diff --git a/src/authentication.rs b/src/authentication.rs
index 50ed06e..7bcd358 100644
--- a/src/authentication.rs
+++ b/src/authentication.rs
@@ -1,4 +1,4 @@
-use std::{error::Error, os::raw, time::SystemTime};
+use std::{error::Error, time::SystemTime};
 
 use jsonwebtoken::{decode, encode, Algorithm, DecodingKey, EncodingKey, TokenData, Validation};
 use serde::{Deserialize, Serialize};
@@ -30,8 +30,18 @@ pub struct AuthenticationTokenGranter {
 impl AuthenticationTokenGranter {
     pub async fn token_request(
         &mut self,
-        request: AuthenticationTokenRequest,
+        raw_request: InstanceAuthenticated<AuthenticationTokenRequest>,
     ) -> Result<AuthenticationTokenResponse, Box<dyn Error + Send>> {
+        let request = raw_request.inner().await;
+
+        info!("Ensuring token request is from the same instance...");
+        raw_request
+            .validate(&Instance {
+                url: String::from("giterated.dev"),
+            })
+            .await
+            .unwrap();
+
         let secret_key = self.config["authentication"]["secret_key"]
             .as_str()
             .unwrap();
@@ -85,18 +95,26 @@ impl AuthenticationTokenGranter {
     ) -> Result<TokenExtensionResponse, Box<dyn Error + Send>> {
         let request = raw_request.inner().await;
 
-        let server_public_key = {
-            let mut file = File::open(self.config["keys"]["public"].as_str().unwrap())
-                .await
-                .unwrap();
+        // let server_public_key = {
+        //     let mut file = File::open(self.config["keys"]["public"].as_str().unwrap())
+        //         .await
+        //         .unwrap();
 
-            let mut key = vec![];
-            file.read_to_end(&mut key).await.unwrap();
+        //     let mut key = String::default();
+        //     file.read_to_string(&mut key).await.unwrap();
 
-            key
-        };
+        //     key
+        // };
+
+        let server_public_key = public_key(&Instance {
+            url: String::from("giterated.dev"),
+        })
+        .await
+        .unwrap();
 
-        let verification_key = DecodingKey::from_rsa_pem(&server_public_key).unwrap();
+        println!("Our Public Key:\n{}", server_public_key);
+
+        let verification_key = DecodingKey::from_rsa_pem(server_public_key.as_bytes()).unwrap();
 
         let data: TokenData<UserTokenMetadata> = decode(
             &request.token,
@@ -116,11 +134,11 @@ impl AuthenticationTokenGranter {
 
             panic!()
         }
-
-        let requester_public_key = public_key(&data.claims.generated_for).await.unwrap();
-
         // Validate request
-        raw_request.validate(requester_public_key).await.unwrap();
+        raw_request
+            .validate(&data.claims.generated_for)
+            .await
+            .unwrap();
         info!("Validated request for key extension");
 
         let private_key = {
diff --git a/src/connection.rs b/src/connection.rs
index c6e4872..0b307e2 100644
--- a/src/connection.rs
+++ b/src/connection.rs
@@ -395,7 +395,7 @@ pub async fn connection_worker(
                         let response = granter
                             .extension_request(request.clone())
                             .await
-                            .unwrap_or_else(|_| TokenExtensionResponse { new_token: None });
+                            .unwrap_or(TokenExtensionResponse { new_token: None });
                         drop(granter);
 
                         socket
diff --git a/src/messages/authentication.rs b/src/messages/authentication.rs
index f86e6c6..aa59e6a 100644
--- a/src/messages/authentication.rs
+++ b/src/messages/authentication.rs
@@ -10,7 +10,7 @@ pub enum AuthenticationMessage {
 
 #[derive(Clone, Serialize, Deserialize)]
 pub enum AuthenticationRequest {
-    AuthenticationToken(AuthenticationTokenRequest),
+    AuthenticationToken(InstanceAuthenticated<AuthenticationTokenRequest>),
     TokenExtension(InstanceAuthenticated<TokenExtensionRequest>),
 }
 
diff --git a/src/messages/mod.rs b/src/messages/mod.rs
index e6820da..712614c 100644
--- a/src/messages/mod.rs
+++ b/src/messages/mod.rs
@@ -2,7 +2,6 @@ use std::{error::Error, fmt::Debug};
 
 use rsa::{
     pkcs1::{DecodeRsaPrivateKey, DecodeRsaPublicKey},
-    pkcs8::{DecodePrivateKey, DecodePublicKey},
     pss::{Signature, SigningKey, VerifyingKey},
     sha2::Sha256,
     signature::{RandomizedSigner, SignatureEncoding, Verifier},
@@ -87,8 +86,9 @@ impl<T: Serialize> InstanceAuthenticated<T> {
         &self.message
     }
 
-    pub async fn validate(&self, key: String) -> Result<(), Box<dyn Error>> {
-        let public_key = RsaPublicKey::from_pkcs1_pem(&key).unwrap();
+    pub async fn validate(&self, instance: &Instance) -> Result<(), Box<dyn Error>> {
+        let public_key = public_key(instance).await?;
+        let public_key = RsaPublicKey::from_pkcs1_pem(&public_key).unwrap();
 
         let verifying_key: VerifyingKey<Sha256> = VerifyingKey::new(public_key);
 
@@ -182,3 +182,12 @@ impl<T: Serialize> UserAuthenticated<T> {
         Ok(())
     }
 }
+
+async fn public_key(instance: &Instance) -> Result<String, Box<dyn Error>> {
+    let key = reqwest::get(format!("https://{}/.giterated/pubkey.pem", instance.url))
+        .await?
+        .text()
+        .await?;
+
+    Ok(key)
+}