stellar-sdk/com.soneso.stellar.sdk.sep.sep45.exceptions/Sep45InvalidNonceException

Sep45InvalidNonceException

class Sep45InvalidNonceException(message: String) : Sep45ChallengeValidationException

Exception thrown when the nonce argument is missing or inconsistent.

SEP-45 Security Requirement: Each authorization entry MUST contain a nonce argument, and the nonce MUST be consistent across all entries in the challenge.

The nonce serves critical security purposes:

  • Prevents replay attacks (each challenge is unique)

  • Links all authorization entries in a challenge together

  • Ensures entries cannot be mixed from different challenges

Validation rules:

  • Every authorization entry must have a "nonce" argument

  • The nonce must be a non-empty string

  • All entries in a challenge must have the same nonce value

Common causes of this error:

  • Server bug generating challenges without nonce

  • Entries from different challenges mixed together

  • Corrupted or tampered authorization entries

Attack scenario prevented: Without nonce validation, an attacker could:

  • Replay old authorization entries

  • Mix entries from different challenges

  • Reuse captured authentication requests

Example - Handle nonce issues:

try {
    webAuth.validateChallenge(authEntries, accountId)
} catch (e: Sep45InvalidNonceException) {
    logger.error("Nonce validation failed: ${e.message}")
    // Request a fresh challenge
}
Content copied to clipboard

Parameters

message

Description of the nonce issue

Constructors

Link copied to clipboard
constructor(message: String)

Properties

Link copied to clipboard
expect open val cause: Throwable?
Link copied to clipboard
expect open val message: String?
Generated by Dokka
© 2026 Copyright