diff --git a/internal/federation/authenticate.go b/internal/federation/authenticate.go
index 81ac84544..1866c0b1d 100644
--- a/internal/federation/authenticate.go
+++ b/internal/federation/authenticate.go
@@ -102,10 +102,6 @@ func getPublicKeyFromResponse(c context.Context, b []byte, keyID *url.URL) (voca
 // Authenticate in this case is defined as making sure that the http request is actually signed by whoever claims
 // to have signed it, by fetching the public key from the signature and checking it against the remote public key.
 //
-// To avoid making unnecessary http calls towards blocked domains, this function *does* bail early if an instance-level domain block exists
-// for the request from the incoming domain. However, it does not check whether individual blocks exist between the requesting user or domain
-// and the requested user: this should be done elsewhere.
-//
 // The provided username will be used to generate a transport for making remote requests/derefencing the public key ID of the request signature.
 // Ideally you should pass in the username of the user *being requested*, so that the remote server can decide how to handle the request based on who's making it.
 // Ie., if the request on this server is for https://example.org/users/some_username then you should pass in the username 'some_username'.
@@ -227,7 +223,8 @@ func (f *federator) AuthenticateFederatedRequest(ctx context.Context, requestedU
 
 	for _, algo := range algos {
 		l.Tracef("trying algo: %s", algo)
-		if err := verifier.Verify(publicKey, algo); err == nil {
+		err := verifier.Verify(publicKey, algo)
+		if err == nil {
 			l.Tracef("authentication for %s PASSED with algorithm %s", pkOwnerURI, algo)
 			return pkOwnerURI, true, nil
 		}