diff --git a/docs/about/community.md b/docs/about/community.md
index 23fdd8b..8d671a4 100644
--- a/docs/about/community.md
+++ b/docs/about/community.md
@@ -1,7 +1,9 @@
 PurpleI2P team and community
 ============================
 
-Community IRC channel [i2pd-dev@libera.chat](https://web.libera.chat/?channels=i2pd-dev)
+Community IRC channel on ILITA (irc.ilita.i2p): #dev ([webclient(I2P)](http://irc.acetone.i2p/web/))
+
+Community IRC channel [i2pd-dev@libera.chat](https://web.libera.chat/?channels=i2pd-dev) (not active)
 
 Twitter hashtag [#i2pd](https://twitter.com/hashtag/i2pd)
 
diff --git a/docs/about/history.md b/docs/about/history.md
index e0766c3..eb622d5 100644
--- a/docs/about/history.md
+++ b/docs/about/history.md
@@ -1,3 +1,4 @@
 History
 =======
 
+Empty for now.
diff --git a/docs/devs/api/index.md b/docs/devs/api/index.md
index c8b1f5c..16f26fb 100644
--- a/docs/devs/api/index.md
+++ b/docs/devs/api/index.md
@@ -1,3 +1,4 @@
 Choosing API for your project
 =============================
 
+Empty for now.
diff --git a/docs/devs/api/libi2pd.md b/docs/devs/api/libi2pd.md
index 1ad28df..e241201 100644
--- a/docs/devs/api/libi2pd.md
+++ b/docs/devs/api/libi2pd.md
@@ -1,4 +1,5 @@
 libi2pd
 =======
 
-i2pd can be built in any application with libi2pd
+i2pd can be built in any application with libi2pd.
+Join IRC #dev for more info.
diff --git a/docs/user-guide/FAQ.md b/docs/user-guide/FAQ.md
index 3e2e2eb..dc8d846 100644
--- a/docs/user-guide/FAQ.md
+++ b/docs/user-guide/FAQ.md
@@ -50,7 +50,7 @@ Contact developers with IRC or create an issue on GitHub.
 
 ## What is good tunnel creation success rate value?
 
-Average values are 15% - 40%. Larger is better.
+\>10%. Larger is better.
 
 ## Is there a place I can use to find running I2P websites?
 
@@ -73,9 +73,8 @@ i2pd's socks proxy has an option to pass all non-I2P traffic to the Tor socks pr
 
 ## What is a floodfill mode?
 
-Floodfill mode is a special mode, which contributes to the I2P network more.
-You may want to enable floodfill mode if you have stable uptime and high bandwidth
-to share.
+Floodfill mode make your router a floodfill, that means what other routers will publish and get LeaseSets and RIs on your router. [Read more](http://geti2p.net/en/docs/how/network-database).
+Floodfill mode require more bandwith, CPU time. If you sure, what you have stable uptime, you can enable floodfill: `floodfill = true`
 
 ## How is I2P different from Tor?
 
@@ -92,5 +91,5 @@ Tor is highly centralized by design, while I2P is designed to be decentralized a
 
 ## Can use i2pd as a proxy for regular Internet?
 
-Not out of the box. You better use [Tor](https://www.torproject.org/) for that.
+Yes, but better use [Tor](https://www.torproject.org/) for that.
 
diff --git a/docs/user-guide/configuration.md b/docs/user-guide/configuration.md
index 0d07085..7d170a6 100644
--- a/docs/user-guide/configuration.md
+++ b/docs/user-guide/configuration.md
@@ -48,28 +48,27 @@ tunconf                                | Tunnels config file (default: ~/.i2pd/t
 pidfile                                | Where to write pidfile (default: i2pd.pid, not used in Windows)
 log                                    | Logs destination: stdout, file, syslog (stdout if not set or invalid) (if daemon, stdout/unspecified are replaced by file in some cases)
 logfile                                | Path to logfile (default - autodetect)
-loglevel                               | Log messages above this level (debug, info, warn, error, none; default - info)
-logclftime                             | Write full CLF-formatted date and time to log (default: write only time)
-datadir                                | Path to storage of i2pd data (RI, keys, peer profiles, ...)
-host                                   | Router external IP for incoming connections
-port                                   | Port to listen for incoming connections (default: auto)
-daemon                                 | Router will go to background after start
-service                                | Router will use system folders like '/var/lib/i2pd' (on unix) or 'C:\ProgramData\i2pd' (on Windows). Ignored on MacOS and Android
+loglevel                               | Log messages above this level (debug, info, warn, error, none; default - warn)
+logclftime                             | Write full CLF-formatted date and time to log (default: false (write only time))
+datadir                                | Path to storage of i2pd data (RouterInfos, destinations keys, peer profiles, etc ...)
+host                                   | Router external IP for incoming connections (default: auto if SSU2 is enabled)
+port                                   | Port to listen for incoming connections (default: auto (random))
+daemon                                 | Router will go to background after start (default: true)
+service                                | Router will use system folders like '/var/lib/i2pd' (on unix) or 'C:\ProgramData\i2pd' (on Windows). Ignored on MacOS and Android (default: false)
 ifname                                 | Network interface to bind to
 ifname4                                | Network interface to bind to for IPv4
 ifname6                                | Network interface to bind to for IPv6
 address4                               | Local address to bind to for IPv4
 address6                               | Local address to bind to for clearnet IPv6
-nat                                    | If true, assume we are behind NAT. true by default
-ipv4                                   | Enable communication through IPv4. true by default
-ipv6                                   | Enable communication through clearnet IPv6. false by default
-notransit                              | Router will not accept transit tunnels, disabling transit traffic completely. false by default
-floodfill                              | Router will be floodfill. false by default
-bandwidth                              | Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)
-share                                  | Max % of bandwidth limit for transit. 0-100. 100 by default
+nat                                    | If true, assume we are behind NAT (default: true)
+ipv4                                   | Enable communication through IPv4 (default: true)
+ipv6                                   | Enable communication through clearnet IPv6 (default: false)
+notransit                              | Router will not accept transit tunnels, disabling transit traffic completely (default: false)
+floodfill                              | Router will be floodfill (default: false)
+bandwidth                              | Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (unlimited).
+share                                  | Max % of bandwidth limit for transit. 0-100 (default: 100)
 family                                 | Name of a family, router belongs to
 netid                                  | Network ID, router belongs to. Main I2P is 2.
-ssu                                    | Enable SSU transport protocol (use UDP). true by default
 
 #### Notes
 
@@ -79,9 +78,9 @@ ssu                                    | Enable SSU transport protocol (use UDP)
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-ntcp2.enabled                          | Enable NTCP2. Enabled by default
-ntcp2.published                        | Enable incoming NTCP2 connections. Enabled by default
-ntcp2.port                             | Port to listen for incoming NTCP2 connections (default: auto)
+ntcp2.enabled                          | Enable NTCP2 (default: true)
+ntcp2.published                        | Enable incoming NTCP2 connections (default: true)
+ntcp2.port                             | Port to listen for incoming NTCP2 connections (default: auto - port from general section)
 ntcp2.addressv6                        | External IPv6 for incoming connections
 ntcp2.proxy                            | Specify proxy server for NTCP2. Should be http://address:port or socks://address:port
 
@@ -89,12 +88,12 @@ ntcp2.proxy                            | Specify proxy server for NTCP2. Should
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-ssu2.enabled                           | Enable SSU2. Disabled by default on 2.43.0
-ssu2.published                         | Enable incoming SSU2 connections. Disabled by default on 2.43.0
-ssu2.port                              | Port to listen for incoming SSU2 connections (default: auto - 'port' from general section or 'port + 1' if SSU is enabled)
+ssu2.enabled                           | Enable SSU2 (default: true)
+ssu2.published                         | Enable incoming SSU2 connections. (default: true)
+ssu2.port                              | Port to listen for incoming SSU2 connections (default: auto - 'port' from general section)
 ssu2.proxy                             | Specify UDP socks5 proxy server for NTCP2. Should be socks://address:port  
-ssu2.mtu4                              | MTU for local ipv4. Auto-detect by default  
-ssu2.mtu6                              | MTU for local ipv6. Auto-detect by default  
+ssu2.mtu4                              | MTU for local ipv4. (default: auto)
+ssu2.mtu6                              | MTU for local ipv6. (default: auto)
     
 All options below still possible in cmdline, but better write it in config file:
 
@@ -102,116 +101,116 @@ All options below still possible in cmdline, but better write it in config file:
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-http.enabled                           | If webconsole is enabled. true by default
+http.enabled                           | If webconsole is enabled. (default: true)
 http.address                           | The address to listen on (HTTP server)
-http.port                              | The port to listen on (HTTP server) 7070 by default
-http.auth                              | Enable basic HTTP auth for webconsole
+http.port                              | The port to listen on (HTTP server) (default: 7070)
+http.auth                              | Enable basic HTTP auth for webconsole (default: false)
 http.user                              | Username for basic auth (default: i2pd)
 http.pass                              | Password for basic auth (default: random, see logs)
-http.strictheaders                     | Enable strict host checking on WebUI. true by default
+http.strictheaders                     | Enable strict host checking on WebUI. (default: true)
 http.hostname                          | Expected hostname for WebUI (default: localhost)
 
 ### HTTP proxy
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-httpproxy.enabled                      | If HTTP proxy is enabled. true by default
+httpproxy.enabled                      | If HTTP proxy is enabled. (default: true)
 httpproxy.address                      | The address to listen on (HTTP Proxy)
-httpproxy.port                         | The port to listen on (HTTP Proxy) 4444 by default
-httpproxy.addresshelper                | Enable address helper (jump). true by default
+httpproxy.port                         | The port to listen on (HTTP Proxy) (default: 4444)
+httpproxy.addresshelper                | Enable address helper (jump). (default: true)
 httpproxy.keys                         | Optional keys file for HTTP proxy local destination
-httpproxy.signaturetype                | Signature type for new keys if keys file is set. 7 by default
-httpproxy.inbound.length               | Inbound tunnels length if keys is set. 3 by default
-httpproxy.inbound.quantity             | Inbound tunnels quantity if keys is set. 5 by default
-httpproxy.inbound.lengthVariance       | Inbound tunnels length variance if keys is set. 0 by default
-httpproxy.outbound.length              | Outbound tunnels length if keys is set. 3 by default
-httpproxy.outbound.quantity            | Outbound tunnels quantity if keys is set. 5 by default
-httpproxy.outbound.lengthVariance      | Outbound tunnels length variance if keys is set. 0 by default
+httpproxy.signaturetype                | Signature type for new keys if keys file is set. (default: 7)
+httpproxy.inbound.length               | Inbound tunnels length if keys is set. (default: 3)
+httpproxy.inbound.quantity             | Inbound tunnels quantity if keys is set. (default: 5)
+httpproxy.inbound.lengthVariance       | Inbound tunnels length variance if keys is set. (default: 0)
+httpproxy.outbound.length              | Outbound tunnels length if keys is set. (default: 3)
+httpproxy.outbound.quantity            | Outbound tunnels quantity if keys is set. (default: 5)
+httpproxy.outbound.lengthVariance      | Outbound tunnels length variance if keys is set. (default: 0)
 httpproxy.outproxy                     | HTTP proxy upstream out proxy url (like http://false.i2p)
-httpproxy.i2cp.leaseSetType            | Type of LeaseSet to be sent. 1, 3 or 5. 1 by default
+httpproxy.i2cp.leaseSetType            | Type of LeaseSet to be sent. 1, 3 or 5. (default: 3)
 httpproxy.i2cp.leaseSetEncType         | Comma separated encryption types to be used in LeaseSet type 3 or 5
 
 ### Socks proxy
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-socksproxy.enabled                     | If SOCKS proxy is enabled. true by default
+socksproxy.enabled                     | If SOCKS proxy is enabled. (default: true)
 socksproxy.address                     | The address to listen on (SOCKS Proxy)
-socksproxy.port                        | The port to listen on (SOCKS Proxy). 4447 by default
+socksproxy.port                        | The port to listen on (SOCKS Proxy). (default: 4447)
 socksproxy.keys                        | Optional keys file for SOCKS proxy local destination
-socksproxy.signaturetype               | Signature type for new keys if keys file is set. 7 by default
-socksproxy.inbound.length              | Inbound tunnels length if keys is set. 3 by default
-socksproxy.inbound.quantity            | Inbound tunnels quantity if keys is set. 5 by default
-socksproxy.inbound.lengthVariance      | Inbound tunnels length variance if keys is set. 0 by default
-socksproxy.outbound.length             | Outbound tunnels length if keys is set. 3 by default
-socksproxy.outbound.quantity           | Outbound tunnels quantity if keys is set. 5 by default
-socksproxy.outbound.lengthVariance     | Outbound tunnels length variance if keys is set. 0 by default
-socksproxy.outproxy.enabled            | Enable or disable SOCKS outproxy. Disabled by default
-socksproxy.outproxy                    | Address of outproxy. requests outside I2P will go there
+socksproxy.signaturetype               | Signature type for new keys if keys file is set. (default: 7)
+socksproxy.inbound.length              | Inbound tunnels length if keys is set. (default: 3)
+socksproxy.inbound.quantity            | Inbound tunnels quantity if keys is set. (default: 5)
+socksproxy.inbound.lengthVariance      | Inbound tunnels length variance if keys is set. (default: 0)
+socksproxy.outbound.length             | Outbound tunnels length if keys is set. (default: 3)
+socksproxy.outbound.quantity           | Outbound tunnels quantity if keys is set. (default: 5)
+socksproxy.outbound.lengthVariance     | Outbound tunnels length variance if keys is set. (default: 0)
+socksproxy.outproxy.enabled            | Enable or disable SOCKS outproxy. (default: false)
+socksproxy.outproxy                    | Address of outproxy. Requests outside I2P will go there.
 socksproxy.outproxyport                | Outproxy remote port
-socksproxy.i2cp.leaseSetType           | Type of LeaseSet to be sent. 1, 3 or 5. 1 by default
+socksproxy.i2cp.leaseSetType           | Type of LeaseSet to be sent. 1, 3 or 5. (default: 3)
 socksproxy.i2cp.leaseSetEncType        | Comma separated encryption types to be used in LeaseSet type 3 or 5
 
 ### SAM interface
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
+sam.enabled                            | If SAM is enabled. (default: true)
 sam.address                            | The address to listen on (SAM bridge)
 sam.port                               | Port of SAM bridge. Usually 7656. SAM is off if not specified
-sam.enabled                            | If SAM is enabled. true by default
-sam.singlethread                       | If false every SAM session runs in own thread. true by default
+sam.singlethread                       | If false every SAM session runs in own thread. (default: true)
 
 ### BOB interface
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
+bob.enabled                            | If BOB is enabled. (default: false)
 bob.address                            | The address to listen on (BOB command channel)
 bob.port                               | Port of BOB command channel. Usually 2827. BOB is off if not specified
-bob.enabled                            | If BOB is enabled. false by default
 
 ### I2CP interface
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
+i2cp.enabled                           | If I2CP is enabled. (default: true)
 i2cp.address                           | The address to listen on or an abstract address for Android LocalSocket
 i2cp.port                              | Port of I2CP server. Usually 7654. Ignored for Andorid
-i2cp.enabled                           | If I2CP is enabled. false by default. Other services don't require I2CP
-i2cp.singlethread                      | If false every I2CP session runs in own thread. true by default
+i2cp.singlethread                      | If false every I2CP session runs in own thread. (default: true)
 
 ### I2PControl interface
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
+i2pcontrol.enabled                     | If I2P control is enabled. (default: false)
 i2pcontrol.address                     | The address to listen on (I2P control service)
 i2pcontrol.port                        | Port of I2P control service. Usually 7650. I2PControl is off if not specified
-i2pcontrol.enabled                     | If I2P control is enabled. false by default
-i2pcontrol.password                    | I2P control authentication password. itoopie by default
-i2pcontrol.cert                        | I2P control HTTPS certificate file name. i2pcontrol.crt.pem by default
-i2pcontrol.key                         | I2P control HTTPS certificate key file name. i2pcontrol.key.pem by default
+i2pcontrol.password                    | I2P control authentication password. (default: itoopie)
+i2pcontrol.cert                        | I2P control HTTPS certificate file name. (default: i2pcontrol.crt.pem)
+i2pcontrol.key                         | I2P control HTTPS certificate key file name. (default: i2pcontrol.key.pem)
 
 ### UPNP
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
 upnp.enabled                           | Enable or disable UPnP, false by default for CLI and true for GUI (Windows, Android)
-upnp.name                              | Name i2pd appears in UPnP forwardings list. I2Pd by default
+upnp.name                              | Name i2pd appears in UPnP forwardings list. (default: I2Pd)
 
 ### Cryptography
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-precomputation.elgamal                 | Use ElGamal precomputated tables. false for x64 and true for other platforms by default
+precomputation.elgamal                 | Use ElGamal precomputated tables. (default: false for x86-64 and true for other platforms)
 
 ### Reseeding
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-reseed.verify                          | Verify .su3 signature. false by default
+reseed.verify                          | Verify .su3 signature. (default: false)
 reseed.urls                            | Reseed URLs, separated by comma
 reseed.yggurls                         | Reseed Yggdrasil's URLs, separated by comma
 reseed.file                            | Path to local .su3 file or HTTPS URL to reseed from
 reseed.zipfile                         | Path to local .zip file to reseed from
-reseed.threshold                       | Minimum number of known routers before requesting reseed. 25 by default
+reseed.threshold                       | Minimum number of known routers before requesting reseed. (default: 25)
 reseed.proxy                           | Url for https/socks reseed proxy
 
 ### Addressbook options
@@ -226,46 +225,47 @@ addressbook.hostsfile                  | File to dump AddressesBook in hosts.txt
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-limits.transittunnels                  | Override maximum number of transit tunnels. 2500 by default
-limits.openfiles                       | Limit number of open file descriptors (0 - use system limit)
+limits.transittunnels                  | Override maximum number of transit tunnels. (default: 5000)
+limits.openfiles                       | Limit number of open file descriptors (default: 0 - use system limit)
+limits.coresize                       | Maximum size of corefile in Kb (default: 0 - use system limit)
 
 ### Trust options
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-trust.enabled                          | Enable explicit trust options. false by default
+trust.enabled                          | Enable explicit trust options. (default: false)
 trust.family                           | Make direct I2P connections only to routers in specified Family.
 trust.routers                          | Make direct I2P connections only to routers specified here. Comma separated list of base64 identities.
-trust.hidden                           | Should we hide our router from other routers? false by default
+trust.hidden                           | Should we hide our router from other routers? (default: false)
 
 ### Exploratory tunnels
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-exploratory.inbound.length             | Exploratory inbound tunnels length. 2 by default
-exploratory.inbound.quantity           | Exploratory inbound tunnels quantity. 3 by default
-exploratory.outbound.length            | Exploratory outbound tunnels length. 2 by default
-exploratory.outbound.quantity          | Exploratory outbound tunnels quantity. 3 by default
+exploratory.inbound.length             | Exploratory inbound tunnels length. (default: 2)
+exploratory.inbound.quantity           | Exploratory inbound tunnels quantity. (default: 3)
+exploratory.outbound.length            | Exploratory outbound tunnels length. (default: 2)
+exploratory.outbound.quantity          | Exploratory outbound tunnels quantity. (default: 3)
 
 ### Time sync
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-nettime.enabled                        | Enable NTP sync. Disabled by default
-nettime.ntpservers                     | Comma-separated list of NTP server. pool.ntp.org by default
-nettime.ntpsyncinterval                | NTP time sync interval in hours. 72 by default
+nettime.enabled                        | Enable NTP sync. (default: false)
+nettime.ntpservers                     | Comma-separated list of NTP server. (default: pool.ntp.org)
+nettime.ntpsyncinterval                | NTP time sync interval in hours. (default: 72)
 
 ### Network information persist
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-persist.profiles                       | Enable peer profile persisting to disk. Enabled by default
+persist.profiles                       | Enable peer profile persisting to disk. (default: true)
 
 ### Meshnets transports
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-meshnets.yggdrasil                     | Support transports through the Yggdrasil
+meshnets.yggdrasil                     | Support transports through the Yggdrasil (default: false)
 meshnets.yggaddress                    | Local Yggdrasil's address to publish
 
 ### Windows-specific options
@@ -279,7 +279,7 @@ close                                  | Action on close: minimize, exit, ask
 
 Option                                 | Description
 -------------------------------------- | --------------------------------------
-unix.handle_sigtstp                    | Handle SIGTSTP and SIGCONT signals. Disabled by default
+unix.handle_sigtstp                    | Handle SIGTSTP and SIGCONT signals. (default: false)
 
 `handle_sigtstp` enables handling of SIGTSTP and SIGCONT signals (*since 2.43.0*).
 
diff --git a/docs/user-guide/install.md b/docs/user-guide/install.md
index 05b8d18..00a968e 100644
--- a/docs/user-guide/install.md
+++ b/docs/user-guide/install.md
@@ -92,12 +92,12 @@ run by PurpleI2P community member [villain](https://twitter.com/el_villano_loco)
     systemctl enable --now i2pd
 
 
-## ArchLinux
+## Arch
 
-i2pd packages are available at Community repository for [release version](https://archlinux.org/packages/community/x86_64/i2pd/), and AUR for
+i2pd packages are available at Arch's repository for [release version](https://archlinux.org/packages/community/x86_64/i2pd/), and AUR for
 [nightly builds](https://aur.archlinux.org/packages/i2pd-git/)
 
-## Gentoo Linux
+## Gentoo
 
 i2pd [has a working ebuild in the main gentoo repository](https://packages.gentoo.org/packages/net-vpn/i2pd). As of May 2018, the ebuild 
 is still listed as "unstable", and thus will request an exception in your package.keywords if you are using gentoo under the "stable" branch.
diff --git a/docs/user-guide/run.md b/docs/user-guide/run.md
index 707fef9..b96a37b 100644
--- a/docs/user-guide/run.md
+++ b/docs/user-guide/run.md
@@ -4,7 +4,7 @@ Running i2pd
 Starting, stopping and reloading configuration
 ----------------------------------------------
 
-This chapter explains how to start and manage the i2pd daemon under \*nix operation systems.
+This chapter explains how to start and manage the i2pd daemon under Unix-like operation systems.
 
 After you have built i2pd from source, just run the binary:
 
diff --git a/docs/user-guide/tunnels.md b/docs/user-guide/tunnels.md
index 30aecb7..d5d2951 100644
--- a/docs/user-guide/tunnels.md
+++ b/docs/user-guide/tunnels.md
@@ -56,8 +56,8 @@ Available LeaseSet **types** (parameter `i2cp.leaseSetType = <code>` in a tunnel
 
 Type        | Code | Comment
 ----------- | ---- | -----------
-OLD         | 1    | **Default** for server tunnels because encryption type for server is `0`
-STANDARD    | 3    | **Default** for client tunnels because encryption type can be `0` or `4`
+OLD         | 1    | Deprecated
+STANDARD    | 3    | **Default**
 ENCRYPTED   | 5    | Encrypted LeaseSet. Hiding information from floodfill
 META        | 7    | Not implemented
 
@@ -67,11 +67,11 @@ Available LeaseSet **encryption** types (parameter `i2cp.leaseSetEncType = <code
 
 Type                                 | Code | Comment
 ------------------------------------ | ---- | -----------
-ELGAMAL                              | 0    | **Default** for destinations
+ELGAMAL                              | 0    | **Default** (only for support old routers)
 ECIES_P256_SHA256_AES256CBC          | 1    | Not compatible with Java router
 *ECIES_P384_SHA384_AES256CBC*        | 2    | Not implemented
 *ECIES_P521_SHA512_AES256CBC*        | 3    | Not implemented
-ECIES_X25519_AEAD                    | 4    | **Default** for routers
+ECIES_X25519_AEAD                    | 4    | **Default**
 
 Client tunnels
 --------------
@@ -100,13 +100,15 @@ Optional parameters:
 
 Option              | Description
 --------------------|--------------------
-address             | local interface tunnel binds to, '127.0.0.1' for connections from local host only, '0.0.0.0' for connections from everywhere. '127.0.0.1' by default
-signaturetype       | signature type for new keys. 0 (DSA), 1 (ECDSA-P256), 7 (EDDSA), 11 (RedDSA). RSA signatures (4,5,6) are not allowed and will be changed to 7. 7 by default
-cryptotype          | crypto type for new keys. Experimental. Should be always 0
-destinationport     | connect to particular port at destination. 0 by default (targeting first tunnel on server side for destination)
-keepaliveinterval   | send ping to the destination after this interval in seconds. 0 by default meaning no pings
+address             | Local interface tunnel binds to, '127.0.0.1' for connections from local host only, '0.0.0.0' for connections from everywhere. (default: 127.0.0.1)
+port                | Port of client tunnel.
+signaturetype       | Signature type for new keys. RSA signatures (4,5,6) are not allowed and will be changed to 7. (default: 7)
+cryptotype          | Crypto type for new keys. Experimental. Should be always 0
+destinationport     | Connect to particular port at destination. 0 by default (targeting first tunnel on server side for destination)
+keepaliveinterval   | Send ping to the destination after this interval in seconds. (default: 0 - no pings)
+keys                | Keys for destination. When same for several tunnels, will be using same destination for every tunnel.
 
-So, given the example above, if you connected to 127.0.0.1:6668 on localhost, i2pd would tunnel that connection to irc.ilita.i2p
+So, given the example above, if you connected to 127.0.0.1:6668 on localhost, i2pd would tunnel that connection to irc.ilita.i2p.
 
 Server/generic tunnels
 ----------------------
@@ -136,13 +138,16 @@ Optional parameters:
 
 Option              | Description
 --------------------|--------------------
-inport              | (non-TCP non-UDP) I2P local destination port to listen to; an unsigned 16-bit integer. What port at local destination server tunnel listens to. Same as *port* by default
-accesslist          | list of comma-separated of b32 address (without .b32.i2p) allowed to connect. Everybody is allowed by default
-gzip                | turns internal compression off if set to false. true by default
-signaturetype       | means signature type for new keys. 0 - DSA, 1- ECDSA-P256, 7 -EDDSA, 11 -RedDSA. 7 by default
-cryptotype          | crypto type for new keys. Experimental. Should be always 0
-enableuniquelocal   | if true, connection to local address will look like 127.x.x.x where x.x.x is first 3 bytes of incoming connection peer's ident hash. true by default
+host                | IP address of server (on this address i2pd will send data from I2P)
+port                | Port of server tunnel.
+inport              | (non-TCP non-UDP) I2P local destination port to listen to; an unsigned 16-bit integer. What port at local destination server tunnel listens to (default: same as *port*)
+accesslist          | List of comma-separated of b32 address (without .b32.i2p) allowed to connect. Everybody is allowed by default
+gzip                | Turns internal compression off if set to false. (default: false)
+signaturetype       | Signature type for new keys. (default: 7)
+cryptotype          | Crypto type for new keys. Experimental. Should be always 0
+enableuniquelocal   | If true, connection to local address will look like 127.x.x.x where x.x.x is first 3 bytes of incoming connection peer's ident hash. (default: true)
 address             | IP address of an interface tunnel is connected to *host* from. Usually not used
+keys                | Keys for destination. When same for several tunnels, will be using same destination for every tunnel.
 
 Server/http tunnels
 -------------------
@@ -164,9 +169,8 @@ Optional parameters:
 
 Option              | Description
 --------------------|--------------------
-hostoverride        | value to send in 'Host:' header, default: the same as *host* parameter
-gzip                | should we compress contents at I2P level. default: true
-ssl                 | use SSL connection to upstream server. `hostoverride` parameter can be used to set SNI domain. default: false (since 2.44.0)
+hostoverride        | Value to send in 'Host:' header, default: the same as *host* parameter
+ssl                 | Use SSL connection to upstream server. `hostoverride` parameter can be used to set SNI domain. default: false (since 2.44.0)
 
 Server/IRC tunnels
 -------------------
@@ -177,7 +181,7 @@ Optional parameters:
 
 Option              | Description
 --------------------|--------------------
-webircpassword      | password to send with WEBIRC command
+webircpassword      | Password to send with WEBIRC command
 
 UDP Tunnels
 -----------
@@ -196,10 +200,11 @@ port = 1194
 
 Option              | Description
 --------------------|--------------------
-destination         | the I2P destination of a udpserver tunnel, required parameter
-address             | IP address to bind local UDP endpoint to, defaults to `127.0.0.1`
-port                | port to bind local UDP endpoint to, required parameter
-gzip                | turns internal compression off if set to false. true by default
+destination         | The I2P destination of a udpserver tunnel, required parameter
+address             | IP address to bind local UDP endpoint to (default: `127.0.0.1`)
+port                | Port to bind local UDP endpoint to, required parameter
+gzip                | Turns internal compression off if set to false. (default: false)
+keys                | Keys for destination. When same for several tunnels, will be using same destination for every tunnel.
 
 `udpserver` forwards traffic from N I2P destinations to 1 local UDP endpoint
 
@@ -213,10 +218,11 @@ port = 1194
 
 Option              | Description
 --------------------|--------------------
-address             | IP address to use for local UDP endpoints, defaults to `127.0.0.1`
+address             | IP address to use for local UDP endpoints (default: `127.0.0.1`)
 host                | IP address to forward traffic to, required parameter
 port                | UDP port to forward traffic on, required parameter
-gzip                | turns internal compression off if set to false. true by default
+gzip                | Turns internal compression off if set to false. (default: false)
+keys                | Keys for destination. When same for several tunnels, will be using same destination for every tunnel.
 
 Socks proxy
 -----------
@@ -235,7 +241,7 @@ keys = socks-keys.dat
 
 Option              | Description
 --------------------|--------------------
-address             | local address Socks proxy binds to, defaults to `127.0.0.1`
+address             | Local address Socks proxy binds to (default: `127.0.0.1`)
 port                | TCP port Socks proxy binds to
 
 I2CP parameters
@@ -245,22 +251,23 @@ These I2CP parameter are common for all tunnel types and specify settings for a
 
 Parameter                     | Description
 ------------------------------|--------------------
-inbound.length                | number of hops of an inbound tunnel. 3 by default, 8 by max;  lower value is faster but dangerous
-outbound.length               | number of hops of an outbound tunnel. 3 by default, 8 by max; lower value is faster but dangerous
-inbound.quantity              | number of inbound tunnels. 5 by default, 16 by max
-outbound.quantity             | number of outbound tunnels. 5 by default, 16 by max
-inbound.lengthVariance        | random number of hops to add or subtract to an inbound tunnel between -3 and 3. 0 by default **(since 2.42.0)**
-outbound.lengthVariance       | random number of hops to add or subtract to an outbound tunnel between -3 and 3. 0 by default **(since 2.42.0)**
-crypto.tagsToSend             | number of ElGamal/AES tags to send. 40 by default; too low value may cause problems with tunnel building
-explicitPeers                 | list of comma-separated b64 addresses of peers to use, default: unset
-i2p.streaming.initialAckDelay | milliseconds to wait before sending Ack. 200 by default
-i2p.streaming.answerPings     | enable sending pongs. true by default
-i2cp.leaseSetType             | type of LeaseSet to be sent. 1, 3 or 5. 1 by default
-i2cp.leaseSetEncType          | comma separated encryption types to be used in LeaseSet type 3 or 5. Identity's type by default
-i2cp.leaseSetPrivKey          | decryption key for encrypted LeaseSet in base64. PSK or private DH
-i2cp.leaseSetAuthType         | authentication type for encrypted LeaseSet. 0 - no authentication(default), 1 - DH, 2 - PSK
-i2cp.leaseSetClient.dh.nnn    | client name:client's public DH in base64, for authentication type 1, nnn is integer
-i2cp.leaseSetClient.psk.nnn   | client name:client's PSK in base64, for authentication type 2, nnn is integer
+inbound.length                | Number of hops of an inbound tunnel. 3 by default, 8 by max;  lower value is faster but have more deanonimize risks
+outbound.length               | Number of hops of an outbound tunnel. 3 by default, 8 by max; lower value is faster but have more deanonimize risks
+inbound.quantity              | Number of inbound tunnels. 5 by default, 16 by max
+outbound.quantity             | Number of outbound tunnels. 5 by default, 16 by max
+inbound.lengthVariance        | Random number of hops to add or subtract to an inbound tunnel between -3 and 3. 0 by default **(since 2.42.0)**
+outbound.lengthVariance       | Random number of hops to add or subtract to an outbound tunnel between -3 and 3. 0 by default **(since 2.42.0)**
+crypto.tagsToSend             | Number of ElGamal/AES tags to send. 40 by default; too low value may cause problems with tunnel building
+crypto.ratchet.inboundTags    | None for now
+explicitPeers                 | List of comma-separated b64 addresses of peers to use (default: unset)
+i2p.streaming.initialAckDelay | Milliseconds to wait before sending Ack. (default: 200)
+i2p.streaming.answerPings     | Enable sending pongs. true by default
+i2cp.leaseSetType             | Type of LeaseSet to be sent. 1, 3 or 5. (default: 3)
+i2cp.leaseSetEncType          | Comma separated encryption types to be used in LeaseSet type 3 or 5. (default: 0,4)
+i2cp.leaseSetPrivKey          | Decryption key for encrypted LeaseSet in base64. PSK or private DH
+i2cp.leaseSetAuthType         | Authentication type for encrypted LeaseSet. 0 - no authentication(default), 1 - DH, 2 - PSK
+i2cp.leaseSetClient.dh.nnn    | Client name:client's public DH in base64, for authentication type 1, nnn is integer
+i2cp.leaseSetClient.psk.nnn   | Client name:client's PSK in base64, for authentication type 2, nnn is integer
 
 Other examples
 --------------