for example, I think I can make a md5 hash from everything (also a key) an can calculate the key from the md5 hash. ifI know the hash algorythm I can recalculate the source "key". and if the algorithm is the same on every client, and the developer know it, he can recalculate the key from hash? http://md5decryption.com/ ... ah, sorry, its my mistake. I've messed it. the tracker only knows the hash and can't, if he want, decrypt the data behind the target ip because he can not calculate the "private key". only if someone bruteforce or have luck, he can get data from a person that he don't know.. It's very unlikely. now I understand. thank you