diff --git a/apps/vault/src/shared/guard/authorization.guard.ts b/apps/vault/src/shared/guard/authorization.guard.ts
index 5a3f3e031..fe953e031 100644
--- a/apps/vault/src/shared/guard/authorization.guard.ts
+++ b/apps/vault/src/shared/guard/authorization.guard.ts
@@ -60,6 +60,7 @@ export class AuthorizationGuard implements CanActivate {
     }).catch((err) => {
       throw new ApplicationException({
         message: err.message,
+        origin: err,
         suggestedHttpStatusCode: HttpStatus.FORBIDDEN
       })
     })
diff --git a/packages/signature/src/index.ts b/packages/signature/src/index.ts
index c99fa50ba..a4fffbaad 100644
--- a/packages/signature/src/index.ts
+++ b/packages/signature/src/index.ts
@@ -1,6 +1,6 @@
 export * from './lib/decode'
 export * from './lib/encrypt'
-export * from './lib/hash-request'
+export * from './lib/hash'
 export * from './lib/sign'
 export * from './lib/types'
 export * from './lib/utils'
diff --git a/packages/signature/src/lib/__test__/unit/decode.spec.ts b/packages/signature/src/lib/__test__/unit/decode.spec.ts
index 88a61c435..8c7f02c43 100644
--- a/packages/signature/src/lib/__test__/unit/decode.spec.ts
+++ b/packages/signature/src/lib/__test__/unit/decode.spec.ts
@@ -1,4 +1,5 @@
 import { decodeJwt } from '../../decode'
+import { JwtError } from '../../error'
 import { signJwt } from '../../sign'
 import { privateKeyToJwk } from '../../utils'
 
@@ -25,10 +26,12 @@ describe('decodeJwt', () => {
       signature: rawJwt.split('.')[2]
     })
   })
+
   it('throws an error if token is malformed', async () => {
-    expect(() => decodeJwt('invalid')).toThrow()
+    expect(() => decodeJwt('invalid')).toThrow(JwtError)
   })
-  it('throws an error if token is formed well with unmeaningful data', async () => {
-    expect(() => decodeJwt('invalid.invalid.invalid')).toThrow()
+
+  it('throws an error if token is in correct format but not valid base64url encoded data', async () => {
+    expect(() => decodeJwt('invalid.invalid.invalid')).toThrow(JwtError)
   })
 })
diff --git a/packages/signature/src/lib/__test__/unit/hash-request.util.spec.ts b/packages/signature/src/lib/__test__/unit/hash-request.util.spec.ts
index d22d4a46f..61ab14317 100644
--- a/packages/signature/src/lib/__test__/unit/hash-request.util.spec.ts
+++ b/packages/signature/src/lib/__test__/unit/hash-request.util.spec.ts
@@ -1,4 +1,4 @@
-import { hash } from '../../hash-request'
+import { hash } from '../../hash'
 
 describe('hashRequest', () => {
   it('hashes the given object', () => {
diff --git a/packages/signature/src/lib/__test__/unit/mock.ts b/packages/signature/src/lib/__test__/unit/mock.ts
index c54125e75..32b76cd11 100644
--- a/packages/signature/src/lib/__test__/unit/mock.ts
+++ b/packages/signature/src/lib/__test__/unit/mock.ts
@@ -1,4 +1,4 @@
-import { hash } from '../../hash-request'
+import { hash } from '../../hash'
 import { Alg } from '../../types'
 
 export const ALGORITHM = Alg.ES256
diff --git a/packages/signature/src/lib/__test__/unit/verify.spec.ts b/packages/signature/src/lib/__test__/unit/verify.spec.ts
index 9daedc88a..5a21accf7 100644
--- a/packages/signature/src/lib/__test__/unit/verify.spec.ts
+++ b/packages/signature/src/lib/__test__/unit/verify.spec.ts
@@ -1,6 +1,6 @@
 import { signatureToHex, toBytes } from 'viem'
 import { JwtError } from '../../error'
-import { hash } from '../../hash-request'
+import { hash } from '../../hash'
 import { secp256k1PublicKeySchema } from '../../schemas'
 import { signJwt, signSecp256k1 } from '../../sign'
 import { Alg, Header, JwtVerifyOptions, Payload, Secp256k1PublicKey, SigningAlg } from '../../types'
@@ -201,7 +201,7 @@ describe('verifySecp256k1', () => {
 })
 
 describe('verifyJwtHeader', () => {
-  it('should return true when all recognized crit parameters are present in the header', () => {
+  it('returns true when all recognized crit parameters are present in the header', () => {
     const header = {
       kid: 'kid1',
       alg: 'ES256K',
diff --git a/packages/signature/src/lib/hash-request.ts b/packages/signature/src/lib/hash.ts
similarity index 100%
rename from packages/signature/src/lib/hash-request.ts
rename to packages/signature/src/lib/hash.ts
diff --git a/packages/signature/src/lib/sign.ts b/packages/signature/src/lib/sign.ts
index 4b477e59e..88e767e1a 100644
--- a/packages/signature/src/lib/sign.ts
+++ b/packages/signature/src/lib/sign.ts
@@ -3,7 +3,7 @@ import { sha256 as sha256Hash } from '@noble/hashes/sha256'
 import { keccak_256 as keccak256 } from '@noble/hashes/sha3'
 import { SignJWT, importJWK } from 'jose'
 import { isHex, signatureToHex, toBytes, toHex } from 'viem'
-import { hash } from './hash-request'
+import { hash } from './hash'
 import { canonicalize } from './json.util'
 import { jwkBaseSchema, privateKeySchema } from './schemas'
 import { EcdsaSignature, Header, Hex, Jwk, JwsdHeader, PartialJwk, Payload, PrivateKey, SigningAlg } from './types'
diff --git a/packages/signature/src/lib/verify.ts b/packages/signature/src/lib/verify.ts
index 260eb9074..88e696c47 100644
--- a/packages/signature/src/lib/verify.ts
+++ b/packages/signature/src/lib/verify.ts
@@ -6,7 +6,7 @@ import { promisify } from 'node:util'
 import { hexToBytes, isAddressEqual, recoverAddress } from 'viem'
 import { decodeJwsd, decodeJwt } from './decode'
 import { JwtError } from './error'
-import { hash } from './hash-request'
+import { hash } from './hash'
 import { JwsdHeader, publicKeySchema } from './schemas'
 import { eip191Hash } from './sign'
 import { isSecp256k1PublicKeyJwk } from './typeguards'