diff --git a/go.mod b/go.mod
index f36de5034..71d974a18 100644
--- a/go.mod
+++ b/go.mod
@@ -9,6 +9,7 @@ require (
 	github.com/miekg/dns v1.1.29
 	github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57
 	github.com/seiflotfy/cuckoofilter v0.0.0-20200511222245-56093a4d3841
+	github.com/stretchr/testify v1.6.1
 	go.starlark.net v0.0.0-20190919145610-979af19b165c
 	golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9
 	golang.org/x/net v0.0.0-20200602114024-627f9648deb9
diff --git a/go.sum b/go.sum
index 54f7e0b38..0db98844a 100644
--- a/go.sum
+++ b/go.sum
@@ -3,6 +3,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgryski/go-metro v0.0.0-20180109044635-280f6062b5bc h1:8WFBn63wegobsYAX0YjD+8suexZDga5CctH4CCTx2+8=
 github.com/dgryski/go-metro v0.0.0-20180109044635-280f6062b5bc/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -42,11 +44,16 @@ github.com/miekg/dns v1.1.29 h1:xHBEhR+t5RzcFJjBLJlax2daXOrTYtr9z4WdKEfWFzg=
 github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc=
 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57 h1:SL1K0QAuC1b54KoY1pjPWe6kSlsFHwK9/oC960fKrTY=
 github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57/go.mod h1:tz9gX959MEFfFN5whTIocCLUG57WiILqtdVxI8c6Wj0=
 github.com/seiflotfy/cuckoofilter v0.0.0-20200511222245-56093a4d3841 h1:pnfutQFsV7ySmHUeX6ANGfPsBo29RctUvDn8G3rmJVw=
 github.com/seiflotfy/cuckoofilter v0.0.0-20200511222245-56093a4d3841/go.mod h1:ET5mVvNjwaGXRgZxO9UZr7X+8eAf87AfIYNwRSp9s4Y=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 go.starlark.net v0.0.0-20190919145610-979af19b165c h1:WR7X1xgXJlXhQBdorVc9Db3RhwG+J/kp6bLuMyJjfVw=
 go.starlark.net v0.0.0-20190919145610-979af19b165c/go.mod h1:c1/X6cHgvdXj6pUlmWKMkuqRnW4K8x2vwt6JAaaircg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=
@@ -120,10 +127,12 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA=
-google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 h12.io/socks v1.0.1 h1:bXESSI/+hbdrp+22vcc7/JiXjmLH4UWktKdYgGr3ShA=
 h12.io/socks v1.0.1/go.mod h1:AIhxy1jOId/XCz9BO+EIgNL2rQiPTBNnOfnVnQ+3Eck=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
diff --git a/proxy/vmess/aead/authid_test.go b/proxy/vmess/aead/authid_test.go
new file mode 100644
index 000000000..c1f923c53
--- /dev/null
+++ b/proxy/vmess/aead/authid_test.go
@@ -0,0 +1,129 @@
+package aead
+
+import (
+	"fmt"
+	"github.com/stretchr/testify/assert"
+	"strconv"
+	"testing"
+	"time"
+)
+
+func TestCreateAuthID(t *testing.T) {
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	authid := CreateAuthID(key, time.Now().Unix())
+
+	fmt.Println(key)
+	fmt.Println(authid)
+}
+
+func TestCreateAuthIDAndDecode(t *testing.T) {
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	authid := CreateAuthID(key, time.Now().Unix())
+
+	fmt.Println(key)
+	fmt.Println(authid)
+
+	AuthDecoder := NewAuthIDDecoderHolder()
+	var keyw [16]byte
+	copy(keyw[:], key)
+	AuthDecoder.AddUser(keyw, "Demo User")
+	res, err := AuthDecoder.Match(authid)
+	fmt.Println(res)
+	fmt.Println(err)
+	assert.Equal(t, "Demo User", res)
+	assert.Nil(t, err)
+}
+
+func TestCreateAuthIDAndDecode2(t *testing.T) {
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	authid := CreateAuthID(key, time.Now().Unix())
+
+	fmt.Println(key)
+	fmt.Println(authid)
+
+	AuthDecoder := NewAuthIDDecoderHolder()
+	var keyw [16]byte
+	copy(keyw[:], key)
+	AuthDecoder.AddUser(keyw, "Demo User")
+	res, err := AuthDecoder.Match(authid)
+	fmt.Println(res)
+	fmt.Println(err)
+	assert.Equal(t, "Demo User", res)
+	assert.Nil(t, err)
+
+	key2 := KDF16([]byte("Demo Key for Auth ID Test2"), "Demo Path for Auth ID Test")
+	authid2 := CreateAuthID(key2, time.Now().Unix())
+
+	res2, err2 := AuthDecoder.Match(authid2)
+	assert.EqualError(t, err2, "user do not exist")
+	assert.Nil(t, res2)
+
+}
+
+func TestCreateAuthIDAndDecodeMassive(t *testing.T) {
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	authid := CreateAuthID(key, time.Now().Unix())
+
+	fmt.Println(key)
+	fmt.Println(authid)
+
+	AuthDecoder := NewAuthIDDecoderHolder()
+	var keyw [16]byte
+	copy(keyw[:], key)
+	AuthDecoder.AddUser(keyw, "Demo User")
+	res, err := AuthDecoder.Match(authid)
+	fmt.Println(res)
+	fmt.Println(err)
+	assert.Equal(t, "Demo User", res)
+	assert.Nil(t, err)
+
+	for i := 0; i <= 10000; i++ {
+		key2 := KDF16([]byte("Demo Key for Auth ID Test2"), "Demo Path for Auth ID Test", strconv.Itoa(i))
+		var keyw2 [16]byte
+		copy(keyw2[:], key2)
+		AuthDecoder.AddUser(keyw2, "Demo User"+strconv.Itoa(i))
+	}
+
+	authid3 := CreateAuthID(key, time.Now().Unix())
+
+	res2, err2 := AuthDecoder.Match(authid3)
+	assert.Equal(t, "Demo User", res2)
+	assert.Nil(t, err2)
+
+}
+
+func TestCreateAuthIDAndDecodeSuperMassive(t *testing.T) {
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	authid := CreateAuthID(key, time.Now().Unix())
+
+	fmt.Println(key)
+	fmt.Println(authid)
+
+	AuthDecoder := NewAuthIDDecoderHolder()
+	var keyw [16]byte
+	copy(keyw[:], key)
+	AuthDecoder.AddUser(keyw, "Demo User")
+	res, err := AuthDecoder.Match(authid)
+	fmt.Println(res)
+	fmt.Println(err)
+	assert.Equal(t, "Demo User", res)
+	assert.Nil(t, err)
+
+	for i := 0; i <= 1000000; i++ {
+		key2 := KDF16([]byte("Demo Key for Auth ID Test2"), "Demo Path for Auth ID Test", strconv.Itoa(i))
+		var keyw2 [16]byte
+		copy(keyw2[:], key2)
+		AuthDecoder.AddUser(keyw2, "Demo User"+strconv.Itoa(i))
+	}
+
+	authid3 := CreateAuthID(key, time.Now().Unix())
+
+	before := time.Now()
+	res2, err2 := AuthDecoder.Match(authid3)
+	after := time.Now()
+	assert.Equal(t, "Demo User", res2)
+	assert.Nil(t, err2)
+
+	fmt.Println(after.Sub(before).Seconds())
+
+}
diff --git a/proxy/vmess/aead/encrypt_test.go b/proxy/vmess/aead/encrypt_test.go
new file mode 100644
index 000000000..70e9a5403
--- /dev/null
+++ b/proxy/vmess/aead/encrypt_test.go
@@ -0,0 +1,105 @@
+package aead
+
+import (
+	"bytes"
+	"fmt"
+	"github.com/stretchr/testify/assert"
+	"io"
+	"testing"
+)
+
+func TestOpenVMessAEADHeader(t *testing.T) {
+	TestHeader := []byte("Test Header")
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	var keyw [16]byte
+	copy(keyw[:], key)
+	sealed := SealVMessAEADHeader(keyw, TestHeader)
+
+	var AEADR = bytes.NewReader(sealed)
+
+	var authid [16]byte
+
+	io.ReadFull(AEADR, authid[:])
+
+	out, _, err, _ := OpenVMessAEADHeader(keyw, authid, AEADR)
+
+	fmt.Println(string(out))
+	fmt.Println(err)
+}
+
+func TestOpenVMessAEADHeader2(t *testing.T) {
+	TestHeader := []byte("Test Header")
+	key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+	var keyw [16]byte
+	copy(keyw[:], key)
+	sealed := SealVMessAEADHeader(keyw, TestHeader)
+
+	var AEADR = bytes.NewReader(sealed)
+
+	var authid [16]byte
+
+	io.ReadFull(AEADR, authid[:])
+
+	out, _, err, readen := OpenVMessAEADHeader(keyw, authid, AEADR)
+	assert.Equal(t, len(sealed)-16-AEADR.Len(), readen)
+	assert.Equal(t, string(TestHeader), string(out))
+	assert.Nil(t, err)
+}
+
+func TestOpenVMessAEADHeader4(t *testing.T) {
+	for i := 0; i <= 60; i++ {
+		TestHeader := []byte("Test Header")
+		key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+		var keyw [16]byte
+		copy(keyw[:], key)
+		sealed := SealVMessAEADHeader(keyw, TestHeader)
+		var sealedm [16]byte
+		copy(sealedm[:], sealed)
+		sealed[i] ^= 0xff
+		var AEADR = bytes.NewReader(sealed)
+
+		var authid [16]byte
+
+		io.ReadFull(AEADR, authid[:])
+
+		out, drain, err, readen := OpenVMessAEADHeader(keyw, authid, AEADR)
+		assert.Equal(t, len(sealed)-16-AEADR.Len(), readen)
+		assert.Equal(t, true, drain)
+		assert.NotNil(t, err)
+		if err == nil {
+			fmt.Println(">")
+		}
+		assert.Nil(t, out)
+	}
+
+}
+
+func TestOpenVMessAEADHeader4Massive(t *testing.T) {
+	for j := 0; j < 1000; j++ {
+
+		for i := 0; i <= 60; i++ {
+			TestHeader := []byte("Test Header")
+			key := KDF16([]byte("Demo Key for Auth ID Test"), "Demo Path for Auth ID Test")
+			var keyw [16]byte
+			copy(keyw[:], key)
+			sealed := SealVMessAEADHeader(keyw, TestHeader)
+			var sealedm [16]byte
+			copy(sealedm[:], sealed)
+			sealed[i] ^= 0xff
+			var AEADR = bytes.NewReader(sealed)
+
+			var authid [16]byte
+
+			io.ReadFull(AEADR, authid[:])
+
+			out, drain, err, readen := OpenVMessAEADHeader(keyw, authid, AEADR)
+			assert.Equal(t, len(sealed)-16-AEADR.Len(), readen)
+			assert.Equal(t, true, drain)
+			assert.NotNil(t, err)
+			if err == nil {
+				fmt.Println(">")
+			}
+			assert.Nil(t, out)
+		}
+	}
+}