diff --git a/lightningd/signmessage.c b/lightningd/signmessage.c
index 44dfe52bf..c2236d5cc 100644
--- a/lightningd/signmessage.c
+++ b/lightningd/signmessage.c
@@ -56,8 +56,7 @@ static const u8 *from_zbase32(const tal_t *ctx, const char *msg)
 	if (!bech32_convert_bits(u8arr, &len, 8,
 				 u5arr, tal_bytelen(u5arr), 5, false))
 		return tal_free(u8arr);
-	assert(len == tal_bytelen(u8arr));
-	return u8arr;
+	return len == tal_bytelen(u8arr) ? u8arr : tal_free(u8arr);
 }
 
 static struct command_result *json_signmessage(struct command *cmd,
@@ -235,4 +234,3 @@ static const struct json_command json_checkmessage_cmd = {
 	"Verify a digital signature {zbase} of {message} signed with {pubkey}",
 };
 AUTODATA(json_command, &json_checkmessage_cmd);
-
diff --git a/tests/test_misc.py b/tests/test_misc.py
index cfb6977be..fdbb525e6 100644
--- a/tests/test_misc.py
+++ b/tests/test_misc.py
@@ -1866,6 +1866,9 @@ def test_signmessage(node_factory):
     checknokey = l2.rpc.checkmessage(message="message for you", zbase=zm)
     assert checknokey['pubkey'] == l1.info['id']
     assert checknokey['verified']
+    # check that checkmassage used with a wrong zbase format throws an RPC exception
+    with pytest.raises(RpcError, match="zbase is not valid zbase32"):
+        l2.rpc.checkmessage(message="wrong zbase format", zbase="wrong zbase format")
 
 
 def test_include(node_factory):