diff --git a/proxy/vmess/encoding/auth.go b/proxy/vmess/encoding/auth.go
index b96ed5b8d..ecc267e4b 100644
--- a/proxy/vmess/encoding/auth.go
+++ b/proxy/vmess/encoding/auth.go
@@ -41,23 +41,23 @@ type FnvAuthenticator struct {
 }
 
 // NonceSize implements AEAD.NonceSize().
-func (v *FnvAuthenticator) NonceSize() int {
+func (*FnvAuthenticator) NonceSize() int {
 	return 0
 }
 
 // Overhead impelements AEAD.Overhead().
-func (v *FnvAuthenticator) Overhead() int {
+func (*FnvAuthenticator) Overhead() int {
 	return 4
 }
 
 // Seal implements AEAD.Seal().
-func (v *FnvAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
+func (*FnvAuthenticator) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
 	dst = serial.Uint32ToBytes(Authenticate(plaintext), dst)
 	return append(dst, plaintext...)
 }
 
 // Open implements AEAD.Open().
-func (v *FnvAuthenticator) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+func (*FnvAuthenticator) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
 	if serial.BytesToUint32(ciphertext[:4]) != Authenticate(ciphertext[4:]) {
 		return dst, newError("invalid authentication")
 	}
@@ -87,7 +87,7 @@ func NewShakeSizeParser(nonce []byte) *ShakeSizeParser {
 	}
 }
 
-func (s *ShakeSizeParser) SizeBytes() int {
+func (*ShakeSizeParser) SizeBytes() int {
 	return 2
 }
 
diff --git a/proxy/vmess/encoding/client.go b/proxy/vmess/encoding/client.go
index 40f948156..5d550697e 100644
--- a/proxy/vmess/encoding/client.go
+++ b/proxy/vmess/encoding/client.go
@@ -187,20 +187,20 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 	panic("Unknown security type.")
 }
 
-func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) {
-	aesStream := crypto.NewAesDecryptionStream(v.responseBodyKey, v.responseBodyIV)
-	v.responseReader = crypto.NewCryptionReader(aesStream, reader)
+func (c *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) {
+	aesStream := crypto.NewAesDecryptionStream(c.responseBodyKey, c.responseBodyIV)
+	c.responseReader = crypto.NewCryptionReader(aesStream, reader)
 
 	buffer := make([]byte, 256)
 
-	_, err := io.ReadFull(v.responseReader, buffer[:4])
+	_, err := io.ReadFull(c.responseReader, buffer[:4])
 	if err != nil {
 		log.Trace(newError("failed to read response header").Base(err))
 		return nil, err
 	}
 
-	if buffer[0] != v.responseHeader {
-		return nil, newError("unexpected response header. Expecting ", int(v.responseHeader), " but actually ", int(buffer[0]))
+	if buffer[0] != c.responseHeader {
+		return nil, newError("unexpected response header. Expecting ", int(c.responseHeader), " but actually ", int(buffer[0]))
 	}
 
 	header := &protocol.ResponseHeader{
@@ -210,7 +210,7 @@ func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
 	if buffer[2] != 0 {
 		cmdID := buffer[2]
 		dataLen := int(buffer[3])
-		_, err := io.ReadFull(v.responseReader, buffer[:dataLen])
+		_, err := io.ReadFull(c.responseReader, buffer[:dataLen])
 		if err != nil {
 			log.Trace(newError("failed to read response command").Base(err))
 			return nil, err
@@ -225,10 +225,10 @@ func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
 	return header, nil
 }
 
-func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
+func (c *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
 	var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
 	if request.Option.Has(protocol.RequestOptionChunkMasking) {
-		sizeParser = NewShakeSizeParser(v.responseBodyIV)
+		sizeParser = NewShakeSizeParser(c.responseBodyIV)
 	}
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
@@ -255,20 +255,20 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			return crypto.NewAuthenticationReader(auth, sizeParser, v.responseReader, request.Command.TransferType())
+			return crypto.NewAuthenticationReader(auth, sizeParser, c.responseReader, request.Command.TransferType())
 		}
 
-		return buf.NewReader(v.responseReader)
+		return buf.NewReader(c.responseReader)
 	}
 
 	if request.Security.Is(protocol.SecurityType_AES128_GCM) {
-		block, _ := aes.NewCipher(v.responseBodyKey)
+		block, _ := aes.NewCipher(c.responseBodyKey)
 		aead, _ := cipher.NewGCM(block)
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), c.responseBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
@@ -277,12 +277,12 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 	}
 
 	if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
-		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
+		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(c.responseBodyKey))
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), c.responseBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
diff --git a/proxy/vmess/encoding/server.go b/proxy/vmess/encoding/server.go
index 594766094..8f49a56d1 100644
--- a/proxy/vmess/encoding/server.go
+++ b/proxy/vmess/encoding/server.go
@@ -112,7 +112,7 @@ func NewServerSession(validator protocol.UserValidator, sessionHistory *SessionH
 	}
 }
 
-func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
+func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
 	buffer := make([]byte, 512)
 
 	_, err := io.ReadFull(reader, buffer[:protocol.IDBytesLen])
@@ -120,7 +120,7 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
 		return nil, newError("failed to read request header").Base(err)
 	}
 
-	user, timestamp, valid := v.userValidator.Get(buffer[:protocol.IDBytesLen])
+	user, timestamp, valid := s.userValidator.Get(buffer[:protocol.IDBytesLen])
 	if !valid {
 		return nil, newError("invalid user")
 	}
@@ -152,18 +152,18 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
 		return nil, newError("invalid protocol version ", request.Version)
 	}
 
-	v.requestBodyIV = append([]byte(nil), buffer[1:17]...)   // 16 bytes
-	v.requestBodyKey = append([]byte(nil), buffer[17:33]...) // 16 bytes
+	s.requestBodyIV = append([]byte(nil), buffer[1:17]...)   // 16 bytes
+	s.requestBodyKey = append([]byte(nil), buffer[17:33]...) // 16 bytes
 	var sid sessionId
 	copy(sid.user[:], vmessAccount.ID.Bytes())
-	copy(sid.key[:], v.requestBodyKey)
-	copy(sid.nonce[:], v.requestBodyIV)
-	if v.sessionHistory.has(sid) {
+	copy(sid.key[:], s.requestBodyKey)
+	copy(sid.nonce[:], s.requestBodyIV)
+	if s.sessionHistory.has(sid) {
 		return nil, newError("duplicated session id, possibly under replay attack")
 	}
-	v.sessionHistory.add(sid)
+	s.sessionHistory.add(sid)
 
-	v.responseHeader = buffer[33]                       // 1 byte
+	s.responseHeader = buffer[33]                       // 1 byte
 	request.Option = protocol.RequestOption(buffer[34]) // 1 byte
 	padingLen := int(buffer[35] >> 4)
 	request.Security = protocol.NormSecurity(protocol.Security(buffer[35] & 0x0F))
@@ -235,10 +235,10 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
 	return request, nil
 }
 
-func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
+func (s *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
 	var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
 	if request.Option.Has(protocol.RequestOptionChunkMasking) {
-		sizeParser = NewShakeSizeParser(v.requestBodyIV)
+		sizeParser = NewShakeSizeParser(s.requestBodyIV)
 	}
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
@@ -258,7 +258,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 	}
 
 	if request.Security.Is(protocol.SecurityType_LEGACY) {
-		aesStream := crypto.NewAesDecryptionStream(v.requestBodyKey, v.requestBodyIV)
+		aesStream := crypto.NewAesDecryptionStream(s.requestBodyKey, s.requestBodyIV)
 		cryptionReader := crypto.NewCryptionReader(aesStream, reader)
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
 			auth := &crypto.AEADAuthenticator{
@@ -273,13 +273,13 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 	}
 
 	if request.Security.Is(protocol.SecurityType_AES128_GCM) {
-		block, _ := aes.NewCipher(v.requestBodyKey)
+		block, _ := aes.NewCipher(s.requestBodyKey)
 		aead, _ := cipher.NewGCM(block)
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.requestBodyIV...),
+				Nonce: append([]byte(nil), s.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
@@ -288,12 +288,12 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 	}
 
 	if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
-		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
+		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(s.requestBodyKey))
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.requestBodyIV...),
+				Nonce: append([]byte(nil), s.requestBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
@@ -304,27 +304,27 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 	panic("Unknown security type.")
 }
 
-func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
-	responseBodyKey := md5.Sum(v.requestBodyKey)
-	responseBodyIV := md5.Sum(v.requestBodyIV)
-	v.responseBodyKey = responseBodyKey[:]
-	v.responseBodyIV = responseBodyIV[:]
+func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
+	responseBodyKey := md5.Sum(s.requestBodyKey)
+	responseBodyIV := md5.Sum(s.requestBodyIV)
+	s.responseBodyKey = responseBodyKey[:]
+	s.responseBodyIV = responseBodyIV[:]
 
-	aesStream := crypto.NewAesEncryptionStream(v.responseBodyKey, v.responseBodyIV)
+	aesStream := crypto.NewAesEncryptionStream(s.responseBodyKey, s.responseBodyIV)
 	encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
-	v.responseWriter = encryptionWriter
+	s.responseWriter = encryptionWriter
 
-	encryptionWriter.Write([]byte{v.responseHeader, byte(header.Option)})
+	encryptionWriter.Write([]byte{s.responseHeader, byte(header.Option)})
 	err := MarshalCommand(header.Command, encryptionWriter)
 	if err != nil {
 		encryptionWriter.Write([]byte{0x00, 0x00})
 	}
 }
 
-func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
+func (s *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
 	var sizeParser crypto.ChunkSizeEncoder = crypto.PlainChunkSizeParser{}
 	if request.Option.Has(protocol.RequestOptionChunkMasking) {
-		sizeParser = NewShakeSizeParser(v.responseBodyIV)
+		sizeParser = NewShakeSizeParser(s.responseBodyIV)
 	}
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
@@ -350,20 +350,20 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			return crypto.NewAuthenticationWriter(auth, sizeParser, v.responseWriter, request.Command.TransferType())
+			return crypto.NewAuthenticationWriter(auth, sizeParser, s.responseWriter, request.Command.TransferType())
 		}
 
-		return buf.NewWriter(v.responseWriter)
+		return buf.NewWriter(s.responseWriter)
 	}
 
 	if request.Security.Is(protocol.SecurityType_AES128_GCM) {
-		block, _ := aes.NewCipher(v.responseBodyKey)
+		block, _ := aes.NewCipher(s.responseBodyKey)
 		aead, _ := cipher.NewGCM(block)
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), s.responseBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
@@ -372,12 +372,12 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 	}
 
 	if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
-		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
+		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(s.responseBodyKey))
 
 		auth := &crypto.AEADAuthenticator{
 			AEAD: aead,
 			NonceGenerator: &ChunkNonceGenerator{
-				Nonce: append([]byte(nil), v.responseBodyIV...),
+				Nonce: append([]byte(nil), s.responseBodyIV...),
 				Size:  aead.NonceSize(),
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},