diff --git a/contrib/src/opendht/SHA512SUMS b/contrib/src/opendht/SHA512SUMS
index aedeff41c1ca451feca28b04672a6b4046690a91..35e6af87e1c7fca7fc6fe95cac92dcca7e0b205a 100644
--- a/contrib/src/opendht/SHA512SUMS
+++ b/contrib/src/opendht/SHA512SUMS
@@ -1 +1 @@
-c302749bf769d08caf8a82bab0409ed35edf465aa55217400a07af6a4120be008065ea426cafbfd883a151592b38d73885bfc58245a868b839c238310b4c88f5  opendht-2.4.11.tar.gz
+7fe15fa4cff0213565baedabbf1e7ab4858635d727bb6a1c0ca16a4fdf66f809ef540fd5cb29cf204409ce4d66aad9df000e30f134ed5a3765faf5f95c1bd039  opendht-2.5.3.tar.gz
diff --git a/contrib/src/opendht/package.json b/contrib/src/opendht/package.json
index acf4d46b447b2e0d191f9c11b774be875da8d7e8..b0546eef8c0774cb9cb77c54273266a583867234 100644
--- a/contrib/src/opendht/package.json
+++ b/contrib/src/opendht/package.json
@@ -1,6 +1,6 @@
 {
     "name": "opendht",
-    "version": "2.4.11",
+    "version": "2.5.3",
     "url": "https://github.com/savoirfairelinux/opendht/archive/v__VERSION__.tar.gz",
     "deps": [
         "argon2",
@@ -12,6 +12,8 @@
     ],
     "use_cmake" : true,
     "defines": [
+        "BUILD_SHARED_LIBS=0",
+        "BUILD_TESTING=0",
         "OPENDHT_SHARED=0",
         "OPENDHT_PROXY_CLIENT=1",
         "OPENDHT_PROXY_SERVER=1",
diff --git a/contrib/src/opendht/rules.mak b/contrib/src/opendht/rules.mak
index 8ad6c09fb49ff5cb1f9a1d30c9c6b661b59f2419..b668e26de95e292ade3719dc2bac917327f76a14 100644
--- a/contrib/src/opendht/rules.mak
+++ b/contrib/src/opendht/rules.mak
@@ -1,5 +1,5 @@
 # OPENDHT
-OPENDHT_VERSION := 2.4.11
+OPENDHT_VERSION := 2.5.3
 OPENDHT_URL := https://github.com/savoirfairelinux/opendht/archive/v$(OPENDHT_VERSION).tar.gz
 
 PKGS += opendht
diff --git a/src/connectivity/connectionmanager.cpp b/src/connectivity/connectionmanager.cpp
index 97a00b61afbc98634e9e43d71773c019ed0b99c9..9457e404caa6e1fd8d002d09a1df5680eec46bf5 100644
--- a/src/connectivity/connectionmanager.cpp
+++ b/src/connectivity/connectionmanager.cpp
@@ -488,7 +488,7 @@ ConnectionManager::Impl::connectDevice(const std::shared_ptr<dht::crypto::Certif
                      noNewSocket,
                      forceNewSocket,
                      connType] {
-        auto devicePk = std::make_shared<dht::crypto::PublicKey>(cert->getPublicKey());
+        auto devicePk = cert->getSharedPublicKey();
         auto deviceId = devicePk->getLongId();
         auto sthis = w.lock();
         if (!sthis || sthis->isDestroying_) {
diff --git a/src/jamidht/account_manager.cpp b/src/jamidht/account_manager.cpp
index 5a5d60ca926e6a39b6f8d59dd3740518d5549898..3d6fea1b8fe8a816450517ecf05d48d422f6218f 100644
--- a/src/jamidht/account_manager.cpp
+++ b/src/jamidht/account_manager.cpp
@@ -139,9 +139,9 @@ AccountManager::useIdentity(const dht::crypto::Identity& identity,
         return nullptr;
     }
 
-    auto pk = accountCertificate->getPublicKey();
-    JAMI_DBG("[Auth] checking device receipt for %s", pk.getId().toString().c_str());
-    if (!pk.checkSignature({receipt.begin(), receipt.end()}, receiptSignature)) {
+    auto pk = accountCertificate->getSharedPublicKey();
+    JAMI_DBG("[Auth] checking device receipt for %s", pk->getId().toString().c_str());
+    if (!pk->checkSignature({receipt.begin(), receipt.end()}, receiptSignature)) {
         JAMI_ERR("[Auth] device receipt signature check failed");
         return nullptr;
     }
@@ -160,7 +160,7 @@ AccountManager::useIdentity(const dht::crypto::Identity& identity,
         return nullptr;
     }
     auto id = root["id"].asString();
-    if (id != pk.getId().toString()) {
+    if (id != pk->getId().toString()) {
         JAMI_ERR("[Auth] account ID mismatch between receipt and certificate");
         return nullptr;
     }
@@ -692,7 +692,7 @@ AccountManager::forEachDevice(
                 return true;
             state->remaining++;
             findCertificate(dev.dev, [state](const std::shared_ptr<dht::crypto::Certificate>& cert) {
-                state->found(cert ? std::make_shared<dht::crypto::PublicKey>(cert->getPublicKey())
+                state->found(cert ? cert->getSharedPublicKey()
                                   : std::shared_ptr<dht::crypto::PublicKey> {});
             });
             return true;
diff --git a/src/jamidht/archive_account_manager.cpp b/src/jamidht/archive_account_manager.cpp
index b9366fc2728fb57d42a42a8158fb6a516d359559..4bcf35ea0a01fc3883426ab10320cd092b905858 100644
--- a/src/jamidht/archive_account_manager.cpp
+++ b/src/jamidht/archive_account_manager.cpp
@@ -480,7 +480,7 @@ ArchiveAccountManager::makeReceipt(const dht::crypto::Identity& id,
     auto devId = device.getId();
     DeviceAnnouncement announcement;
     announcement.dev = devId;
-    announcement.pk = std::make_shared<dht::crypto::PublicKey>(device.getPublicKey());
+    announcement.pk = device.getSharedPublicKey();
     dht::Value ann_val {announcement};
     ann_val.sign(*id.first);
 
@@ -529,7 +529,7 @@ ArchiveAccountManager::syncDevices()
         // don't send sync data to ourself
         if (dev.first.toString() == info_->deviceId)
             continue;
-        auto pk = std::make_shared<dht::crypto::PublicKey>(dev.second.certificate->getPublicKey());
+        auto pk = dev.second.certificate->getSharedPublicKey();
         JAMI_DBG("sending device sync to %s %s",
                  dev.second.name.c_str(),
                  dev.first.toString().c_str());
diff --git a/src/jamidht/jamiaccount.cpp b/src/jamidht/jamiaccount.cpp
index 58c75d5518b1c20ac84434fd4bc72826860894ef..fa5eea94001f5049b0b507c7eb62491498028a14 100644
--- a/src/jamidht/jamiaccount.cpp
+++ b/src/jamidht/jamiaccount.cpp
@@ -1669,7 +1669,7 @@ JamiAccount::trackPresence(const dht::InfoHash& h, BuddyInfo& buddy)
                 sthis->findCertificate(
                     dev.dev, [sthis, h](const std::shared_ptr<dht::crypto::Certificate>& cert) {
                         if (cert) {
-                            auto pk = std::make_shared<dht::crypto::PublicKey>(cert->getPublicKey());
+                            auto pk = cert->getSharedPublicKey();
                             if (sthis->convModule()->needsSyncingWith(h.toString(),
                                                                       pk->getLongId().toString()))
                                 sthis->requestSIPConnection(
diff --git a/src/jamidht/server_account_manager.cpp b/src/jamidht/server_account_manager.cpp
index b68cc9def4676f8c7858d901fac530118a0dacb7..5b48f1f85c21ca9d5b44524b27f6ed9f5a8d8f6d 100644
--- a/src/jamidht/server_account_manager.cpp
+++ b/src/jamidht/server_account_manager.cpp
@@ -146,8 +146,7 @@ ServerAccountManager::initAuthentication(PrivateKey key,
                                     auto info = std::make_unique<AccountInfo>();
                                     info->identity.first = ctx->key.get();
                                     info->identity.second = cert;
-                                    info->devicePk = std::make_shared<dht::crypto::PublicKey>(
-                                        cert->getPublicKey());
+                                    info->devicePk = cert->getSharedPublicKey();
                                     info->deviceId = info->devicePk->getLongId().toString();
                                     info->accountId = accountCert->getId().toString();
                                     info->contacts = std::make_unique<ContactList>(accountCert,