diff --git a/.gitignore b/.gitignore
index 45eb4dbf0e..3ebf5fbd3e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,6 +23,7 @@ compaction-suite-results.*
 *.o
 *.so
 *.Po
+*.pid
 
 # pgindent typedef lists
 *.list
diff --git a/local-proxy.json b/local-proxy.json
deleted file mode 100644
index 1aee62a9fa..0000000000
--- a/local-proxy.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "jwks": [
-        {
-            "id": "1",
-            "role_names": ["authenticated"],
-            "jwks_url": "https://adapted-gorilla-88.clerk.accounts.dev/.well-known/jwks.json",
-            "provider_name": "foo",
-            "jwt_audience": null
-        }
-    ]
-}
diff --git a/local_proxy.json b/local_proxy.json
index 1aee62a9fa..28591897c6 100644
--- a/local_proxy.json
+++ b/local_proxy.json
@@ -3,7 +3,7 @@
         {
             "id": "1",
             "role_names": ["authenticated"],
-            "jwks_url": "https://adapted-gorilla-88.clerk.accounts.dev/.well-known/jwks.json",
+            "jwks_url": "https://climbing-minnow-11.clerk.accounts.dev/.well-known/jwks.json",
             "provider_name": "foo",
             "jwt_audience": null
         }
diff --git a/proxy/SUBZERO.md b/proxy/SUBZERO.md
index e027715659..38ac85fa80 100644
--- a/proxy/SUBZERO.md
+++ b/proxy/SUBZERO.md
@@ -2,7 +2,7 @@
 
 ## Setup
 
-In the root of the proxy folder, run:
+In the root of the repo folder, run:
 
 Let's create self-signed certificate by running:
 ```sh
@@ -11,14 +11,13 @@ openssl req -new -x509 -days 365 -nodes -text -out server.crt -keyout server.key
 
 bring up the database using docker compose
 ```sh
-docker compose up -f subzero/docker-compose.yml -d
+docker compose up -f proxy/subzero/docker-compose.yml -d
 ```
 
 bring up the local proxy (but disable pg_session_jwt extension installation)
 ```sh
 cargo run --bin local_proxy -- \
   --disable-pg-session-jwt \
-  --config-path proxy/subzero/local_proxy.json \
   --http 0.0.0.0:7432
 ```
 
diff --git a/proxy/src/serverless/http_conn_pool.rs b/proxy/src/serverless/http_conn_pool.rs
index 1c6574e57e..d42c27c1f2 100644
--- a/proxy/src/serverless/http_conn_pool.rs
+++ b/proxy/src/serverless/http_conn_pool.rs
@@ -20,9 +20,11 @@ use crate::metrics::{HttpEndpointPoolsGuard, Metrics};
 use crate::protocol2::ConnectionInfoExtra;
 use crate::types::EndpointCacheKey;
 use crate::usage_metrics::{Ids, MetricCounter, USAGE_METRICS};
+use http_body_util::combinators::BoxBody;
+use bytes::Bytes;
 
-pub(crate) type Send = http2::SendRequest<hyper::body::Incoming>;
-pub(crate) type Connect = http2::Connection<TokioIo<AsyncRW>, hyper::body::Incoming, TokioExecutor>;
+pub(crate) type Send = http2::SendRequest<BoxBody<Bytes, hyper::Error>>;
+pub(crate) type Connect = http2::Connection<TokioIo<AsyncRW>, BoxBody<Bytes, hyper::Error>, TokioExecutor>;
 
 #[derive(Clone)]
 pub(crate) struct ClientDataHttp();
diff --git a/proxy/src/serverless/rest.rs b/proxy/src/serverless/rest.rs
index caf9436656..99c7b3173f 100644
--- a/proxy/src/serverless/rest.rs
+++ b/proxy/src/serverless/rest.rs
@@ -4,6 +4,7 @@ use bytes::Bytes;
 use http::Method;
 use http::header::AUTHORIZATION;
 use http_body_util::combinators::BoxBody;
+use http_body_util::Full;
 use http_body_util::{BodyExt};
 use http_utils::error::ApiError;
 use hyper::body::Incoming;
@@ -611,7 +612,7 @@ async fn handle_rest_inner(
 
     let local_proxy_uri = ::http::Uri::from_static("http://proxy.local/sql");
 
-    let (mut parts, body) = request.into_parts();
+    let (parts, _originial_body) = request.into_parts();
     let mut req = Request::builder().method(Method::POST).uri(local_proxy_uri);
 
     // todo(conradludgate): maybe auth-broker should parse these and re-serialize
@@ -630,14 +631,18 @@ async fn handle_rest_inner(
     req = req.header(&NEON_REQUEST_ID, uuid_to_header_value(ctx.session_id()));
     req = req.header(&CONN_STRING, HeaderValue::from_str(connection_string).unwrap());
     
-    // let new_body: String = json!({
-    //     "query": "select 1 as one",
-    //     "params": [],
-    // }).to_string();
+    let body: String = json!({
+        "query": "select 1 as one",
+        "params": [],
+    }).to_string();
+
+    let body_boxed = Full::new(Bytes::from(body))
+        .map_err(|never| match never {}) // Convert Infallible to hyper::Error
+        .boxed();
     
     
     let req = req
-        .body(body)
+        .body(body_boxed)
         .expect("all headers and params received via hyper should be valid for request");
 
     // todo: map body to count egress
diff --git a/proxy/src/serverless/sql_over_http.rs b/proxy/src/serverless/sql_over_http.rs
index d33ae35247..f88263944a 100644
--- a/proxy/src/serverless/sql_over_http.rs
+++ b/proxy/src/serverless/sql_over_http.rs
@@ -869,7 +869,7 @@ async fn handle_auth_broker_inner(
     req = req.header(&NEON_REQUEST_ID, uuid_to_header_value(ctx.session_id()));
 
     let req = req
-        .body(body)
+        .body(body.map_err(|e| e).boxed())
         .expect("all headers and params received via hyper should be valid for request");
 
     // todo: map body to count egress
diff --git a/proxy/subzero/local_proxy.json b/proxy/subzero/local_proxy.json
deleted file mode 100644
index b6c3b57a5a..0000000000
--- a/proxy/subzero/local_proxy.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "jwks": [
-        {
-            "id": "1",
-            "role_names": ["authenticator"],
-            "jwks_url": "https://climbing-minnow-11.clerk.accounts.dev/.well-known/jwks.json",
-            "provider_name": "foo",
-            "jwt_audience": null
-        }
-    ]
-}