diff --git a/src/libs/crypto/vc/passkeyDidPeer.ts b/src/libs/crypto/vc/passkeyDidPeer.ts
index ec1ba0a1..37476f51 100644
--- a/src/libs/crypto/vc/passkeyDidPeer.ts
+++ b/src/libs/crypto/vc/passkeyDidPeer.ts
@@ -331,11 +331,11 @@ export async function verifyJwtP256(
   const finalSigBuffer = unwrapEC2Signature(sigBuffer);
   const publicKeyBytes = peerDidToPublicKeyBytes(issuerDid);
 
-  // Hash the client data
-  const hash = sha256(clientDataFromBase);
-
-  // Construct the preimage
-  const preimage = Buffer.concat([authDataFromBase, hash]);
+  // Use challenge in preimage construction
+  const preimage = Buffer.concat([
+    authDataFromBase,
+    Buffer.from(challenge),
+  ]);
 
   const isValid = p256.verify(
     finalSigBuffer,