diff --git a/src/database/key_value/globals.rs b/src/database/key_value/globals.rs
index 48e55578..63d0e2b6 100644
--- a/src/database/key_value/globals.rs
+++ b/src/database/key_value/globals.rs
@@ -8,6 +8,7 @@ use ruma::{
 	signatures::Ed25519KeyPair,
 	DeviceId, MilliSecondsSinceUnixEpoch, OwnedServerSigningKeyId, ServerName, UserId,
 };
+use tracing::debug;
 
 use crate::{database::KeyValueDatabase, service, services, utils, Error, Result};
 
@@ -185,7 +186,9 @@ lasttimelinecount_cache: {lasttimelinecount_cache}\n"
 	fn load_keypair(&self) -> Result<Ed25519KeyPair> {
 		let keypair_bytes = self.global.get(b"keypair")?.map_or_else(
 			|| {
+				debug!("No keypair found in database, assuming this is a new deployment and generating one.");
 				let keypair = utils::generate_keypair();
+				debug!("Generated keypair bytes: {:?}", keypair);
 				self.global.insert(b"keypair", &keypair)?;
 				Ok::<_, Error>(keypair)
 			},
@@ -200,6 +203,7 @@ lasttimelinecount_cache: {lasttimelinecount_cache}\n"
 		)
 		.map_err(|_| Error::bad_database("Invalid version bytes in keypair."))
 		.and_then(|version| {
+			debug!("Keypair version: {version}");
 			// 2. key
 			parts
 				.next()
@@ -207,8 +211,10 @@ lasttimelinecount_cache: {lasttimelinecount_cache}\n"
 				.map(|key| (version, key))
 		})
 		.and_then(|(version, key)| {
-			Ed25519KeyPair::from_der(key, version)
-				.map_err(|_| Error::bad_database("Private or public keys are invalid."))
+			let keypair = Ed25519KeyPair::from_der(key, version)
+				.map_err(|_| Error::bad_database("Private or public keys are invalid."));
+			debug!("Private and public key bytes: {keypair:?}");
+			keypair
 		})
 	}
 
diff --git a/src/service/globals/mod.rs b/src/service/globals/mod.rs
index 6f30e1b2..21aaeb14 100644
--- a/src/service/globals/mod.rs
+++ b/src/service/globals/mod.rs
@@ -152,7 +152,7 @@ impl Service<'_> {
 		let keypair = match keypair {
 			Ok(k) => k,
 			Err(e) => {
-				error!("Keypair invalid. Deleting...");
+				error!("Homeserver signing keypair in database is invalid. Deleting...");
 				db.remove_keypair()?;
 				return Err(e);
 			},
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 672224f6..3f054d7d 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -11,6 +11,7 @@ use argon2::{password_hash::SaltString, PasswordHasher};
 use rand::prelude::*;
 use ring::digest;
 use ruma::{canonical_json::try_from_json_map, CanonicalJsonError, CanonicalJsonObject, OwnedUserId};
+use tracing::debug;
 
 use crate::{services, Error, Result};
 
@@ -30,8 +31,11 @@ pub(crate) fn increment(old: Option<&[u8]>) -> Option<Vec<u8>> {
 	Some(number.to_be_bytes().to_vec())
 }
 
+/// Generates a new homeserver signing key. First 8 bytes are the version (a
+/// random alphanumeric string), the rest are generated by Ed25519KeyPair
 pub fn generate_keypair() -> Vec<u8> {
 	let mut value = random_string(8).as_bytes().to_vec();
+	debug!("Keypair version bytes: {value:?}");
 	value.push(0xFF);
 	value.extend_from_slice(
 		&ruma::signatures::Ed25519KeyPair::generate().expect("Ed25519KeyPair generation always works (?)"),
@@ -58,6 +62,7 @@ pub fn user_id_from_bytes(bytes: &[u8]) -> Result<OwnedUserId> {
 	.map_err(|_| Error::bad_database("Failed to parse user id from bytes"))
 }
 
+/// Generats a random *alphanumeric* string
 pub fn random_string(length: usize) -> String {
 	thread_rng().sample_iter(&rand::distributions::Alphanumeric).take(length).map(char::from).collect()
 }