diff --git a/.babelrc b/.babelrc
index 3c078e9f..7273d212 100644
--- a/.babelrc
+++ b/.babelrc
@@ -1,5 +1,9 @@
 {
-  "presets": [
-    "es2015"
-  ]
+    "plugins": [
+        "transform-flow-strip-types"
+    ],
+    "presets": [
+        "es2015",
+        "stage-0"
+    ]
 }
diff --git a/.flowconfig b/.flowconfig
new file mode 100644
index 00000000..c13f93b6
--- /dev/null
+++ b/.flowconfig
@@ -0,0 +1,9 @@
+[ignore]
+.*/node_modules/
+.*/lib/
+
+[include]
+
+[libs]
+
+[options]
diff --git a/package.json b/package.json
index 2d7fa619..cc2ff211 100644
--- a/package.json
+++ b/package.json
@@ -29,11 +29,14 @@
     "babel-cli": "^6.5.1",
     "babel-core": "^6.5.1",
     "babel-istanbul": "^0.6.0",
+    "babel-plugin-transform-flow-strip-types": "^6.5.0",
     "babel-preset-es2015": "^6.5.0",
+    "babel-preset-stage-0": "^6.5.0",
     "babel-register": "^6.5.1",
     "codecov": "^1.0.1",
     "cross-env": "^1.0.7",
     "deep-diff": "^0.3.3",
+    "flow-bin": "^0.22.0",
     "gaze": "^0.5.2",
     "jasmine": "^2.3.2",
     "mongodb-runner": "^3.1.15",
diff --git a/src/cryptoUtils.js b/src/cryptoUtils.js
index 2f83defd..47bc2e45 100644
--- a/src/cryptoUtils.js
+++ b/src/cryptoUtils.js
@@ -1,7 +1,9 @@
+/* @flow */
+
 import { randomBytes } from 'crypto';
 
 // Returns a new random hex string of the given even size.
-export function randomHexString(size) {
+export function randomHexString(size: number): string {
   if (size === 0) {
     throw new Error('Zero-length randomHexString is useless.');
   }
@@ -17,28 +19,28 @@ export function randomHexString(size) {
 // because chars length of 62 doesn't divide the number of all bytes
 // (256) evenly. Such bias is acceptable for most cases when the output
 // length is long enough and doesn't need to be uniform.
-export function randomString(size) {
+export function randomString(size: number): string {
   if (size === 0) {
     throw new Error('Zero-length randomString is useless.');
   }
-  var chars = ('ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
+  let chars = ('ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
                'abcdefghijklmnopqrstuvwxyz' +
                '0123456789');
-  var objectId = '';
-  var bytes = randomBytes(size);
-  for (var i = 0; i < bytes.length; ++i) {
+  let objectId = '';
+  let bytes = randomBytes(size);
+  for (let i = 0; i < bytes.length; ++i) {
     objectId += chars[bytes.readUInt8(i) % chars.length];
   }
   return objectId;
 }
 
 // Returns a new random alphanumeric string suitable for object ID.
-export function newObjectId() {
+export function newObjectId(): string {
   //TODO: increase length to better protect against collisions.
   return randomString(10);
 }
 
 // Returns a new random hex string suitable for secure tokens.
-export function newToken() {
+export function newToken(): string {
   return randomHexString(32);
 }