diff --git a/src/cpp/Gradido_LoginServer.cpp b/src/cpp/Gradido_LoginServer.cpp
index e6d96d964..ddfefc3d7 100644
--- a/src/cpp/Gradido_LoginServer.cpp
+++ b/src/cpp/Gradido_LoginServer.cpp
@@ -186,6 +186,9 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
 
 		ServerConfig::unload();
 		Poco::Net::uninitializeSSL();
+		// Optional:  Delete all global objects allocated by libprotobuf.
+		google::protobuf::ShutdownProtobufLibrary();
+
 	}
 	return Application::EXIT_OK;
 }
diff --git a/src/cpp/HTTPInterface/ElopageWebhook.cpp b/src/cpp/HTTPInterface/ElopageWebhook.cpp
index 9d7d01ca2..74f8b2955 100644
--- a/src/cpp/HTTPInterface/ElopageWebhook.cpp
+++ b/src/cpp/HTTPInterface/ElopageWebhook.cpp
@@ -82,6 +82,13 @@ void ElopageWebhook::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 				break;
 			}
 		}
+		// last key-value pair
+		std::string urlDecodedValue;
+		Poco::URI::decode(valueBuffer, urlDecodedValue);
+		if (strcmp(keyBuffer, "")) {
+			elopageRequestData.set(keyBuffer, urlDecodedValue);
+		}
+
 		//printf("[ElopageWebhook::handleRequest] key: %s, value: %s\n", keyBuffer, valueBuffer);
 	///	elopageRequestData.set(keyBuffer, valueBuffer);
 		stream.good();
diff --git a/src/cpp/SingletonManager/ErrorManager.cpp b/src/cpp/SingletonManager/ErrorManager.cpp
index 43de78cfe..a24ec05ab 100644
--- a/src/cpp/SingletonManager/ErrorManager.cpp
+++ b/src/cpp/SingletonManager/ErrorManager.cpp
@@ -56,6 +56,17 @@ void ErrorManager::addError(Error* error)
 
 }
 
+int ErrorManager::getErrors(ErrorList* send)
+{
+	Error* error = nullptr;
+	int iCount = 0;
+	while (error = send->getLastError()) {
+		addError(error);
+		iCount++;
+	}
+	return iCount;
+}
+
 void ErrorManager::sendErrorsAsEmail()
 {
 	auto message = new Poco::Net::MailMessage();
diff --git a/src/cpp/SingletonManager/ErrorManager.h b/src/cpp/SingletonManager/ErrorManager.h
index 870dc8006..1cdd99319 100644
--- a/src/cpp/SingletonManager/ErrorManager.h
+++ b/src/cpp/SingletonManager/ErrorManager.h
@@ -15,7 +15,7 @@
 #include <list>
 #include <map>
 #include <cstring>
-#include "../model/Error.h"
+#include "../model/ErrorList.h"
 #include "../Crypto/DRHash.h"
 #include "../tasks/CPUTask.h"
 
@@ -33,6 +33,8 @@ public:
 	// will called delete on error 
 	virtual void addError(Error* error);
 
+	int getErrors(ErrorList* send);
+
 	virtual void sendErrorsAsEmail();
 
 protected:
diff --git a/src/cpp/model/Session.cpp b/src/cpp/model/Session.cpp
index 33ccc1591..e101f9294 100644
--- a/src/cpp/model/Session.cpp
+++ b/src/cpp/model/Session.cpp
@@ -8,8 +8,10 @@
 #include "../SingletonManager/SessionManager.h"
 #include "../SingletonManager/ConnectionManager.h"
 #include "../SingletonManager/ErrorManager.h"
+
 #include "../tasks/PrepareEmailTask.h"
 #include "../tasks/SendEmailTask.h"
+#include "../tasks/SigningTransaction.h"
 
 
 #include "sodium.h"
@@ -344,7 +346,8 @@ void Session::finalizeTransaction(bool sign, bool reject)
 	
 	if (!reject) {
 		if (sign) {
-
+			Poco::AutoPtr<SigningTransaction> signingTransaction(new SigningTransaction(mCurrentActiveProcessingTransaction, mSessionUser));
+			signingTransaction->scheduleTask(signingTransaction);
 		}
 	}
 	mCurrentActiveProcessingTransaction = nullptr;
diff --git a/src/cpp/model/User.cpp b/src/cpp/model/User.cpp
index 2acb5c03e..1f8f8b9cb 100644
--- a/src/cpp/model/User.cpp
+++ b/src/cpp/model/User.cpp
@@ -693,6 +693,35 @@ Poco::Data::BLOB* User::encrypt(const ObfusArray* data)
 	return result_blob;
 }
 
+ObfusArray* User::decrypt(const ObfusArray* encryptedData)
+{
+	if (!hasCryptoKey()) {
+		addError(new Error("User::decrypt", "hasn't crypto key"));
+		return nullptr;
+	}
+
+	//ObfusArray* decrypetData = new ObfusArray(encryptedData->size() - crypto_secretbox_MACBYTES);
+	
+	size_t decryptSize = encryptedData->size() - crypto_secretbox_MACBYTES;
+	unsigned char* decryptBuffer = (unsigned char*)malloc(decryptSize);
+	unsigned char nonce[crypto_secretbox_NONCEBYTES];
+	// we use a hardcoded value for nonce
+	memset(nonce, 31, crypto_secretbox_NONCEBYTES);
+
+	if (crypto_secretbox_open_easy(decryptBuffer, *encryptedData, encryptedData->size(), nonce, *mCryptoKey)) {
+		free(decryptBuffer);
+		addError(new Error("User::decrypt", "error decrypting"));
+		return nullptr;
+	}
+	/*int crypto_secretbox_open_easy(unsigned char *m, const unsigned char *c,
+		unsigned long long clen, const unsigned char *n,
+		const unsigned char *k);*/
+
+	ObfusArray* decryptedData = new ObfusArray(decryptSize, decryptBuffer);
+	free(decryptBuffer);
+	return decryptedData;	
+}
+
 Poco::Data::Statement User::insertIntoDB(Poco::Data::Session session)
 {
 
@@ -779,4 +808,17 @@ const char* User::userStateToString(UserStates state)
 	case USER_COMPLETE: return "complete";
 	}
 	return "- unknown -";
+}
+
+ObfusArray* User::getPrivKey()
+{
+	if (mState != USER_COMPLETE) {
+		addError(new Error("User::getPrivKey", "no private key saved"));
+		return nullptr;
+	}
+	if (!hasCryptoKey()) {
+		addError(new Error("User::getPrivKey", "no crypto key set for decrypting priv key"));
+		return nullptr;
+	}
+	return decrypt(mPrivateKey);
 }
\ No newline at end of file
diff --git a/src/cpp/model/User.h b/src/cpp/model/User.h
index 07663468b..ef305fbed 100644
--- a/src/cpp/model/User.h
+++ b/src/cpp/model/User.h
@@ -16,7 +16,7 @@ class UserCreateCryptoKey;
 class UserWriteIntoDB;
 class Session;
 class UserWriteCryptoKeyHashIntoDB;
-
+class SigningTransaction;
 
 enum UserStates
 {
@@ -44,6 +44,7 @@ class User : public ErrorList
 	friend UserCreateCryptoKey;
 	friend UserWriteIntoDB;
 	friend UserWriteCryptoKeyHashIntoDB;
+	friend SigningTransaction;
 public:
 	// new user
 	User(const char* email, const char* first_name, const char* last_name);
@@ -88,6 +89,7 @@ public:
 	bool validateIdentHash(HASH hash);
 	
 	Poco::Data::BLOB* encrypt(const ObfusArray* data);
+	ObfusArray* decrypt(const ObfusArray* encryptedData);
 
 	Poco::JSON::Object getJson();
 
@@ -113,7 +115,7 @@ protected:
 	inline void lock() { mWorkingMutex.lock(); }
 	inline void unlock() { mWorkingMutex.unlock(); }
 
-	
+	ObfusArray* getPrivKey();
 
 private:
 	UserStates mState;
diff --git a/src/cpp/tasks/ProcessingTransaction.h b/src/cpp/tasks/ProcessingTransaction.h
index 8ad24803a..1e6337436 100644
--- a/src/cpp/tasks/ProcessingTransaction.h
+++ b/src/cpp/tasks/ProcessingTransaction.h
@@ -24,9 +24,11 @@ enum TransactionType {
 
 class TransactionCreation;
 class TransactionTransfer;
+class SigningTransaction;
 
 class ProcessingTransaction : public UniLib::controller::CPUTask, public ErrorList
 {
+	friend SigningTransaction;
 public:
 	ProcessingTransaction(const std::string& proto_message_base64);
 	virtual ~ProcessingTransaction();
diff --git a/src/cpp/tasks/SigningTransaction.cpp b/src/cpp/tasks/SigningTransaction.cpp
index bcd46b019..a95e646d8 100644
--- a/src/cpp/tasks/SigningTransaction.cpp
+++ b/src/cpp/tasks/SigningTransaction.cpp
@@ -1,7 +1,9 @@
 #include "SigningTransaction.h"
 
-SigningTransaction::SigningTransaction(Poco::AutoPtr<ProcessingTransaction> transactionBody)
-	: mTransactionBody(transactionBody)
+#include "../SingletonManager/ErrorManager.h"
+
+SigningTransaction::SigningTransaction(Poco::AutoPtr<ProcessingTransaction> processingeTransaction, Poco::AutoPtr<User> user)
+	: mProcessingeTransaction(processingeTransaction), mUser(user)
 {
 
 }
@@ -12,5 +14,27 @@ SigningTransaction::~SigningTransaction()
 }
 
 int SigningTransaction::run() {
+	auto em = ErrorManager::getInstance();
+
+
+	Error* transactionError = new Error("SigningTransaction start", mProcessingeTransaction->mTransactionBody.SerializeAsString().data());
+	
+	//= new Error("SigningTransaction start", mProcessingeTransaction->g)
+	if (mUser.isNull() || !mUser->hasCryptoKey()) {
+		em->addError(new Error("SigningTransaction", "user hasn't crypto key or is null"));
+		em->sendErrorsAsEmail();
+		return -1;
+	}
+
+	auto privKey = mUser->getPrivKey();
+	if (!privKey) {
+		em->getErrors(mUser);
+		em->addError(new Error("SigningTransaction", "couldn't get user priv key"));
+		em->sendErrorsAsEmail();
+		return -2;
+	}
+
+	delete privKey;
+
 	return 0;
 }
\ No newline at end of file
diff --git a/src/cpp/tasks/SigningTransaction.h b/src/cpp/tasks/SigningTransaction.h
index 234580274..47731e6c8 100644
--- a/src/cpp/tasks/SigningTransaction.h
+++ b/src/cpp/tasks/SigningTransaction.h
@@ -5,6 +5,7 @@
 
 #include "../model/ErrorList.h"
 #include "../model/TransactionBase.h"
+#include "../model/User.h"
 
 #include "../proto/gradido/Transaction.pb.h"
 
@@ -20,7 +21,7 @@
 class SigningTransaction : public UniLib::controller::CPUTask, public ErrorList
 {
 public:
-	SigningTransaction(Poco::AutoPtr<ProcessingTransaction> transactionBody);
+	SigningTransaction(Poco::AutoPtr<ProcessingTransaction> processingeTransaction, Poco::AutoPtr<User> user);
 	virtual ~SigningTransaction();
 
 	int run();
@@ -30,7 +31,8 @@ public:
 	
 
 protected:
-	Poco::AutoPtr<ProcessingTransaction> mTransactionBody;
+	Poco::AutoPtr<ProcessingTransaction> mProcessingeTransaction;
+	Poco::AutoPtr<User>	mUser;
 	
 private: