# EdDSA verify signature

The **EdDSA signature verification** algorithm ([RFC 8032](https://tools.ietf.org/html/rfc8032#page-13)) takes as input a text message ***msg*** + the signer's EdDSA **public key** ***pubKey*** + the EdDSA signature {***R***, ***s***} and produces as output a boolean value (valid or invalid signature). EdDSA verification works as follows (with minor simplifications):

`EdDSA_signature_verify(msg, pubKey, signature { R, s } ) --> valid / invalid`

1. Calculate ***h*** = hash(***R*** + ***pubKey*** + ***msg***) mod ***q***
2. Calculate ***P1*** = ***s*** \* **G**
3. Calculate ***P2*** = ***R*** + ***h*** \* ***pubKey***
4. Return ***P1*** == ***P2***

[Source](https://cryptobook.nakov.com/digital-signatures/eddsa-and-ed25519)