{"algorithm":"ES256K (secp256k1)","instructions":{"step_1":"Retrieve public key from https://feedoracle.io/.well-known/jwks.json (kid=feedoracle-mcp-es256k-1)","step_2":"Extract the 'signature.sig' field from the MCP tool response","step_3":"Reconstruct the signed payload: JSON.stringify(response minus 'signature' and 'verify_url' fields, sorted keys)","step_4":"Verify the ES256K signature over that payload using the public key","step_5":"Compare 'signature.content_hash' (sha256:<hex>) against your own hash of the payload"},"jwks_url":"https://feedoracle.io/.well-known/jwks.json","kid":"feedoracle-mcp-es256k-1","note":"FeedOracle MCP tool responses are signed at generation time with ES256K. Verification is fully client-side using the public JWKS key \u2014 no server trust required.","request_id":"fo-edb576969064","verification_type":"client-side"}