diff --git a/go.mod b/go.mod
index fdf21101..f50c03be 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/jedisct1/go-clocksmith v0.0.0-20210101121932-da382b963868
 	github.com/jedisct1/go-dnsstamps v0.0.0-20210810213811-61cc83d2a354
 	github.com/jedisct1/go-hpke-compact v0.0.0-20210930135406-0763750339f0
-	github.com/jedisct1/go-minisign v0.0.0-20211008170404-d0c644b276f4
+	github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b
 	github.com/jedisct1/xsecretbox v0.0.0-20210927135450-ebe41aef7bef
 	github.com/k-sone/critbitgo v1.4.0
 	github.com/kardianos/service v1.2.0
diff --git a/go.sum b/go.sum
index 9f0bd3e4..d211232b 100644
--- a/go.sum
+++ b/go.sum
@@ -361,6 +361,8 @@ github.com/jedisct1/go-hpke-compact v0.0.0-20210930135406-0763750339f0 h1:RHAwzl
 github.com/jedisct1/go-hpke-compact v0.0.0-20210930135406-0763750339f0/go.mod h1:wDWQCpgsVR2M5u//vKIwqBZdbsS/f/rZiOuJPaFSkmk=
 github.com/jedisct1/go-minisign v0.0.0-20211008170404-d0c644b276f4 h1:kQYxZWkRu2ax22QivreeQ72p/FsfXN5D5LFLbfZGuFw=
 github.com/jedisct1/go-minisign v0.0.0-20211008170404-d0c644b276f4/go.mod h1:hQmNrgofl+IY/8L+n20H6E6PWBBTokdsv+q49j0QhsU=
+github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b h1:ZGiXF8sz7PDk6RgkP+A/SFfUD0ZR/AgG6SpRNEDKZy8=
+github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b/go.mod h1:hQmNrgofl+IY/8L+n20H6E6PWBBTokdsv+q49j0QhsU=
 github.com/jedisct1/xsecretbox v0.0.0-20210927135450-ebe41aef7bef h1:1Jom8JnCkrgivikTdt0lg5lHpZRvpP98hn8H1bIjFLk=
 github.com/jedisct1/xsecretbox v0.0.0-20210927135450-ebe41aef7bef/go.mod h1:dmX1e+PPjjbMjNI/wJk8EgjXmqAMZ5tgOzD1wxCgzhs=
 github.com/jgautheron/goconst v1.5.1 h1:HxVbL1MhydKs8R8n/HE5NPvzfaYmQJA3o879lE4+WcM=
diff --git a/vendor/github.com/jedisct1/go-minisign/minisign.go b/vendor/github.com/jedisct1/go-minisign/minisign.go
index fba29720..3e79646a 100644
--- a/vendor/github.com/jedisct1/go-minisign/minisign.go
+++ b/vendor/github.com/jedisct1/go-minisign/minisign.go
@@ -92,7 +92,7 @@ func NewSignatureFromFile(file string) (Signature, error) {
 }
 
 func (publicKey *PublicKey) Verify(bin []byte, signature Signature) (bool, error) {
-	if publicKey.SignatureAlgorithm != signature.SignatureAlgorithm {
+	if publicKey.SignatureAlgorithm != [2]byte{'E', 'd'} {
 		return false, errors.New("Incompatible signature algorithm")
 	}
 	prehashed := false
@@ -112,7 +112,8 @@ func (publicKey *PublicKey) Verify(bin []byte, signature Signature) (bool, error
 
 	if prehashed {
 		h, _ := blake2b.New512(nil)
-		bin = h.Sum(bin)
+		h.Write(bin)
+		bin = h.Sum(nil)
 	}
 	if !ed25519.Verify(ed25519.PublicKey(publicKey.PublicKey[:]), bin, signature.Signature[:]) {
 		return false, errors.New("Invalid signature")
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 1c22abcb..51e61b4e 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -260,7 +260,7 @@ github.com/jedisct1/go-dnsstamps
 # github.com/jedisct1/go-hpke-compact v0.0.0-20210930135406-0763750339f0
 ## explicit; go 1.17
 github.com/jedisct1/go-hpke-compact
-# github.com/jedisct1/go-minisign v0.0.0-20211008170404-d0c644b276f4
+# github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b
 ## explicit; go 1.17
 github.com/jedisct1/go-minisign
 # github.com/jedisct1/xsecretbox v0.0.0-20210927135450-ebe41aef7bef