diff --git a/clientapi/routing/send_pdus.go b/clientapi/routing/send_pdus.go
index 2a3e5274f..1959a1fa2 100644
--- a/clientapi/routing/send_pdus.go
+++ b/clientapi/routing/send_pdus.go
@@ -115,15 +115,32 @@ func SendPDUs(
 				JSON: spec.InternalServerError{Err: err.Error()},
 			}
 		}
-		key, err := rsAPI.GetOrCreateUserRoomPrivateKey(req.Context(), *userID, pdu.RoomID())
+
+		util.GetLogger(req.Context()).Infof("Processing %s event (%s): %s", pdu.Type(), pdu.EventID(), pdu.JSON())
+
+		// Check that the event is signed by the server sending the request.
+		redacted, err := verImpl.RedactEventJSON(pdu.JSON())
 		if err != nil {
-			return util.JSONResponse{
-				Code: http.StatusInternalServerError,
-				JSON: spec.InternalServerError{Err: err.Error()},
-			}
+			util.GetLogger(req.Context()).WithError(err).Error("RedactEventJSON failed")
+			continue
+		}
+
+		verifier := gomatrixserverlib.JSONVerifierSelf{}
+		verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
+			ServerName:           spec.ServerName(pdu.SenderID()),
+			Message:              redacted,
+			AtTS:                 pdu.OriginServerTS(),
+			ValidityCheckingFunc: gomatrixserverlib.StrictValiditySignatureCheck,
+		}}
+		verifyResults, err := verifier.VerifyJSONs(req.Context(), verifyRequests)
+		if err != nil {
+			util.GetLogger(req.Context()).WithError(err).Error("keys.VerifyJSONs failed")
+			continue
+		}
+		if verifyResults[0].Error != nil {
+			util.GetLogger(req.Context()).WithError(verifyResults[0].Error).Error("Signature check failed: ")
+			continue
 		}
-		pdu = pdu.Sign(string(pdu.SenderID()), "ed25519:1", key)
-		util.GetLogger(req.Context()).Infof("Processing %s event (%s)", pdu.Type(), pdu.EventID())
 
 		switch pdu.Type() {
 		case spec.MRoomCreate:
diff --git a/roomserver/internal/perform/perform_create_room.go b/roomserver/internal/perform/perform_create_room.go
index 996c797e7..553a3fda1 100644
--- a/roomserver/internal/perform/perform_create_room.go
+++ b/roomserver/internal/perform/perform_create_room.go
@@ -80,17 +80,11 @@ func (c *Creator) PerformCreateRoomCryptoIDs(ctx context.Context, userID spec.Us
 			return nil, spec.BadJSON("SenderID is not a valid ed25519 public key")
 		}
 
-		// TODO: cryptoIDs - Swap this out for only storing the public key
-		key, keyErr := c.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, userID, roomID)
+		keyErr := c.RSAPI.StoreUserRoomPublicKey(ctx, senderID, userID, roomID)
 		if keyErr != nil {
-			util.GetLogger(ctx).WithError(keyErr).Error("GetOrCreateUserRoomPrivateKey failed")
+			util.GetLogger(ctx).WithError(keyErr).Error("StoreUserRoomPublicKey failed")
 			return nil, spec.InternalServerError{Err: keyErr.Error()}
 		}
-		senderID = spec.SenderIDFromPseudoIDKey(key)
-		//err := c.RSAPI.StoreUserRoomPublicKey(ctx, senderID, userID, roomID)
-		//if err != nil {
-		//	return nil, spec.InternalServerError{Err: err.Error()}
-		//}
 	}
 
 	createContent["creator"] = senderID