@mikedev It's working. I noticed activities such as Like
in my log where HTTP signature belongs to one actor and integrity proof to another. My server checks both signatures, integrity proof takes precedence, the (actor == signer) constraint is satisfied and activity is accepted.