diff --git a/cross_language_tests/challenge_cross_test.go b/cross_language_tests/challenge_cross_test.go
index 2846421..8f96cfd 100644
--- a/cross_language_tests/challenge_cross_test.go
+++ b/cross_language_tests/challenge_cross_test.go
@@ -196,7 +196,7 @@ func TestChallenge_GoGenerate_RubyRespond(t *testing.T) {
 			outerResponse, err := challenge.UnmarshalResponse(tamperWithResponse(t, challengeOuterBoxBytes, outerResponseBytes))
 			require.NoError(t, err)
 
-			_, err = outerResponse.Open(*challengePrivateEncryptionKey)
+			_, err = outerResponse.Open(challengePrivateEncryptionKey)
 			require.Error(t, err)
 		})
 
@@ -210,11 +210,11 @@ func TestChallenge_GoGenerate_RubyRespond(t *testing.T) {
 			// try to open with a bad key
 			_, malloryPrivKey, err := box.GenerateKey(rand.Reader)
 			require.NoError(t, err)
-			_, err = outerResponse.Open(*malloryPrivKey)
+			_, err = outerResponse.Open(malloryPrivKey)
 			require.Error(t, err)
 
 			// open with legit key
-			innerResponse, err := outerResponse.Open(*challengePrivateEncryptionKey)
+			innerResponse, err := outerResponse.Open(challengePrivateEncryptionKey)
 			require.NoError(t, err)
 
 			// verify data
diff --git a/pkg/challenge/challenge_test.go b/pkg/challenge/challenge_test.go
index bec92bd..f8c1163 100644
--- a/pkg/challenge/challenge_test.go
+++ b/pkg/challenge/challenge_test.go
@@ -107,11 +107,11 @@ func TestChallengeHappyPath(t *testing.T) {
 			// try to open with a bad key
 			_, malloryPrivKey, err := box.GenerateKey(rand.Reader)
 			require.NoError(t, err)
-			_, err = outerResponse.Open(*malloryPrivKey)
+			_, err = outerResponse.Open(malloryPrivKey)
 			require.Error(t, err)
 
 			// open with legit key
-			innerResponse, err := outerResponse.Open(*challengePrivateEncryptionKey)
+			innerResponse, err := outerResponse.Open(challengePrivateEncryptionKey)
 			require.NoError(t, err)
 
 			// verify data
diff --git a/pkg/challenge/response.go b/pkg/challenge/response.go
index d994084..ff6dbba 100644
--- a/pkg/challenge/response.go
+++ b/pkg/challenge/response.go
@@ -21,8 +21,8 @@ type OuterResponse struct {
 	ChallengeId         []byte   `msgpack:"challengeId"`
 }
 
-func (o *OuterResponse) Open(privateEncryptionKey [32]byte) (*InnerResponse, error) {
-	innerResponseBytes, err := echelper.OpenNaCl(o.Msg, &o.PublicEncryptionKey, &privateEncryptionKey)
+func (o *OuterResponse) Open(privateEncryptionKey *[32]byte) (*InnerResponse, error) {
+	innerResponseBytes, err := echelper.OpenNaCl(o.Msg, &o.PublicEncryptionKey, privateEncryptionKey)
 	if err != nil {
 		return nil, fmt.Errorf("opening challenge response box: %w", err)
 	}