stellar-sdk/com.soneso.stellar.sdk.sep.sep45.exceptions/Sep45MissingServerEntryException

Sep45MissingServerEntryException

class Sep45MissingServerEntryException(message: String) : Sep45ChallengeValidationException

Exception thrown when the server's authorization entry is missing from the challenge.

SEP-45 Security Requirement: The challenge MUST contain an authorization entry for the server, identified by:

  • credentials.type = SOROBAN_CREDENTIALS_ADDRESS

  • credentials.addressCredentials.address matching the server signing key (G...)

  • Valid signature from the server

The server entry proves that:

  • The challenge was generated by the legitimate server

  • The server controls the signing key in stellar.toml

  • The challenge has not been tampered with

Common causes of this error:

  • Server bug not including its own entry

  • Challenge was modified/stripped in transit

  • Non-compliant SEP-45 implementation

  • Man-in-the-middle attack removing server entry

Without a server entry:

  • Challenge authenticity cannot be verified

  • Any attacker could generate fake challenges

  • MITM attacks become trivial

Example - Handle missing server entry:

try {
    webAuth.validateChallenge(authEntries, accountId)
} catch (e: Sep45MissingServerEntryException) {
    logger.error("SECURITY: Server entry missing from challenge!")
    logger.error(e.message)
    // Do NOT proceed - cannot verify challenge authenticity
    // Contact service provider if this persists
}
Content copied to clipboard

Parameters

message

Description of what server entry is expected

Constructors

Link copied to clipboard
constructor(message: String)

Properties

Link copied to clipboard
expect open val cause: Throwable?
Link copied to clipboard
expect open val message: String?
Generated by Dokka
© 2026 Copyright