Here's a quick example on how to use sodium_crypto_sign_detached(); where you have a message that you want to sign, so anyone with the public key can confirm that the message hasn't been tampered with.
This is similar to sodium_crypto_sign(), but the returned string does not contain the original message, it is just a signature.
<?php
$sign_pair = sodium_crypto_sign_keypair();
$sign_secret = sodium_crypto_sign_secretkey($sign_pair);
$sign_public = sodium_crypto_sign_publickey($sign_pair);
$message = 'Hello';
$signature = sodium_crypto_sign_detached($message, $sign_secret);
$message_valid = sodium_crypto_sign_verify_detached($signature, $message, $sign_public);
if (!$message_valid) {
exit('Message has been changed.');
}
?>