diff --git a/src/client/component/auth.cpp b/src/client/component/auth.cpp
index ca6ec9a3..2e6cb3e9 100644
--- a/src/client/component/auth.cpp
+++ b/src/client/component/auth.cpp
@@ -108,6 +108,11 @@ namespace auth
 		std::string serialize_connect_data(const char* data, const int length)
 		{
 			utils::byte_buffer buffer{};
+			buffer.write_string(get_key().serialize(PK_PUBLIC));
+
+			const std::string challenge(reinterpret_cast<const char*>(0x15A8A7F10_g), 32);
+			buffer.write_string(utils::cryptography::ecc::sign_message(get_key(), challenge));
+
 			profile_infos::get_profile_info().value_or(profile_infos::profile_info{}).serialize(buffer);
 
 			buffer.write_string(data, static_cast<size_t>(length));
@@ -212,6 +217,23 @@ namespace auth
 		void dispatch_connect_packet(const game::netadr_t& target, const std::string& data)
 		{
 			utils::byte_buffer buffer(data);
+
+			utils::cryptography::ecc::key key{};
+			key.deserialize(buffer.read_string());
+
+			std::string challenge{};
+			challenge.resize(32);
+
+			const auto get_challenge = reinterpret_cast<void(*)(const game::netadr_t*, void*, size_t)>(game::select(
+				0x1412E15E0, 0x14016DDC0));
+			get_challenge(&target, challenge.data(), challenge.size());
+
+			if (!utils::cryptography::ecc::verify_message(key, challenge, buffer.read_string()))
+			{
+				network::send(target, "error", "Bad signature");
+				return;
+			}
+
 			const profile_infos::profile_info info(buffer);
 
 			const auto connect_data = buffer.read_string();
@@ -226,6 +248,11 @@ namespace auth
 
 			const utils::info_string info_string(params[1]);
 			const auto xuid = strtoull(info_string.get("xuid").data(), nullptr, 16);
+			if (xuid != key.get_hash())
+			{
+				network::send(target, "error", "Bad XUID");
+				return;
+			}
 
 			profile_infos::add_and_distribute_profile_info(target, xuid, info);
 
diff --git a/src/client/component/network.cpp b/src/client/component/network.cpp
index 4371a17a..8b90b78e 100644
--- a/src/client/component/network.cpp
+++ b/src/client/component/network.cpp
@@ -304,28 +304,33 @@ namespace network
 		{
 			scheduler::loop(game::fragment_handler::clean, scheduler::async, 5s);
 
-			utils::hook::nop(game::select(0x1423322B6, 0x140596DF6), 4);
 			// don't increment data pointer to optionally skip socket byte
-			utils::hook::call(game::select(0x142332283, 0x140596DC3), read_socket_byte_stub);
+			utils::hook::nop(game::select(0x1423322B6, 0x140596DF6), 4);
+
 			// optionally read socket byte
-			utils::hook::call(game::select(0x1423322C1, 0x140596E01), verify_checksum_stub);
+			utils::hook::call(game::select(0x142332283, 0x140596DC3), read_socket_byte_stub);
+
 			// skip checksum verification
-			utils::hook::set<uint8_t>(game::select(0x14233249E, 0x140596F2E), 0); // don't add checksum to packet
+			utils::hook::call(game::select(0x1423322C1, 0x140596E01), verify_checksum_stub);
+
+			// don't add checksum to packet
+			utils::hook::set<uint8_t>(game::select(0x14233249E, 0x140596F2E), 0);
 
 			// Recreate NET_SendPacket to increase max packet size
 			//utils::hook::jump(game::select(0x1423323B0, 0x140596E40), net_sendpacket_stub);
 
-			utils::hook::set<uint32_t>(game::select(0x14134C6E0, 0x14018E574), 5);
 			// set initial connection state to challenging
+			utils::hook::set<uint32_t>(game::select(0x14134C6E0, 0x14018E574), 4);
 
 			// intercept command handling
 			utils::hook::call(game::select(0x14134D146, 0x14018EED0), utils::hook::assemble(handle_command_stub));
 
-			utils::hook::set<uint8_t>(game::select(0x14224DEAD, 0x1405315F9), 0xEB);
 			// don't kick clients without dw handle
+			utils::hook::set<uint8_t>(game::select(0x14224DEAD, 0x1405315F9), 0xEB);
 
 			// Skip DW stuff in NetAdr_ToString
 			utils::hook::set<uint8_t>(game::select(0x142172EF2, 0x140515881), 0xEB);
+
 			// NA_IP -> NA_RAWIP in NetAdr_ToString
 			utils::hook::set<uint8_t>(game::select(0x142172ED4, 0x140515864), game::NA_RAWIP);
 
diff --git a/src/client/game/structs.hpp b/src/client/game/structs.hpp
index 2f72549a..883c243b 100644
--- a/src/client/game/structs.hpp
+++ b/src/client/game/structs.hpp
@@ -1,6 +1,6 @@
 #pragma once
 
-#define PROTOCOL 5
+#define PROTOCOL 6
 #define SUB_PROTOCOL 1
 
 #ifdef __cplusplus
diff --git a/src/common/utils/cryptography.cpp b/src/common/utils/cryptography.cpp
index 824cb9a7..802f8bcf 100644
--- a/src/common/utils/cryptography.cpp
+++ b/src/common/utils/cryptography.cpp
@@ -1,5 +1,8 @@
 #include "string.hpp"
 #include "cryptography.hpp"
+
+#include <random>
+
 #include "nt.hpp"
 #include "finally.hpp"
 
@@ -116,11 +119,17 @@ namespace utils::cryptography
 
 				int i[4]; // uninitialized data
 				auto* i_ptr = &i;
-				this->add_entropy(reinterpret_cast<uint8_t*>(&i), sizeof(i));
-				this->add_entropy(reinterpret_cast<uint8_t*>(&i_ptr), sizeof(i_ptr));
+				this->add_entropy(&i, sizeof(i));
+				this->add_entropy(&i_ptr, sizeof(i_ptr));
 
 				auto t = time(nullptr);
-				this->add_entropy(reinterpret_cast<uint8_t*>(&t), sizeof(t));
+				this->add_entropy(&t, sizeof(t));
+
+				std::random_device rd{};
+				for (auto j = 0; j < 4; ++j) {
+					const auto x = rd();
+					this->add_entropy(&x, sizeof(x));
+				}
 			}
 		};