stellar-sdk/com.soneso.stellar.sdk.smartaccount.core/SmartAccountAuth/buildAuthPayloadHash

buildAuthPayloadHash

suspend fun buildAuthPayloadHash(entry: SorobanAuthorizationEntryXdr, expirationLedger: UInt, networkPassphrase: String): ByteArray

Builds the authorization payload hash for signing.

Computes the hash that must be signed to authorize a Soroban operation. This hash is used as the WebAuthn challenge when collecting biometric signatures.

The payload is constructed as:

HashIdPreimage::SorobanAuthorization {
  networkId: SHA256(networkPassphrase as UTF-8),
  nonce: credentials.nonce,
  signatureExpirationLedger: expirationLedger,
  invocation: entry.rootInvocation
}
hash = SHA256(XDR_encode(payload))
Content copied to clipboard

CRITICAL: The entry must have .Address credentials and the expiration ledger is used in the hash computation before any signatures are added.

Return

The 32-byte SHA-256 hash of the authorization payload

Parameters

entry

The authorization entry to build the payload hash for

expirationLedger

The ledger number at which the signature expires

networkPassphrase

The network passphrase (e.g., "Test SDF Network ; September 2015")

Throws

if credentials is not .Address type or if XDR encoding fails

Example:

val hash = SmartAccountAuth.buildAuthPayloadHash(
    entry = authEntry,
    expirationLedger = 12345678u,
    networkPassphrase = Network.TESTNET.networkPassphrase
)
// Use hash as WebAuthn challenge
val webAuthnResponse = navigator.credentials.get(challenge = hash)
Content copied to clipboard
Generated by Dokka
© 2026 Copyright