diff --git a/libi2pd/NTCP2.cpp b/libi2pd/NTCP2.cpp
index be584eb1..5e1cbaf6 100644
--- a/libi2pd/NTCP2.cpp
+++ b/libi2pd/NTCP2.cpp
@@ -718,8 +718,6 @@ namespace transport
 						Terminate ();
 						return;
 					}
-					ri.GetProfile ()->Connected ();	
-					i2p::data::UpdateStaticKey (addr->s, ri.GetIdentHash ()); // good static key
 					i2p::data::netdb.PostI2NPMsg (CreateI2NPMessage (eI2NPDummyMsg, buf.data () + 3, size)); // TODO: should insert ri and not parse it twice
 					// TODO: process options
 
diff --git a/libi2pd/Profiling.cpp b/libi2pd/Profiling.cpp
index 45e4ae22..754a2ce3 100644
--- a/libi2pd/Profiling.cpp
+++ b/libi2pd/Profiling.cpp
@@ -320,33 +320,5 @@ namespace data
 			}
 		}
 	}
-		
-// 	static keys
-
-	struct StaticKeyProfile
-	{
-		i2p::data::IdentHash ident;
-		boost::posix_time::ptime lastUpdateTime;
-	};		
-	//static i2p::fs::HashedStorage g_StaticKeysProfilesStorage("statickeysProfiles", "s", "statickey-", "txt");
-	static std::unordered_map<i2p::data::Tag<32>, std::shared_ptr<StaticKeyProfile> > g_StaticKeysProfiles;	
-	static std::mutex g_StaticKeysProfilesMutex;	
-
-	bool CheckStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident)
-	{
-		std::unique_lock<std::mutex> l(g_StaticKeysProfilesMutex);
-		auto it = g_StaticKeysProfiles.find (staticKey);
-		if (it != g_StaticKeysProfiles.end ())
-			return it->second->ident == ident;
-		return true;
-	}	
-
-	void UpdateStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident)
-	{
-		std::unique_lock<std::mutex> l(g_StaticKeysProfilesMutex);
-		auto res = g_StaticKeysProfiles.emplace (staticKey, std::make_shared<StaticKeyProfile>(StaticKeyProfile{ident, GetTime ()}));
-		if (!res.second)
-			res.first->second->lastUpdateTime = GetTime ();
-	}	
 }
 }
diff --git a/libi2pd/Profiling.h b/libi2pd/Profiling.h
index 2520a6af..6b814893 100644
--- a/libi2pd/Profiling.h
+++ b/libi2pd/Profiling.h
@@ -84,7 +84,7 @@ namespace data
 			// usage
 			uint32_t m_NumTimesTaken;
 			uint32_t m_NumTimesRejected;
-			bool m_HasConnected; // incoming connection received
+			bool m_HasConnected; // successful trusted(incoming or NTCP2) connection 
 	};
 
 	std::shared_ptr<RouterProfile> GetRouterProfile (const IdentHash& identHash);
@@ -92,10 +92,6 @@ namespace data
 	void DeleteObsoleteProfiles ();
 	void SaveProfiles ();
 	void PersistProfiles ();
-
-	// static keys
-	bool CheckStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident);
-	void UpdateStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident);
 }
 }
 
diff --git a/libi2pd/RouterInfo.cpp b/libi2pd/RouterInfo.cpp
index 0cf5a0c5..5ba8a5b1 100644
--- a/libi2pd/RouterInfo.cpp
+++ b/libi2pd/RouterInfo.cpp
@@ -293,7 +293,8 @@ namespace data
 				else if (!strcmp (key, "s")) // ntcp2 or ssu2 static key
 				{
 					Base64ToByteStream (value, strlen (value), address->s, 32);
-					isStaticKey = true;
+					if (!(address->s[31] & 0x80)) // check if x25519 public key
+						isStaticKey = true;
 				}
 				else if (!strcmp (key, "i")) // ntcp2 iv or ssu2 intro
 				{
@@ -363,9 +364,6 @@ namespace data
 				if (!s) return;
 			}
 			
-            if ((address->s[31] & 0x80) || !i2p::data::CheckStaticKey(address->s, GetIdentHash()))
-                continue; // skip address
-			
 			if (address->transportStyle == eTransportNTCP2)
 			{
 				if (isStaticKey)
@@ -391,7 +389,7 @@ namespace data
 					}
 				}
 			}
-			else if (address->transportStyle == eTransportSSU2 && isV2)
+			else if (address->transportStyle == eTransportSSU2 && isV2 && isStaticKey)
 			{
 				if (address->IsV4 ()) supportedTransports |= eSSU2V4;
 				if (address->IsV6 ()) supportedTransports |= eSSU2V6;
diff --git a/libi2pd/SSU2Session.cpp b/libi2pd/SSU2Session.cpp
index efe7117d..49004437 100644
--- a/libi2pd/SSU2Session.cpp
+++ b/libi2pd/SSU2Session.cpp
@@ -1075,8 +1075,6 @@ namespace transport
 			return false;
 		}
 		SetRemoteIdentity (ri->GetRouterIdentity ());
-		ri->GetProfile ()->Connected ();
-		i2p::data::UpdateStaticKey (m_Address->s, ri->GetIdentHash ()); // good static key
 		AdjustMaxPayloadSize ();
 		m_Server.AddSessionByRouterHash (shared_from_this ()); // we know remote router now
 		m_RemoteTransports = ri->GetCompatibleTransports (false);
diff --git a/libi2pd/Transports.cpp b/libi2pd/Transports.cpp
index 5693719c..f66a8f96 100644
--- a/libi2pd/Transports.cpp
+++ b/libi2pd/Transports.cpp
@@ -507,11 +507,6 @@ namespace transport
 							peer.router->GetPublishedNTCP2V6Address () : peer.router->GetPublishedNTCP2V4Address ();
 						if (address && m_CheckReserved && i2p::util::net::IsInReservedRange(address->host))
 							address = nullptr;
-						if (address && !i2p::data::CheckStaticKey (address->s, ident))
-						{
-							LogPrint (eLogWarning, "Transports: NTCP2 address static key router mismatch ", ident.ToBase64 ());
-							address = nullptr;
-						}	
 						if (address)
 						{
 							auto s = std::make_shared<NTCP2Session> (*m_NTCP2Server, peer.router, address);
@@ -531,11 +526,6 @@ namespace transport
 							peer.router->GetSSU2V6Address () : peer.router->GetSSU2V4Address ();
 						if (address && m_CheckReserved && i2p::util::net::IsInReservedRange(address->host))
 							address = nullptr;
-						if (address && !i2p::data::CheckStaticKey (address->s, ident))
-						{
-							LogPrint (eLogWarning, "Transports: SSU2 address static key router mismatch ", ident.ToBase64 ());
-							address = nullptr;
-						}	
 						if (address && address->IsReachableSSU ())
 						{
 							if (m_SSU2Server->CreateSession (peer.router, address))
@@ -547,11 +537,6 @@ namespace transport
 					{
 						if (!m_NTCP2Server) continue;
 						auto address = peer.router->GetYggdrasilAddress ();
-						if (address && !i2p::data::CheckStaticKey (address->s, ident))
-						{
-							LogPrint (eLogWarning, "Transports: Yggdrasil address static key router mismatch ", ident.ToBase64 ());
-							address = nullptr;
-						}	
 						if (address)
 						{
 							auto s = std::make_shared<NTCP2Session> (*m_NTCP2Server, peer.router, address);
@@ -606,7 +591,7 @@ namespace transport
 			peer.router->GetCompatibleTransports (true);
 		peer.numAttempts = 0;
 		peer.priority.clear ();
-		bool ssu2 = rand () & 1;
+		bool ssu2 = peer.router->GetProfile ()->IsReal () ? (rand () & 1) : false; // try NTCP2 if router is not confirmed real
 		const auto& priority = ssu2 ? ssu2Priority : ntcp2Priority;
 		for (auto transport: priority)
 			if (transport & compatibleTransports)
@@ -724,6 +709,13 @@ namespace transport
 					for (int i = 0; i < numExcluded; i++)
 						transports |= it->second.priority[i];
 					i2p::data::netdb.ExcludeReachableTransports (ident, transports);
+				}	
+				if (it->second.router)
+				{	
+					auto transport = it->second.priority[it->second.numAttempts];
+					if (transport == i2p::data::RouterInfo::eNTCP2V4 || 
+						transport == i2p::data::RouterInfo::eNTCP2V6 || transport == i2p::data::RouterInfo::eNTCP2V6Mesh)
+						it->second.router->GetProfile ()->Connected (); // outgoing NTCP2 connection if always real
 				}		
 				it->second.numAttempts = 0;
 				it->second.router = nullptr; // we don't need RouterInfo after successive connect
@@ -755,6 +747,7 @@ namespace transport
 				if (!session->IsOutgoing ()) // incoming
 					session->SendI2NPMessages ({ CreateDatabaseStoreMsg () }); // send DatabaseStore
 				auto r = i2p::data::netdb.FindRouter (ident); // router should be in netdb after SessionConfirmed
+				if (r) r->GetProfile ()->Connected ();
 				auto ts = i2p::util::GetSecondsSinceEpoch ();
 				std::unique_lock<std::mutex> l(m_PeersMutex);
 				auto it = m_Peers.insert (std::make_pair (ident, Peer{ r, ts })).first;