diff --git a/rpc.js b/rpc.js
index cff3dfeb0..eacaa05b2 100644
--- a/rpc.js
+++ b/rpc.js
@@ -15,11 +15,44 @@ var isValidChannel = function (chan) {
     return /^[a-fA-F0-9]/.test(chan);
 };
 
+var checkSignature = function (signedMsg, publicKey) {
+    if (!(signedMsg && publicKey)) { return null; }
+
+    var signedBuffer = Nacl.util.decodeBase64(signedMsg);
+    var pubBuffer = Nacl.util.decodeBase64(publicKey);
+
+    var opened = Nacl.sign.open(signedBuffer, pubBuffer);
+
+    if (opened) {
+        var decoded = Nacl.util.encodeUTF8(opened);
+        try {
+            return JSON.parse(decoded);
+        } catch (e) { } // fall through to return
+    }
+    return null;
+};
+
 RPC.create = function (config, cb) {
     // load pin-store...
 
     console.log('loading rpc module...');
-    var rpc = function (ctx, msg, respond) {
+    var rpc = function (ctx, args, respond) {
+        if (args.length < 2) {
+            return void respond("INSUFFICIENT_ARGS");
+        }
+
+        var signed = args[0];
+        var publicKey = args[1];
+
+        var msg = checkSignature(signed, publicKey);
+        if (!msg) {
+            return void respond("INVALID_SIGNATURE");
+        }
+
+        if (typeof(msg) !== 'object') {
+            return void respond('INVALID_MSG');
+        }
+
         switch (msg[0]) {
             case 'ECHO':
                 respond(void 0, msg);