Authentication

In SEP-0010 Stellar defines a mechanism for using the cryptographic properties of transactions in order to present and fulfil an authentication challenge.

The server constructs a challenge with an . The challenge can be serialised to and deserialised from JSON.

val challenge = authChallenger.challenge(clientKey.toAccountId, "test.com")
Challenge(challenge.toJson) must beEquivalentTo(challenge)

The client can meet the challenge by signing the presented transaction. The server can then

val challenge = authChallenger.challenge(
  accountId = clientKey.toAccountId,
  homeDomain = "test.com",
  timeout = 15.minutes
)
val answer = challenge.signedTransaction.sign(clientKey)
challenge.verify(answer) mustEqual ChallengeSuccess

It is important that the client validate the properties of the challenge transaction before signing and returning. For example, the transaction should have a sequence number of zero to prevent it from being submittable to the network. See the SEP-0010 specification for up-to-date requirements.