stellar-sdk/com.soneso.stellar.sdk.sep.sep10.exceptions/InvalidTimeBoundsException

InvalidTimeBoundsException

class InvalidTimeBoundsException(minTime: Long?, maxTime: Long?, currentTime: Long, gracePeriodSeconds: Int) : ChallengeValidationException

Exception thrown when the challenge transaction's time bounds are invalid.

SEP-10 Security Requirement: The challenge transaction MUST have time bounds set, and the current time must be within those bounds (with a configurable grace period).

Time bounds validation prevents:

  • Replay attacks using expired challenges

  • Use of challenges that are too far in the future

  • Indefinite validity of challenge transactions

Standard validation rules:

  • minTime must be in the past (accounting for clock skew)

  • maxTime must be in the future (accounting for clock skew)

  • The grace period (default: 300 seconds / 5 minutes) allows for:

  • Network latency

  • Clock differences between client and server

  • User time to review and sign

Typical time bounds:

  • Server sets minTime to current time

  • Server sets maxTime to current time + 15 minutes

  • Client validates within 5-minute grace period on each side

Attack scenario prevented: Without time bounds, an attacker who intercepts a signed challenge could replay it at any point in the future to impersonate the user.

Parameters

minTime

The minimum time bound (Unix timestamp)

maxTime

The maximum time bound (Unix timestamp)

currentTime

The current time when validation was performed

gracePeriodSeconds

The grace period used for validation

Constructors

Link copied to clipboard
constructor(minTime: Long?, maxTime: Long?, currentTime: Long, gracePeriodSeconds: Int)

Properties

Link copied to clipboard
expect open val cause: Throwable?
Link copied to clipboard
expect open val message: String?
Generated by Dokka
© 2026 Copyright