diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ccbd9c7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+.gradle
+.idea
+build
+*.iml
+local.properties
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..7518ddd
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,8 @@
+apply plugin: 'groovy'
+
+dependencies {
+    compile gradleApi()
+    compile localGroovy()
+}
+
+
diff --git a/src/main/groovy/org/whispersystems/witness/WitnessPlugin.groovy b/src/main/groovy/org/whispersystems/witness/WitnessPlugin.groovy
new file mode 100644
index 0000000..437570a
--- /dev/null
+++ b/src/main/groovy/org/whispersystems/witness/WitnessPlugin.groovy
@@ -0,0 +1,64 @@
+package org.whispersystems.witness
+
+import org.gradle.api.InvalidUserDataException
+import org.gradle.api.Plugin
+import org.gradle.api.Project
+import org.gradle.api.artifacts.ResolvedArtifact
+
+import java.security.MessageDigest
+
+class WitnessPluginExtension {
+    List verify
+}
+
+class WitnessPlugin implements Plugin<Project> {
+
+    static String calculateSha256(file) {
+        MessageDigest md = MessageDigest.getInstance("SHA-256");
+        file.eachByte 4096, {bytes, size ->
+            md.update(bytes, 0, size);
+        }
+        return md.digest().collect {String.format "%02x", it}.join();
+    }
+
+    void apply(Project project) {
+        project.extensions.create("dependencyVerification", WitnessPluginExtension)
+        project.afterEvaluate {
+            project.dependencyVerification.verify.each {
+                assertion ->
+                    List  parts  = assertion.tokenize(":")
+                    String group = parts.get(0)
+                    String name  = parts.get(1)
+                    String hash  = parts.get(2)
+
+                    ResolvedArtifact dependency = project.configurations.compile.resolvedConfiguration.resolvedArtifacts.find {
+                        return it.name.equals(name) && it.resolvedDependency.moduleGroup.equals(group)
+                    }
+
+                    println "Verifying " + group + ":" + name
+
+                    if (dependency == null) {
+                        throw new InvalidUserDataException("No dependency for integrity assertion found: " + group + ":" + name)
+                    }
+
+                    if (!hash.equals(calculateSha256(dependency.file))) {
+                        throw new InvalidUserDataException("Checksum failed for " + assertion)
+                    }
+            }
+        }
+
+        project.task('calculateChecksums') << {
+            println "dependencyVerification {"
+            println "    verify = ["
+
+            project.configurations.compile.resolvedConfiguration.resolvedArtifacts.each {
+                dep ->
+                    println "        '" + dep.resolvedDependency.moduleGroup+ ":" + dep.name + ":" + calculateSha256(dep.file) + "',"
+            }
+
+            println "    ]"
+            println "}"
+        }
+    }
+}
+
diff --git a/src/main/resources/META-INF/gradle-plugins/witness.properties b/src/main/resources/META-INF/gradle-plugins/witness.properties
new file mode 100644
index 0000000..dae767f
--- /dev/null
+++ b/src/main/resources/META-INF/gradle-plugins/witness.properties
@@ -0,0 +1 @@
+implementation-class=org.whispersystems.witness.WitnessPlugin