diff --git a/web/packages/accounts/services/srp.ts b/web/packages/accounts/services/srp.ts
index a6d6917290..3800c85fd8 100644
--- a/web/packages/accounts/services/srp.ts
+++ b/web/packages/accounts/services/srp.ts
@@ -582,8 +582,7 @@ export const srpVerificationUnauthorizedErrorMessage =
  * @param kek The user's key encryption key as a base64 string.
  *
  * @returns If SRP verification is successful, it returns a
- * {@link UserVerificationResponse} (both email and SRP verification resolve to
- * this same structure).
+ * {@link UserVerificationResponse}.
  *
  * @throws An Error with {@link srpVerificationUnauthorizedErrorMessage} in case
  * there is no such account, or if the credentials (kek) are incorrect.
@@ -647,6 +646,10 @@ interface VerifySRPSessionRequest {
 
 const SRPVerificationResponse = z.object({
     ...EmailOrSRPVerificationResponse.shape,
+    /**
+     * The SRP M2 (evidence message), the proof that the server has the
+     * verifier.
+     */
     srpM2: z.string(),
 });
 
diff --git a/web/packages/accounts/services/user.ts b/web/packages/accounts/services/user.ts
index edaa25f09f..2990b54ec3 100644
--- a/web/packages/accounts/services/user.ts
+++ b/web/packages/accounts/services/user.ts
@@ -477,30 +477,6 @@ export const putUserRecoveryKeyAttributes = async (
         }),
     );
 
-export interface UserVerificationResponse {
-    id: number;
-    keyAttributes?: KeyAttributes | undefined;
-    encryptedToken?: string | undefined;
-    token?: string;
-    twoFactorSessionID?: string | undefined;
-    passkeySessionID?: string | undefined;
-    /**
-     * Base URL for the accounts app where we should redirect to for passkey
-     * verification.
-     *
-     * This will only be set if the user has setup a passkey (i.e., whenever
-     * {@link passkeySessionID} is defined).
-     */
-    accountsUrl: string | undefined;
-    /**
-     * If both passkeys and TOTP based two factors are enabled, then {@link
-     * twoFactorSessionIDV2} will be set to the TOTP session ID instead of
-     * {@link twoFactorSessionID}.
-     */
-    twoFactorSessionIDV2?: string | undefined;
-    srpM2?: string | undefined;
-}
-
 /**
  * Ask remote to send a OTP / OTT to the given email to verify that the user has
  * access to it. Subsequent the app will pass this OTT back via the
@@ -527,35 +503,29 @@ export const sendOTT = async (
         }),
     );
 
-/**
- * Verify user's access to the given {@link email} by comparing the OTT that
- * remote previously sent to that email.
- *
- * @param email The email to verify.
- *
- * @param ott The OTT that the user entered.
- *
- * @param source During signup, we ask the user the referral "source" through
- * which they heard about Ente. When present (i.e. during signup, and if the
- * user indeed provided it), that source should be passed as this parameter.
- */
-export const verifyEmail = async (
-    email: string,
-    ott: string,
-    source: string | undefined,
-): Promise<UserVerificationResponse> => {
-    const res = await fetch(await apiURL("/users/verify-email"), {
-        method: "POST",
-        headers: publicRequestHeaders(),
-        body: JSON.stringify({ email, ott, ...(source ? { source } : {}) }),
-    });
-    ensureOk(res);
-    // See: [Note: strict mode migration]
-    //
-    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-    // @ts-ignore
-    return EmailOrSRPVerificationResponse.parse(await res.json());
-};
+export interface UserVerificationResponse {
+    id: number;
+    keyAttributes?: KeyAttributes | undefined;
+    encryptedToken?: string | undefined;
+    token?: string;
+    twoFactorSessionID?: string | undefined;
+    passkeySessionID?: string | undefined;
+    /**
+     * Base URL for the accounts app where we should redirect to for passkey
+     * verification.
+     *
+     * This will only be set if the user has setup a passkey (i.e., whenever
+     * {@link passkeySessionID} is defined).
+     */
+    accountsUrl: string | undefined;
+    /**
+     * If both passkeys and TOTP based two factors are enabled, then {@link
+     * twoFactorSessionIDV2} will be set to the TOTP session ID instead of
+     * {@link twoFactorSessionID}.
+     */
+    twoFactorSessionIDV2?: string | undefined;
+    srpM2?: string | undefined;
+}
 
 /**
  * Zod schema for response from remote on a successful user verification, either
@@ -587,6 +557,36 @@ export const EmailOrSRPVerificationResponse = z.object({
     srpM2: z.string().nullish().transform(nullToUndefined),
 });
 
+/**
+ * Verify user's access to the given {@link email} by comparing the OTT that
+ * remote previously sent to that email.
+ *
+ * @param email The email to verify.
+ *
+ * @param ott The OTT that the user entered.
+ *
+ * @param source During signup, we ask the user the referral "source" through
+ * which they heard about Ente. When present (i.e. during signup, and if the
+ * user indeed provided it), that source should be passed as this parameter.
+ */
+export const verifyEmail = async (
+    email: string,
+    ott: string,
+    source: string | undefined,
+): Promise<UserVerificationResponse> => {
+    const res = await fetch(await apiURL("/users/verify-email"), {
+        method: "POST",
+        headers: publicRequestHeaders(),
+        body: JSON.stringify({ email, ott, ...(source ? { source } : {}) }),
+    });
+    ensureOk(res);
+    // See: [Note: strict mode migration]
+    //
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-ignore
+    return EmailOrSRPVerificationResponse.parse(await res.json());
+};
+
 /**
  * Log the user out on remote, if possible and needed.
  */