Paste a Proof-of-Human-Fulfillment or Proof-of-Personhood credential (the JWT). We fetch 5arz's public keys and check the ES256 signature in your browser — nothing is sent to a server.
Prefer to verify server-side? Fetch the JWK from /.well-known/jwks.json and validate with any standard JWT library (jose, pyjwt, etc.). The signature is raw P-1363 r‖s — exactly JWS ES256.