diff --git a/interface/src/commerce/Wallet.cpp b/interface/src/commerce/Wallet.cpp
index acc0b08afb..d0ef3fcaae 100644
--- a/interface/src/commerce/Wallet.cpp
+++ b/interface/src/commerce/Wallet.cpp
@@ -732,6 +732,7 @@ void Wallet::handleChallengeOwnershipPacket(QSharedPointer<ReceivedMessage> pack
 
     QByteArray certID = packet->read(certIDByteArraySize);
     QByteArray encryptedText = packet->read(encryptedTextByteArraySize);
+    qDebug() << "ZRF encryptedText Inbound:" << QString(encryptedText);
     QByteArray senderNodeUUID;
     if (challengeOriginatedFromClient) {
         senderNodeUUID = packet->read(senderNodeUUIDByteArraySize);
diff --git a/interface/src/ui/overlays/ContextOverlayInterface.cpp b/interface/src/ui/overlays/ContextOverlayInterface.cpp
index 85bdef22ca..eecf93745a 100644
--- a/interface/src/ui/overlays/ContextOverlayInterface.cpp
+++ b/interface/src/ui/overlays/ContextOverlayInterface.cpp
@@ -277,74 +277,78 @@ void ContextOverlayInterface::openInspectionCertificate() {
 
         // ZRF FIXME: Don't challenge ownership of avatar entities that I own
         if (entityProperties.getClientOnly()/* && nodeToChallenge != nodeList->getSessionUUID()*/) {
-            SharedNodePointer entityServer = nodeList->soloNodeOfType(NodeType::EntityServer);
+            // ZRF FIXME!
+            //if (entityProperties.verifyStaticCertificateProperties()) {
+            if (true) {
+                SharedNodePointer entityServer = nodeList->soloNodeOfType(NodeType::EntityServer);
 
-            if (entityServer) {
-                QNetworkAccessManager& networkAccessManager = NetworkAccessManager::getInstance();
-                QNetworkRequest networkRequest;
-                networkRequest.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
-                networkRequest.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
-                QUrl requestURL = NetworkingConstants::METAVERSE_SERVER_URL;
-                requestURL.setPath("/api/v1/commerce/proof_of_purchase_status/transfer");
-                QJsonObject request;
-                request["certificate_id"] = entityProperties.getCertificateID();
-                networkRequest.setUrl(requestURL);
+                if (entityServer) {
+                    QNetworkAccessManager& networkAccessManager = NetworkAccessManager::getInstance();
+                    QNetworkRequest networkRequest;
+                    networkRequest.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
+                    networkRequest.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
+                    QUrl requestURL = NetworkingConstants::METAVERSE_SERVER_URL;
+                    requestURL.setPath("/api/v1/commerce/proof_of_purchase_status/transfer");
+                    QJsonObject request;
+                    request["certificate_id"] = entityProperties.getCertificateID();
+                    networkRequest.setUrl(requestURL);
 
-                QNetworkReply* networkReply = NULL;
-                networkReply = networkAccessManager.put(networkRequest, QJsonDocument(request).toJson());
+                    QNetworkReply* networkReply = NULL;
+                    networkReply = networkAccessManager.put(networkRequest, QJsonDocument(request).toJson());
 
-                connect(networkReply, &QNetworkReply::finished, [=]() {
-                    QJsonObject jsonObject = QJsonDocument::fromJson(networkReply->readAll()).object();
-                    jsonObject = jsonObject["data"].toObject();
+                    connect(networkReply, &QNetworkReply::finished, [=]() {
+                        QJsonObject jsonObject = QJsonDocument::fromJson(networkReply->readAll()).object();
+                        jsonObject = jsonObject["data"].toObject();
 
-                    if (networkReply->error() == QNetworkReply::NoError) {
-                        if (!jsonObject["invalid_reason"].toString().isEmpty()) {
-                            qCDebug(entities) << "invalid_reason not empty";
-                        } else if (jsonObject["transfer_status"].toArray().first().toString() == "failed") {
-                            qCDebug(entities) << "'transfer_status' is 'failed'";;
-                        } else if (jsonObject["transfer_status"].toArray().first().toString() == "pending") {
-                            qCDebug(entities) << "'transfer_status' is 'pending'";;
+                        if (networkReply->error() == QNetworkReply::NoError) {
+                            if (!jsonObject["invalid_reason"].toString().isEmpty()) {
+                                qCDebug(entities) << "invalid_reason not empty";
+                            } else if (jsonObject["transfer_status"].toArray().first().toString() == "failed") {
+                                qCDebug(entities) << "'transfer_status' is 'failed'";;
+                            } else if (jsonObject["transfer_status"].toArray().first().toString() == "pending") {
+                                qCDebug(entities) << "'transfer_status' is 'pending'";;
+                            } else {
+                                QString ownerKey = jsonObject["transfer_recipient_key"].toString();
+
+                                QByteArray certID = entityProperties.getCertificateID().toUtf8();
+                                QByteArray encryptedText = DependencyManager::get<EntityTreeRenderer>()->getTree()->computeEncryptedNonce(certID, ownerKey);
+                                QByteArray nodeToChallengeByteArray = entityProperties.getOwningAvatarID().toRfc4122();
+
+                                int certIDByteArraySize = certID.length();
+                                int encryptedTextByteArraySize = encryptedText.length();
+                                int nodeToChallengeByteArraySize = nodeToChallengeByteArray.length();
+
+                                auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnershipRequest,
+                                    certIDByteArraySize + encryptedTextByteArraySize + nodeToChallengeByteArraySize + 3 * sizeof(int),
+                                    true);
+                                challengeOwnershipPacket->writePrimitive(certIDByteArraySize);
+                                challengeOwnershipPacket->writePrimitive(encryptedTextByteArraySize);
+                                challengeOwnershipPacket->writePrimitive(nodeToChallengeByteArraySize);
+                                challengeOwnershipPacket->write(certID);
+                                challengeOwnershipPacket->write(encryptedText);
+                                challengeOwnershipPacket->write(nodeToChallengeByteArray);
+                                nodeList->sendPacket(std::move(challengeOwnershipPacket), *entityServer);
+
+                                // Kickoff a 10-second timeout timer that marks the cert if we don't get an ownership response in time
+                                //if (thread() != QThread::currentThread()) {
+                                //    QMetaObject::invokeMethod(this, "startChallengeOwnershipTimer", Q_ARG(const EntityItemID&, entityItemID));
+                                //    return;
+                                //} else {
+                                //    startChallengeOwnershipTimer(entityItemID);
+                                //}
+                            }
                         } else {
-                            QByteArray certID = entityProperties.getCertificateID().toUtf8();
-                            QByteArray ownerKey = jsonObject["transfer_recipient_key"].toString().toUtf8();
-                            QByteArray nodeToChallengeByteArray = entityProperties.getOwningAvatarID().toRfc4122();
-                            QByteArray encryptedText = DependencyManager::get<EntityTreeRenderer>()->getTree()->computeEncryptedNonce(certID, ownerKey);
-
-                            int certIDByteArraySize = certID.length();
-                            int ownerKeyByteArraySize = ownerKey.length();
-                            int nodeToChallengeByteArraySize = nodeToChallengeByteArray.length();
-                            int encryptedTextByteArraySize = encryptedText.length();
-
-                            auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnershipRequest,
-                                certIDByteArraySize + ownerKeyByteArraySize + nodeToChallengeByteArraySize + encryptedTextByteArraySize + 4 * sizeof(int),
-                                true);
-                            challengeOwnershipPacket->writePrimitive(certIDByteArraySize);
-                            challengeOwnershipPacket->writePrimitive(ownerKeyByteArraySize);
-                            challengeOwnershipPacket->writePrimitive(nodeToChallengeByteArraySize);
-                            challengeOwnershipPacket->writePrimitive(encryptedTextByteArraySize);
-                            challengeOwnershipPacket->write(certID);
-                            challengeOwnershipPacket->write(ownerKey);
-                            challengeOwnershipPacket->write(nodeToChallengeByteArray);
-                            challengeOwnershipPacket->write(encryptedText);
-                            nodeList->sendPacket(std::move(challengeOwnershipPacket), *entityServer);
-
-                            // Kickoff a 10-second timeout timer that marks the cert if we don't get an ownership response in time
-                            //if (thread() != QThread::currentThread()) {
-                            //    QMetaObject::invokeMethod(this, "startChallengeOwnershipTimer", Q_ARG(const EntityItemID&, entityItemID));
-                            //    return;
-                            //} else {
-                            //    startChallengeOwnershipTimer(entityItemID);
-                            //}
+                            qCDebug(entities) << "Call to" << networkReply->url() << "failed with error" << networkReply->error() <<
+                                "More info:" << networkReply->readAll();
                         }
-                    } else {
-                        qCDebug(entities) << "Call to" << networkReply->url() << "failed with error" << networkReply->error() <<
-                            "More info:" << networkReply->readAll();
-                    }
 
-                    networkReply->deleteLater();
-                });
+                        networkReply->deleteLater();
+                    });
+                } else {
+                    qCWarning(context_overlay) << "Couldn't get Entity Server!";
+                }
             } else {
-                qCWarning(context_overlay) << "Couldn't get Entity Server!";
+                qCDebug(context_overlay) << "Entity" << _currentEntityWithContextOverlay << "failed static certificate verification!";
             }
         }
     }
diff --git a/libraries/entities/src/EntityTree.cpp b/libraries/entities/src/EntityTree.cpp
index ba84c45311..1cf9fdfb26 100644
--- a/libraries/entities/src/EntityTree.cpp
+++ b/libraries/entities/src/EntityTree.cpp
@@ -1153,8 +1153,8 @@ void EntityTree::startChallengeOwnershipTimer(const EntityItemID& entityItemID)
             _challengeOwnershipTimeoutTimer->deleteLater();
         }
     });
-_challengeOwnershipTimeoutTimer->setSingleShot(true);
-_challengeOwnershipTimeoutTimer->start(5000);
+    _challengeOwnershipTimeoutTimer->setSingleShot(true);
+    _challengeOwnershipTimeoutTimer->start(5000);
 }
 
 void EntityTree::startPendingTransferStatusTimer(const QString& certID, const EntityItemID& entityItemID, const SharedNodePointer& senderNode) {
@@ -1195,7 +1195,6 @@ QByteArray EntityTree::computeEncryptedNonce(const QString& certID, const QStrin
 
         QWriteLocker locker(&_certNonceMapLock);
         _certNonceMap.insert(certID, nonce);
-        qCDebug(entities) << "Challenging ownership of Cert ID" << certID << "by encrypting and sending nonce" << nonce << "to owner.";
 
         return encryptedText;
     } else {
@@ -1232,21 +1231,18 @@ bool EntityTree::verifyDecryptedNonce(const QString& certID, const QString& decr
 
 void EntityTree::processChallengeOwnershipRequestPacket(ReceivedMessage& message, const SharedNodePointer& sourceNode) {
     int certIDByteArraySize;
-    int ownerKeyByteArraySize;
     int encryptedTextByteArraySize;
     int nodeToChallengeByteArraySize;
 
     message.readPrimitive(&certIDByteArraySize);
-    message.readPrimitive(&ownerKeyByteArraySize);
-    message.readPrimitive(&nodeToChallengeByteArraySize);
     message.readPrimitive(&encryptedTextByteArraySize);
+    message.readPrimitive(&nodeToChallengeByteArraySize);
 
     QString certID(message.read(certIDByteArraySize));
-    QString ownerKey(message.read(ownerKeyByteArraySize));
-    QUuid nodeToChallenge = QUuid::fromRfc4122(message.read(nodeToChallengeByteArraySize));
     QString encryptedText(message.read(encryptedTextByteArraySize));
+    QUuid nodeToChallenge = QUuid::fromRfc4122(message.read(nodeToChallengeByteArraySize));
 
-    sendChallengeOwnershipRequestPacket(certID, ownerKey, encryptedText, sourceNode, nodeToChallenge);
+    sendChallengeOwnershipRequestPacket(certID, encryptedText, sourceNode, nodeToChallenge);
 }
 
 void EntityTree::processChallengeOwnershipReplyPacket(ReceivedMessage& message, const SharedNodePointer& sourceNode) {
@@ -1285,6 +1281,7 @@ void EntityTree::sendChallengeOwnershipPacket(const QString& certID, const QStri
         qCDebug(entities) << "CRITICAL ERROR: Couldn't compute encrypted nonce. Deleting entity...";
         deleteEntity(entityItemID, true);
     } else {
+        qCDebug(entities) << "Challenging ownership of Cert ID" << certID;
         // 2. Send the encrypted text to the rezzing avatar's node
         QByteArray certIDByteArray = certID.toUtf8();
         int certIDByteArraySize = certIDByteArray.size();
@@ -1307,8 +1304,7 @@ void EntityTree::sendChallengeOwnershipPacket(const QString& certID, const QStri
     }
 }
 
-void EntityTree::sendChallengeOwnershipRequestPacket(const QString& certID, const QString& ownerKey, const QString& encryptedText, const SharedNodePointer& senderNode, const QUuid& nodeToChallenge) {
-    // 1. Encrypt a nonce with the owner's public key
+void EntityTree::sendChallengeOwnershipRequestPacket(const QString& certID, const QString& encryptedText, const SharedNodePointer& senderNode, const QUuid& nodeToChallenge) {
     auto nodeList = DependencyManager::get<NodeList>();
 
     // In this case, Client A is challenging Client B. Client A is inspecting a certified entity that it wants
diff --git a/libraries/entities/src/EntityTree.h b/libraries/entities/src/EntityTree.h
index 3048917a49..5eb5d5b569 100644
--- a/libraries/entities/src/EntityTree.h
+++ b/libraries/entities/src/EntityTree.h
@@ -381,7 +381,7 @@ protected:
 
 private:
     void sendChallengeOwnershipPacket(const QString& certID, const QString& ownerKey, const EntityItemID& entityItemID, const SharedNodePointer& senderNode);
-    void sendChallengeOwnershipRequestPacket(const QString& certID, const QString& ownerKey, const QString& encryptedText, const SharedNodePointer& senderNode, const QUuid& nodeToChallenge);
+    void sendChallengeOwnershipRequestPacket(const QString& certID, const QString& encryptedText, const SharedNodePointer& senderNode, const QUuid& nodeToChallenge);
     void validatePop(const QString& certID, const EntityItemID& entityItemID, const SharedNodePointer& senderNode, bool isRetryingValidation);
 };