diff --git a/apps/proposer/src/routes/proposer.mjs b/apps/proposer/src/routes/proposer.mjs
index 37ea7f585..6d944253b 100644
--- a/apps/proposer/src/routes/proposer.mjs
+++ b/apps/proposer/src/routes/proposer.mjs
@@ -14,7 +14,7 @@ const router = express.Router();
 
 router.post('/offchain-transaction', async (req, res, next) => {
   const nf3 = req.app.get('nf3');
-  const { transaction } = req.body;
+  const { transaction, signature } = req.body;
   if (!transaction) {
     res.sendStatus(404);
     return;
@@ -34,7 +34,7 @@ router.post('/offchain-transaction', async (req, res, next) => {
   }
 
   try {
-    const res2 = await nf3.forwardOffchainTransaction(transaction);
+    const res2 = await nf3.forwardOffchainTransaction(transaction, signature);
     res.sendStatus(res2.status);
   } catch (error) {
     next(error);
diff --git a/cli/lib/nf3.mjs b/cli/lib/nf3.mjs
index c3ef8afa2..aae5132ab 100644
--- a/cli/lib/nf3.mjs
+++ b/cli/lib/nf3.mjs
@@ -1314,13 +1314,12 @@ class Nf3 {
     @param {object} transaction
     @returns {object} A promise that resolves to the API call status
    */
-  async forwardOffchainTransaction(transaction) {
+  async forwardOffchainTransaction(transaction, signature) {
     const res = await axios.post(
       `${this.optimistBaseUrl}/proposer/offchain-transaction`,
-      { transaction },
+      { transaction, signature },
       { timeout: 3600000 },
     );
-    console.log(`FORWARDING TO ${this.optimistBaseUrl}/proposer/offchain-transaction`);
     return res;
   }
 
diff --git a/nightfall-optimist/src/routes/proposer.mjs b/nightfall-optimist/src/routes/proposer.mjs
index 69b1e0eba..5ad5c3f16 100644
--- a/nightfall-optimist/src/routes/proposer.mjs
+++ b/nightfall-optimist/src/routes/proposer.mjs
@@ -411,8 +411,9 @@ router.post('/offchain-transaction', async (req, res) => {
   // the first thing we'll do is check that the sender is whitelisted (if required by our config)
   if (!process.env.ANONYMOUS_USER) {
     const address = web3.eth.accounts.recover(JSON.stringify(transaction), signature);
+    logger.debug(`Recovered address ${address}`);
     const x509Instance = await getContractInstance('X509');
-    const isWhitelisted = await x509Instance.x509Check(address);
+    const isWhitelisted = await x509Instance.methods.x509Check(address).call();
     if (!isWhitelisted) {
       logger.warn('Attempted transaction by a user who is not whitelisted');
       res.sendStatus(401);