so i prototyped this in like 4 hours. it's called fluffy: you generate a keypair, put the public key on your domain's DNS TXT record, and you can sign files with your private key + enter in a unique code. (Like pidgon.com>hr/23)
now when the receiver wants to verify the file, they upload it, enter the code and fluffy verifies if its legit.
core is dead simple, it's literally ed25519 and three functions, there's no create account thing for now and it's all free bc i store almost nothing (except the signature mapping, which expires in 30 days, and some basic org verification)
that's about it. would love any suggestions and feedback (esp on if you think its too simple lol). open to feedback here or if you want to chat directly, hmu at mihir[at]pidgon[dot].com!