diff --git a/libi2pd/Crypto.cpp b/libi2pd/Crypto.cpp
index 4d37b330..0e00a2e8 100644
--- a/libi2pd/Crypto.cpp
+++ b/libi2pd/Crypto.cpp
@@ -1305,6 +1305,16 @@ namespace crypto
 		SHA256_Final (m_H, &ctx);
 	}
 
+	void NoiseSymmetricState::MixHash (const std::vector<std::pair<uint8_t *, size_t> >& bufs)
+	{
+		SHA256_CTX ctx;
+		SHA256_Init (&ctx);
+		SHA256_Update (&ctx, m_H, 32);
+		for (const auto& it: bufs)
+			SHA256_Update (&ctx, it.first, it.second);
+		SHA256_Final (m_H, &ctx);
+	}	
+	
 	void NoiseSymmetricState::MixKey (const uint8_t * sharedSecret)
 	{
 		HKDF (m_CK, sharedSecret, 32, "", m_CK);
diff --git a/libi2pd/Crypto.h b/libi2pd/Crypto.h
index 8966acbc..5e7f0a13 100644
--- a/libi2pd/Crypto.h
+++ b/libi2pd/Crypto.h
@@ -317,6 +317,7 @@ namespace crypto
 		uint8_t m_H[32] /*h*/, m_CK[64] /*[ck, k]*/;
 
 		void MixHash (const uint8_t * buf, size_t len);
+		void MixHash (const std::vector<std::pair<uint8_t *, size_t> >& bufs);
 		void MixKey (const uint8_t * sharedSecret);
 	};
 
diff --git a/libi2pd/SSU2.cpp b/libi2pd/SSU2.cpp
index 3642a806..251b4296 100644
--- a/libi2pd/SSU2.cpp
+++ b/libi2pd/SSU2.cpp
@@ -59,15 +59,15 @@ namespace transport
 		memset (header.h.h2.h.packetNum, 0, 4);
 		header.h.h2.h.type = eSSU2SessionRequest;
 		header.h.h2.h.flags[0] = 2; // ver
-		header.h.h2.h.flags[1] = 2; // netID TODO:
+		header.h.h2.h.flags[1] = (uint8_t)i2p::context.GetNetID (); // netID 
 		header.h.h2.h.flags[2] = 0; // flag
 		RAND_bytes ((uint8_t *)&m_SourceConnID, 8); 
 		memcpy (headerX, &m_SourceConnID, 8); // source id
-		memset (headerX + 8, 0, 8); // token
+		RAND_bytes (headerX + 8, 8); // token
 		memcpy (headerX + 16, m_EphemeralKeys->GetPublicKey (), 32); // X
 		m_Server.AddPendingOutgoingSession (boost::asio::ip::udp::endpoint (m_Address->host, m_Address->port), shared_from_this ());
 		// KDF for session request 
-		m_NoiseState->MixHash (header.buf, 16); // h = SHA256(h || header) TODO: long header
+		m_NoiseState->MixHash ({ {header.buf, 16}, {headerX, 16} }); // h = SHA256(h || header) 
 		m_NoiseState->MixHash (m_EphemeralKeys->GetPublicKey (), 32); // h = SHA256(h || aepk);
 		uint8_t sharedSecret[32];
 		m_EphemeralKeys->Agree (m_Address->s, sharedSecret);
@@ -79,6 +79,7 @@ namespace transport
 		header.ll[1] ^= CreateHeaderMask (m_Address->i, payload + (payloadSize - 12));
 		i2p::crypto::ChaCha20 (headerX, 48, m_Address->i, nonce, headerX);
 		payloadSize += 16;
+		m_NoiseState->MixHash (payload, 32); // h = SHA256(h || 32 byte encrypted payload from Session Request) for SessionCreated
 		// send
 		m_Server.Send (header.buf, 16, headerX, 48, payload, payloadSize, boost::asio::ip::udp::endpoint (m_Address->host, m_Address->port));
 	}	
@@ -87,12 +88,13 @@ namespace transport
 	{
 		// we are Bob
 		m_SourceConnID = connID;
-		Header2 h2;
-		memcpy (h2.buf, buf, 8);
-		h2.ll ^= CreateHeaderMask (i2p::context.GetSSU2IntroKey (), buf + (len - 12));
-		if (h2.h.type != eSSU2SessionRequest) 
+		Header header;
+		header.h.connID = connID;
+		memcpy (header.h.h2.buf, buf, 8);
+		header.h.h2.ll ^= CreateHeaderMask (i2p::context.GetSSU2IntroKey (), buf + (len - 12));
+		if (header.h.h2.h.type != eSSU2SessionRequest) 
 		{
-			LogPrint (eLogWarning, "SSU2: Unexpected message type  ", (int)h2.h.type);
+			LogPrint (eLogWarning, "SSU2: Unexpected message type  ", (int)header.h.h2.h.type);
 			return;
 		}	
 		const uint8_t nonce[12] = {0};
@@ -100,7 +102,7 @@ namespace transport
 		i2p::crypto::ChaCha20 (buf + 16, 48, i2p::context.GetSSU2IntroKey (), nonce, headerX);
 		memcpy (&m_DestConnID, headerX, 8); 
 		// KDF for session request 
-		//m_NoiseState->MixHash (header.buf, 16); // h = SHA256(h || header) TODO: long header
+		m_NoiseState->MixHash ( { {header.buf, 16}, {headerX, 16} } ); // h = SHA256(h || header) 
 		m_NoiseState->MixHash (headerX + 16, 32); // h = SHA256(h || aepk);
 		uint8_t sharedSecret[32];
 		i2p::context.GetSSU2StaticKeys ().Agree (headerX + 16, sharedSecret);
@@ -120,16 +122,37 @@ namespace transport
 	bool SSU2Session::ProcessSessionCreated (uint8_t * buf, size_t len)
 	{
 		// we are Alice
-		Header2 h2;
-		memcpy (h2.buf, buf, 8);
+		Header header;
+		header.h.connID = m_SourceConnID;
+		memcpy (header.h.h2.buf, buf, 8);
 		uint8_t kh2[32];
 		i2p::crypto::HKDF (m_NoiseState->m_CK, nullptr, 0, "SessCreateHeader", kh2, 32); // k_header_2 = HKDF(chainKey, ZEROLEN, "SessCreateHeader", 32)
-		h2.ll ^= CreateHeaderMask (kh2, buf + (len - 12));
-		if (h2.h.type != eSSU2SessionCreated) 
+		header.h.h2.ll ^= CreateHeaderMask (kh2, buf + (len - 12));
+		if (header.h.h2.h.type != eSSU2SessionCreated) 
+		{
+			LogPrint (eLogWarning, "SSU2: Unexpected message type  ", (int)header.h.h2.h.type);
+			return false;
+		}	
+		const uint8_t nonce[12] = {0};
+		uint8_t headerX[48];
+		i2p::crypto::ChaCha20 (buf + 16, 48, kh2, nonce, headerX);
+		// KDF for SessionCreated
+		m_NoiseState->MixHash ( { {header.buf, 16}, {headerX, 16} } ); // h = SHA256(h || header) 
+		m_NoiseState->MixHash (headerX + 16, 32); // h = SHA256(h || bepk);
+		uint8_t sharedSecret[32];
+		m_EphemeralKeys->Agree (headerX + 16, sharedSecret);
+		m_NoiseState->MixKey (sharedSecret);
+		// decrypt
+		uint8_t * payload = buf + 64;
+		if (!i2p::crypto::AEADChaCha20Poly1305 (payload, len - 80, m_NoiseState->m_H, 32, m_NoiseState->m_CK + 32, nonce, payload, len - 80, false))
 		{
-			LogPrint (eLogWarning, "SSU2: Unexpected message type  ", (int)h2.h.type);
+			LogPrint (eLogWarning, "SSU2: SessionCreated AEAD verification failed ");
 			return false;
 		}	
+		// process payload
+		
+		m_Server.AddSession (m_SourceConnID, shared_from_this ());
+		
 		return true;
 	}