validate
Validates a challenge transaction according to SEP-10 security requirements.
This is the MOST CRITICAL security step in SEP-10 authentication. This method performs 13 required validation checks to ensure the challenge is safe to sign.
Validation Checks:
Transaction envelope type must be ENVELOPE_TYPE_TX
Sequence number must be exactly 0
Memo type, if present, must be MEMO_ID
Memo value must match expected memo (if provided)
Transaction cannot have both memo and muxed account
All operations must be ManageData type
First operation source must be client account
First operation key must be "{serverHomeDomain} auth"
Client domain operation source must match (if present)
Web auth domain value must match endpoint host (if present)
Time bounds must be set and current time must be within bounds
Transaction must have exactly 1 signature (server's)
Server signature must be valid
Why validation is critical:
Prevents man-in-the-middle attacks
Prevents transaction replay attacks
Ensures challenge cannot perform destructive operations
Verifies server authenticity
Protects against domain confusion attacks
Example - Validate before signing:
val challenge = webAuth.getChallenge(clientAccountId)
try {
webAuth.validateChallenge(
challengeXdr = challenge.transaction,
clientAccountId = clientAccountId
)
// Challenge is valid, safe to sign
val signed = webAuth.signTransaction(challenge.transaction, signers)
} catch (e: InvalidSignatureException) {
// CRITICAL: Server signature invalid, possible MITM attack
throw SecurityException("Server signature invalid - DO NOT sign")
} catch (e: ChallengeValidationException) {
// Other validation failure
println("Challenge validation failed: ${e.message}")
}Parameters
Base64-encoded challenge transaction XDR
Expected client account ID (must match first operation source)
Optional expected client domain account ID (if using client domain)
Optional expected memo value (must match transaction memo if provided)
Throws
If any validation check fails