I suggest you add “hashing” step before “signing”.

Encryption on the client also happens before hashing and only for some notes so it could be omitted.