yep, Clients should not auth when sending wraps. The signature comes from a random key anyway, there is nothing the AUTH will do for the connecting client.