diff --git a/Makefile b/Makefile
index c3f12af06e..13e611ea20 100644
--- a/Makefile
+++ b/Makefile
@@ -17,10 +17,10 @@ res: ## update resources
 
 build: build_stmhal build_unix build_cross ## build stmhal, unix and mpy-cross micropython ports
 
-build_stmhal: vendor ## build stmhal port
+build_stmhal: vendor build_cross ## build stmhal port
 	$(MAKE) -C vendor/micropython/stmhal BOARD=$(BOARD)
 
-build_stmhal_debug: vendor ## build stmhal port with debug symbols
+build_stmhal_debug: vendor build_cross ## build stmhal port with debug symbols
 	$(MAKE) -C vendor/micropython/stmhal BOARD=$(BOARD) DEBUG=1
 
 build_stmhal_frozen: vendor res build_cross ## build stmhal port with frozen modules (from /src)
diff --git a/micropython/stmhal/bootloader/bootloader.c b/micropython/stmhal/bootloader/bootloader.c
index ac5346ef65..c197a91e6d 100644
--- a/micropython/stmhal/bootloader/bootloader.c
+++ b/micropython/stmhal/bootloader/bootloader.c
@@ -98,6 +98,8 @@ int main(void) {
 
     check_sdcard();
 
+    check_signature();
+
     if (check_header((const uint8_t *)STAGE2_START)) {
         screen_stage2_jump();
         // TODO: jump to second stage
diff --git a/micropython/stmhal/bootloader/crypto.c b/micropython/stmhal/bootloader/crypto.c
index b29a2f0ca0..b8e054a52a 100644
--- a/micropython/stmhal/bootloader/crypto.c
+++ b/micropython/stmhal/bootloader/crypto.c
@@ -5,17 +5,17 @@
 
 #include "crypto.h"
 
-/*
+#define FLASH_BASE 0x08000000
+
 void hash_flash(uint8_t hash[SHA256_DIGEST_LENGTH])
 {
      sha256_Raw((const uint8_t *)FLASH_BASE, 1024*1024, hash);
 }
 
-bool ed25519_verify(const uint8_t *msg, uint32_t msglen, uint8_t *pubkey, uint8_t *signature)
+bool ed25519_verify(const uint8_t *msg, uint32_t msglen, const uint8_t *pubkey, const uint8_t *signature)
 {
     return (0 == ed25519_sign_open(msg, msglen, *(const ed25519_public_key *)pubkey, *(const ed25519_signature *)signature));
 }
-*/
 
 bool check_header(const uint8_t *data)
 {
@@ -50,3 +50,13 @@ bool check_header(const uint8_t *data)
 
     return true;
 }
+
+bool check_signature(void)
+{
+    uint8_t hash[SHA256_DIGEST_LENGTH];
+    hash_flash(hash);
+
+    const uint8_t *pub = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF";
+    const uint8_t *sig = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
+    return ed25519_verify(hash, SHA256_DIGEST_LENGTH, pub, sig);
+}
diff --git a/micropython/stmhal/bootloader/crypto.h b/micropython/stmhal/bootloader/crypto.h
index c3019f7d7d..6a2fb7c10a 100644
--- a/micropython/stmhal/bootloader/crypto.h
+++ b/micropython/stmhal/bootloader/crypto.h
@@ -6,4 +6,6 @@
 
 bool check_header(const uint8_t *data);
 
+bool check_signature(void);
+
 #endif
diff --git a/micropython/stmhal/bootloader/ui.c b/micropython/stmhal/bootloader/ui.c
index 9df1f36022..c8cb4c9c52 100644
--- a/micropython/stmhal/bootloader/ui.c
+++ b/micropython/stmhal/bootloader/ui.c
@@ -3,18 +3,15 @@
 
 void screen_stage1(void)
 {
-    display_clear();
-    display_text(0, 240, "BL stage 1", -1, FONT_MONO, ui_WHITE, ui_BLACK);
+    display_print("BL stage 1\n", -1);
 }
 
 void screen_stage2_jump(void)
 {
-    display_clear();
-    display_text(0, 240, "BL stage 2 jump", -1, FONT_MONO, ui_WHITE, ui_BLACK);
+    display_print("BL stage 2 jump\n", -1);
 }
 
 void screen_stage2_invalid(void)
 {
-    display_clear();
-    display_text(0, 240, "BL stage 2 invalid", -1, FONT_MONO, ui_WHITE, ui_BLACK);
+    display_print("BL stage 2 invalid\n", -1);
 }