diff --git a/shared/auth.py b/shared/auth.py
index 60c9a676..3b192d85 100644
--- a/shared/auth.py
+++ b/shared/auth.py
@@ -133,28 +133,6 @@ RFC_SIGNATURE_TEMPLATE = '''\
 -----END {blockchain} SIGNED MESSAGE-----
 '''
 
-def verify_recover_pubkey(sig, digest):
-    # verifies a message digest against a signature and recovers
-    # the address type and public key that did the signing
-    if len(sig) != 65:
-        raise ValueError('signature length != 65')
-
-    v = sig[0]
-    if 27 <= v <= 34:
-        af = AF_CLASSIC
-    elif 35 <= v <= 38:
-        af = AF_P2WPKH_P2SH
-    elif 39 <= v <= 42:
-        af = AF_P2WPKH
-    else:
-        raise ValueError('unsupported recovery id v=%s' % v)
-
-    try:
-        sig = ngu.secp256k1.signature(sig)
-        return af, sig.verify_recover(digest).to_bytes()
-    except:
-        raise ValueError('invalid signature')
-
 def sign_message_digest(digest, subpath, prompt):
     # do the signature itself!
     from glob import dis
diff --git a/shared/chains.py b/shared/chains.py
index 358fb798..1cca299d 100644
--- a/shared/chains.py
+++ b/shared/chains.py
@@ -363,4 +363,26 @@ CommonDerivations = [
 ]
 
 
+def verify_recover_pubkey(sig, digest):
+    # verifies a message digest against a signature and recovers
+    # the address type and public key that did the signing
+    if len(sig) != 65:
+        raise ValueError('signature length')
+
+    v = sig[0]
+    if 27 <= v <= 34:
+        af = AF_CLASSIC
+    elif 35 <= v <= 38:
+        af = AF_P2WPKH_P2SH
+    elif 39 <= v <= 42:
+        af = AF_P2WPKH
+    else:
+        raise ValueError('unsupported recovery: %d' % v)
+
+    try:
+        sig = ngu.secp256k1.signature(sig)
+        return af, sig.verify_recover(digest).to_bytes()
+    except:
+        raise ValueError('invalid signature')
+
 # EOF
diff --git a/shared/hsm.py b/shared/hsm.py
index f70109d4..50ff1caf 100644
--- a/shared/hsm.py
+++ b/shared/hsm.py
@@ -16,7 +16,6 @@ from ubinascii import hexlify as b2a_hex
 from ubinascii import unhexlify as a2b_hex
 from files import CardSlot, CardMissingError
 from serializations import CTxOut
-from auth import verify_recover_pubkey
 
 # where we save policy/config
 POLICY_FNAME = '/flash/hsm-policy.json'
@@ -347,7 +346,7 @@ class ApprovalRule:
                 # we are verifying the whole consensus-encoded txout
                 txo_bytes = CTxOut(o.amount, o.scriptpubkey).serialize()
                 digest = chain.hash_message(txo_bytes)
-                addr_fmt, pubkey = verify_recover_pubkey(o.attestation, digest)
+                addr_fmt, pubkey = chains.verify_recover_pubkey(o.attestation, digest)
                 # we have extracted a valid pubkey from the sig, but is it
                 # a whitelisted pubkey or something else?
                 ver_addr = chain.pubkey_to_address(pubkey, addr_fmt)