ContractChallengeValidationErrorInvalidServerSignature
extends ContractChallengeValidationError
in package
Exception thrown when the server's authorization entry has an invalid signature.
This exception is thrown when the server's authorization entry (where credentials.address matches the server account) does not have a valid signature from the server's signing key. This validation ensures the challenge actually came from the legitimate authentication server.
Security Impact: Critical security check. The server signature proves the challenge originated from the legitimate authentication server and not from an attacker. Without a valid server signature, anyone could create fake challenges to capture client signatures. Always verify the server signature before proceeding with authentication.