPnP
          */