diff --git a/.gitignore b/.gitignore
index ea8c4bf..07c12f2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 /target
+result
diff --git a/default.nix b/default.nix
new file mode 100644
index 0000000..2f22209
--- /dev/null
+++ b/default.nix
@@ -0,0 +1,21 @@
+{ pkgs ? import <nixpkgs> { } }:
+with pkgs;
+let
+  agent_src = fetchgit {
+    url = "https://gitea.rixxc.de/rixxc/x25519_agent.git";
+    rev = "ae00fd66ece00510799cdf0397d905f2bdee2956";
+    hash = "sha256-vq3fNjeDCYUVJceyWCqszFDHk/GhLVhE/WeG50RoWZs=";
+  };
+
+  agent = callPackage "${agent_src}/default.nix" { };
+in
+rustPlatform.buildRustPackage {
+  name = "agent-harness";
+  src = nix-gitignore.gitignoreSource [ ] ./.;
+
+  nativeBuildInputs = [ cargo rustc ];
+  
+  buildInputs = [ agent ];
+
+  cargoSha256 = "sha256-ZgwQr1goz9yPws0P1eQwhHEv2WbcJeTCLEPYOUADOtE=";
+}
diff --git a/shell.nix b/shell.nix
deleted file mode 100644
index a7b8adb..0000000
--- a/shell.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ pkgs ? import <nixpkgs> { } }:
-with pkgs;
-let
-  agent_src = fetchgit {
-    url = "https://gitea.rixxc.de/rixxc/x25519_agent.git";
-    rev = "d9b6dea879492dc5436e14ac8ea7367d641f6deb";
-    hash = "sha256-B7aFz5r8dNoAO829Ao6/1Wl5TqDh9xhfDds0ZF0cRqI=";
-  };
-
-  agent = callPackage "${agent_src}/default.nix" { };
-in
-pkgs.mkShell {
-  name = "agent-harness";
-
-  buildInputs = [ agent ];
-}
diff --git a/src/main.rs b/src/main.rs
index e5596fa..0698040 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,21 +1,23 @@
-use libc::{c_int, c_void, mmap, MAP_FAILED, MAP_SHARED, PROT_READ, PROT_WRITE};
+use libc::{
+    c_int, c_void, mmap, MAP_ANON, MAP_FAILED, MAP_PRIVATE, MAP_SHARED, PROT_READ, PROT_WRITE,
+};
 use std::{env, ptr};
 
 const SHARED_MEMORY_SIZE: usize = 1024;
 
 #[link(name = "agent")]
 extern "C" {
-    fn agent_start(shared_memory: *mut u8, sync_memory: *mut u8);
+    fn agent_start(shared_memory: *mut u8, sync_memory: *mut u8, private_mem: *mut u8);
 }
 
 fn main() {
     let args: Vec<String> = env::args().collect();
 
-    let shared_fd: c_int = args[1]
+    let shared_fd: c_int = args[0]
         .parse()
         .expect("Please provide a valid file descriptor as first argument");
 
-    let sync_fd: c_int = args[2]
+    let sync_fd: c_int = args[1]
         .parse()
         .expect("Please provide a valid file descriptor as first argument");
 
@@ -43,8 +45,20 @@ fn main() {
     } as *mut u8;
     assert_ne!(sync_memory, MAP_FAILED as *mut u8);
 
-    println!("Starting agent...");
+    let private_mem = unsafe {
+        mmap(
+            ptr::null_mut() as *mut c_void,
+            32 * 100,
+            PROT_READ | PROT_WRITE,
+            MAP_PRIVATE | MAP_ANON,
+            0,
+            0,
+        )
+    } as *mut u8;
+    assert_ne!(private_mem, MAP_FAILED as *mut u8);
+
+    println!("Agent: starting agent...");
     unsafe {
-        agent_start(shared_memory, sync_memory);
+        agent_start(shared_memory, sync_memory, private_mem);
     }
 }