diff --git a/lib/client.js b/lib/client.js
index 314f1876..3adb2a7e 100644
--- a/lib/client.js
+++ b/lib/client.js
@@ -7,7 +7,6 @@ const { strict: assert } = require('assert');
 const querystring = require('querystring');
 const url = require('url');
 
-const QuickLRU = require('quick-lru');
 const jose = require('jose');
 const tokenHash = require('oidc-token-hash');
 
@@ -1594,7 +1593,7 @@ function determineEcAlgorithm(privateKey, privateKeyInput) {
   throw new TypeError('unsupported DPoP private key curve');
 }
 
-const jwkCache = new QuickLRU({ maxSize: 100 });
+const jwkCache = new WeakMap();
 async function getJwk(privateKey, privateKeyInput) {
   if (typeof privateKeyInput === 'object' && typeof privateKeyInput.key === 'object' && privateKeyInput.key.crv) {
     return pick(privateKeyInput.key, 'kty', 'crv', 'x', 'y', 'e', 'n');
diff --git a/lib/helpers/request.js b/lib/helpers/request.js
index f1771638..41f34c16 100644
--- a/lib/helpers/request.js
+++ b/lib/helpers/request.js
@@ -4,9 +4,6 @@ const http = require('http');
 const https = require('https');
 const { once } = require('events');
 
-const CacheableLookup = require('cacheable-lookup');
-const QuickLRU = require('quick-lru');
-
 const pkg = require('../../package.json');
 const { RPError } = require('../errors');
 
@@ -16,9 +13,6 @@ const { HTTP_OPTIONS } = require('./consts');
 
 let DEFAULT_HTTP_OPTIONS;
 
-const cacheable = new CacheableLookup({
-  cache: new QuickLRU({ maxSize: 1000 }),
-});
 const allowed = [
   'agent',
   'ca',
@@ -40,7 +34,6 @@ const setDefaults = (props, options) => {
 setDefaults([], {
   headers: { 'User-Agent': `${pkg.name}/${pkg.version} (${pkg.homepage})` },
   timeout: 3500,
-  lookup: cacheable.lookup,
 });
 
 module.exports = async function request(options, { accessToken, mTLS = false, DPoP } = {}) {
diff --git a/lib/issuer.js b/lib/issuer.js
index 65caf82a..f4f81cc1 100644
--- a/lib/issuer.js
+++ b/lib/issuer.js
@@ -3,7 +3,7 @@
 const { inspect } = require('util');
 const url = require('url');
 
-const QuickLRU = require('quick-lru');
+const LRU = require('lru-cache');
 const objectHash = require('object-hash');
 
 const { RPError } = require('./errors');
@@ -57,7 +57,7 @@ class Issuer {
       }
     });
 
-    instance(this).set('cache', new QuickLRU({ maxSize: 100 }));
+    instance(this).set('cache', new LRU({ max: 100 }));
 
     registry.set(this.issuer, this);
 
@@ -80,7 +80,7 @@ class Issuer {
     const cache = instance(this).get('cache');
 
     if (reload || !keystore) {
-      cache.clear();
+      cache.reset();
       const response = await request.call(this, {
         method: 'GET',
         responseType: 'json',
diff --git a/package.json b/package.json
index 07f799c9..b85e4d93 100644
--- a/package.json
+++ b/package.json
@@ -52,12 +52,11 @@
     ]
   },
   "dependencies": {
-    "cacheable-lookup": "^6.0.4",
     "jose": "^4.1.0",
+    "lru-cache": "^6.0.0",
     "make-error": "^1.3.6",
     "object-hash": "^2.0.1",
-    "oidc-token-hash": "^5.0.1",
-    "quick-lru": "^5.1.1"
+    "oidc-token-hash": "^5.0.1"
   },
   "devDependencies": {
     "@types/node": "^16.11.1",
diff --git a/test/issuer/issuer_instance.test.js b/test/issuer/issuer_instance.test.js
index 65812a92..fc8d5ec1 100644
--- a/test/issuer/issuer_instance.test.js
+++ b/test/issuer/issuer_instance.test.js
@@ -1,5 +1,5 @@
 const { expect } = require('chai');
-const QuickLRU = require('quick-lru');
+const LRU = require('lru-cache');
 const nock = require('nock');
 const sinon = require('sinon');
 const jose2 = require('jose2');
@@ -40,7 +40,7 @@ describe('Issuer', () => {
 
     after(nock.cleanAll);
     afterEach(function () {
-      if (QuickLRU.prototype.get.restore) QuickLRU.prototype.get.restore();
+      if (LRU.prototype.get.restore) LRU.prototype.get.restore();
     });
 
     it('does not refetch immidiately', function () {
@@ -64,7 +64,7 @@ describe('Issuer', () => {
     });
 
     it('asks to fetch if the keystore is stale and new key definition is requested', function () {
-      sinon.stub(QuickLRU.prototype, 'get').returns(undefined);
+      sinon.stub(LRU.prototype, 'get').returns(undefined);
       return this.issuer.queryKeyStore({ use: 'sig', alg: 'RS256', kid: 'yeah' }).then(fail, () => {
         nock('https://op.example.com')
           .get('/certs')
@@ -83,7 +83,7 @@ describe('Issuer', () => {
     });
 
     it('requires a kid is provided in definition if more keys are in the storage', function () {
-      sinon.stub(QuickLRU.prototype, 'get').returns(undefined);
+      sinon.stub(LRU.prototype, 'get').returns(undefined);
       return this.keystore.generate('RSA').then(() => {
         nock('https://op.example.com')
           .get('/certs')
@@ -97,7 +97,7 @@ describe('Issuer', () => {
     });
 
     it('multiple keys can match the JWT header', function () {
-      sinon.stub(QuickLRU.prototype, 'get').returns(undefined);
+      sinon.stub(LRU.prototype, 'get').returns(undefined);
       const { kid } = this.keystore.get({ kty: 'RSA' });
       return this.keystore.generate('RSA', undefined, { kid }).then(() => {
         nock('https://op.example.com')