diff --git a/pkg/urbit/jets/e/ed_shar.c b/pkg/urbit/jets/e/ed_shar.c
index 0c57bc97b1..5bf93a645f 100644
--- a/pkg/urbit/jets/e/ed_shar.c
+++ b/pkg/urbit/jets/e/ed_shar.c
@@ -20,6 +20,8 @@
     else {
       c3_y pub_y[32], sek_y[32], shr_y[32];
 
+      memset(pub_y, 0, 32);
+      memset(sek_y, 0, 32);
       u3r_bytes(0, 32, pub_y, pub);
       u3r_bytes(0, 32, sek_y, sek);
 
diff --git a/pkg/urbit/jets/e/ed_veri.c b/pkg/urbit/jets/e/ed_veri.c
index 146ec54c6a..634c95509d 100644
--- a/pkg/urbit/jets/e/ed_veri.c
+++ b/pkg/urbit/jets/e/ed_veri.c
@@ -2,36 +2,38 @@
 **
 */
 #include "all.h"
-
-
-#include <ed25519.h>
+#include <urcrypt.h>
 
 /* functions
 */
-  static u3_noun
+  static u3_atom
   _cqee_veri(u3_noun s,
              u3_noun m,
              u3_noun pk)
   {
-    c3_y  sig_y[64];
-    c3_y  pub_y[32];
-    c3_w  ret;
-    c3_y* mes_y;
+    c3_w set_w, pek_w;
 
-    c3_w mesm_w = u3r_met(3, m);
+    if ( ((set_w = u3r_met(3, s)) > 64) ||
+         ((pek_w = u3r_met(3, pk)) > 32) ) {
+      // hoon checks sizes, but weirdly and without crashes
+      return u3_none;
+    }
+    else {
+      c3_y  sig_y[64], pub_y[32];
+      c3_w  met_w = u3r_met(3, m);
+      c3_y* mes_y = u3a_malloc(met_w);
+      c3_o  ret_o;
 
-    memset(sig_y, 0, 64);
-    memset(pub_y, 0, 32);
+      memset(sig_y, 0, 64);
+      memset(pub_y, 0, 32);
+      u3r_bytes(0, 64, sig_y, s);
+      u3r_bytes(0, 32, pub_y, pk);
+      u3r_bytes(0, met_w, mes_y, m);
 
-    mes_y = u3a_malloc(mesm_w);
-
-    u3r_bytes(0, 64, sig_y, s);
-    u3r_bytes(0, 32, pub_y, pk);
-    u3r_bytes(0, mesm_w, mes_y, m);
-
-    ret = ed25519_verify(sig_y, mes_y, mesm_w, pub_y) == 1 ? c3y : c3n;
-    u3a_free(mes_y);
-    return ret;
+      ret_o = urcrypt_ed_veri(mes_y, met_w, pub_y, sig_y) ? c3y : c3n;
+      u3a_free(mes_y);
+      return ret_o;
+    }
   }
 
   u3_noun
diff --git a/pkg/urcrypt/urcrypt.c b/pkg/urcrypt/urcrypt.c
index 4d7f9f8752..c44cae36fa 100644
--- a/pkg/urcrypt/urcrypt.c
+++ b/pkg/urcrypt/urcrypt.c
@@ -154,3 +154,12 @@ urcrypt_ed_sign(uint8_t *message,
   ed25519_create_keypair(public, secret, seed);
   ed25519_sign(out, message, length, public, secret);
 }
+
+bool
+urcrypt_ed_veri(uint8_t *message, size_t length,
+                uint8_t public[32], uint8_t signature[64])
+{
+  return ( ed25519_verify(signature, message, length, public) == 1 )
+    ? true
+    : false;
+}
diff --git a/pkg/urcrypt/urcrypt.h b/pkg/urcrypt/urcrypt.h
index 2d21bd74e0..3a15c04124 100644
--- a/pkg/urcrypt/urcrypt.h
+++ b/pkg/urcrypt/urcrypt.h
@@ -2,6 +2,7 @@
 #define URCRYPT_H
 
 #include <stdint.h>
+#include <stdbool.h>
 #include <string.h>
 #include <ed25519.h>
 #include <ge-additions.h>
@@ -25,4 +26,6 @@ void urcrypt_ed_sign(uint8_t *message,
                      uint8_t seed[32],
                      uint8_t out[64]);
 
+bool urcrypt_ed_veri(uint8_t *message, size_t length,
+                     uint8_t signature[64], uint8_t public[32]);
 #endif