Class Auth
SorobanAuthorizationEntry.- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classA delegate signer to attach to aSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESentry viabuildWithDelegatesEntry(SorobanAuthorizationEntry, long, List, SCVal)(CAP-71-01).static interfaceSigns a Soroban authorization preimage, returning the signatureSCValaccepted by the account contract at the credential node being signed — the default Stellar Account shape for a classicG...account (seedefaultAccountSignatureScVal(String, byte[])), or whatever the custom account contract's__check_authexpects (BLS, WebAuthn / secp256r1, threshold, policy contracts, ...). -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic byte[]authorizationPayloadHash(HashIDPreimage preimage) Returns the 32-byte payload that account contracts receive in__check_auth: the SHA-256 hash of the authorization preimage's XDR bytes.static SorobanAuthorizationEntryauthorizeEntry(String entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(String entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network, String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(String entry, KeyPair signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(String entry, KeyPair signer, Long validUntilLedgerSeq, Network network, String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(SorobanAuthorizationEntry entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(SorobanAuthorizationEntry entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network, String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(SorobanAuthorizationEntry entry, KeyPair signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeEntry(SorobanAuthorizationEntry entry, KeyPair signer, Long validUntilLedgerSeq, Network network, String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.static SorobanAuthorizationEntryauthorizeInvocation(Auth.Signer signer, String address, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network) This builds an entry from scratch, allowing you to express authorization as a function of: a particular identity (i.e.static SorobanAuthorizationEntryauthorizeInvocation(Auth.Signer signer, String address, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network, SorobanCredentialsType credentialsType) This builds an entry from scratch, allowing you to express authorization as a function of: a particular identity (i.e.static SorobanAuthorizationEntryauthorizeInvocation(KeyPair signer, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network) This builds an entry from scratch, allowing you to express authorization as a function of: a particular identity (i.e.static SorobanAuthorizationEntryauthorizeInvocation(KeyPair signer, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network, SorobanCredentialsType credentialsType) This builds an entry from scratch, allowing you to express authorization as a function of: a particular identity (i.e.static HashIDPreimagebuildAuthorizationEntryPreimage(SorobanAuthorizationEntry entry, long validUntilLedgerSeq, Network network) Builds theHashIDPreimagewhose hash a signer must sign to authorizeentry.static SorobanAuthorizationEntrybuildWithDelegatesEntry(SorobanAuthorizationEntry entry, long validUntilLedgerSeq, List<Auth.DelegateSignature> delegates, SCVal signature) Builds aSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESauthorization entry (CAP-71-01) by wrapping the address credentials of an existingSOROBAN_CREDENTIALS_ADDRESSorSOROBAN_CREDENTIALS_ADDRESS_V2entry (e.g.static SCValdefaultAccountSignatureScVal(byte[] publicKey, byte[] signature) Builds the signatureSCValshape expected by the default Stellar Account contract:Vec<Map{public_key: Bytes, signature: Bytes}>.static SCValdefaultAccountSignatureScVal(String accountId, byte[] signature) Builds the default Stellar Account signatureSCValfrom a classicG...account address — a convenience wrapper overdefaultAccountSignatureScVal(byte[], byte[])that decodesaccountIdto its raw ed25519 public key.static SorobanAddressCredentialsgetAddressCredentials(SorobanCredentials credentials) Extracts theSorobanAddressCredentialsfrom any address-based Soroban credential, regardless of which credential type variant is used.
-
Constructor Details
-
Auth
public Auth()
-
-
Method Details
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(String entry, KeyPair signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- a base64 encoded unsigned Soroban authorization entrysigner- aKeyPairwhich should correspond to the address in the `entry`validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(String entry, KeyPair signer, Long validUntilLedgerSeq, Network network, @Nullable String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- a base64 encoded unsigned Soroban authorization entrysigner- aKeyPairwhich should correspond to the address in the `entry`validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signatureforAddress- which credential node the signature should be written to, seeauthorizeEntry(SorobanAuthorizationEntry, Signer, Long, Network, String)- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(SorobanAuthorizationEntry entry, KeyPair signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- an unsigned Soroban authorization entrysigner- aKeyPairwhich should correspond to the address in the `entry`validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(SorobanAuthorizationEntry entry, KeyPair signer, Long validUntilLedgerSeq, Network network, @Nullable String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- an unsigned Soroban authorization entrysigner- aKeyPairwhich should correspond to the address in the `entry`validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signatureforAddress- which credential node the signature should be written to, seeauthorizeEntry(SorobanAuthorizationEntry, Signer, Long, Network, String)- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(String entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- a base64 encoded unsigned Soroban authorization entrysigner- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(String entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network, @Nullable String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- a base64 encoded unsigned Soroban authorization entrysigner- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signatureforAddress- which credential node the signature should be written to, seeauthorizeEntry(SorobanAuthorizationEntry, Signer, Long, Network, String)- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(SorobanAuthorizationEntry entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
- Parameters:
entry- an unsigned Soroban authorization entrysigner- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeEntry
public static SorobanAuthorizationEntry authorizeEntry(SorobanAuthorizationEntry entry, Auth.Signer signer, Long validUntilLedgerSeq, Network network, @Nullable String forAddress) Actually authorizes an existing authorization entry using the given the credentials and expiration details, returning a signed copy.This "fills out" the authorization entry with a signature, indicating to the
InvokeHostFunctionOperationit's attached to that:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
All address-based credential types are supported:
SOROBAN_CREDENTIALS_ADDRESS,SOROBAN_CREDENTIALS_ADDRESS_V2, andSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES. The signature payload differs per type, seebuildAuthorizationEntryPreimage(SorobanAuthorizationEntry, long, Network). Source-account credentials are returned unchanged (they are covered by the transaction envelope signature).- Parameters:
entry- an unsigned Soroban authorization entrysigner- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)network- the network is incorporated into the signatureforAddress- which credential node the signature should be written to. Only relevant forSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES, where a single entry can be signed by the top-level account and/or any of its (possibly nested) delegates. Per CAP-71-01 every one of these signers signs the same payload (bound to the top-level address), so the signature produced here is written to whichever node(s) carryforAddress. Because that shared payload commits tovalidUntilLedgerSeq, every signer of one entry must use the same value — signing with a different value invalidates the signatures collected so far. Whennull, the signature is written to the top-level credentials, which preserves the behavior forSOROBAN_CREDENTIALS_ADDRESS/SOROBAN_CREDENTIALS_ADDRESS_V2and for accounts whose signing key differs from the credential address (e.g. multisig).- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeInvocation
public static SorobanAuthorizationEntry authorizeInvocation(KeyPair signer, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network) This builds an entry from scratch, allowing you to express authorization as a function of:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
This is in contrast to
authorizeEntry(java.lang.String, org.stellar.sdk.KeyPair, java.lang.Long, org.stellar.sdk.Network), which signs an existing entry "in place".The returned entry uses legacy
SOROBAN_CREDENTIALS_ADDRESScredentials, which are valid on every network. To opt in to the address-boundSOROBAN_CREDENTIALS_ADDRESS_V2credentials (CAP-71-02, requires a protocol 27 network), useauthorizeInvocation(KeyPair, Long, SorobanAuthorizedInvocation, Network, SorobanCredentialsType). The default will flip to V2 once protocol 28 makes it mandatory.- Parameters:
signer- aKeyPairused to sign the entryvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)invocation- invocation the invocation tree that we're authorizing (likely, this comes from transaction simulation)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeInvocation
public static SorobanAuthorizationEntry authorizeInvocation(KeyPair signer, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network, SorobanCredentialsType credentialsType) This builds an entry from scratch, allowing you to express authorization as a function of:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
This is in contrast to
authorizeEntry(java.lang.String, org.stellar.sdk.KeyPair, java.lang.Long, org.stellar.sdk.Network), which signs an existing entry "in place".- Parameters:
signer- aKeyPairused to sign the entryvalidUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)invocation- invocation the invocation tree that we're authorizing (likely, this comes from transaction simulation)network- the network is incorporated into the signaturecredentialsType- the credential type for the new entry, either the legacySOROBAN_CREDENTIALS_ADDRESS(the default of the shorter overloads, valid on every network) or the address-boundSOROBAN_CREDENTIALS_ADDRESS_V2(CAP-71-02, requires a protocol 27 network). To build aSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESentry, usebuildWithDelegatesEntry(SorobanAuthorizationEntry, long, List, SCVal)instead- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeInvocation
public static SorobanAuthorizationEntry authorizeInvocation(Auth.Signer signer, String address, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network) This builds an entry from scratch, allowing you to express authorization as a function of:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
This is in contrast to
authorizeEntry(java.lang.String, org.stellar.sdk.KeyPair, java.lang.Long, org.stellar.sdk.Network), which signs an existing entry "in place".The returned entry uses legacy
SOROBAN_CREDENTIALS_ADDRESScredentials, which are valid on every network. To opt in to the address-boundSOROBAN_CREDENTIALS_ADDRESS_V2credentials (CAP-71-02, requires a protocol 27 network), useauthorizeInvocation(Signer, String, Long, SorobanAuthorizedInvocation, Network, SorobanCredentialsType). The default will flip to V2 once protocol 28 makes it mandatory.- Parameters:
signer- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsaddress- the address being authorized — a classicG...account or aC...contract address (the typical custom-account case)validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)invocation- invocation the invocation tree that we're authorizing (likely, this comes from transaction simulation)network- the network is incorporated into the signature- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
authorizeInvocation
public static SorobanAuthorizationEntry authorizeInvocation(Auth.Signer signer, String address, Long validUntilLedgerSeq, SorobanAuthorizedInvocation invocation, Network network, SorobanCredentialsType credentialsType) This builds an entry from scratch, allowing you to express authorization as a function of:- a particular identity (i.e. signing
KeyPairorAuth.Signer) - approving the execution of an invocation tree (i.e. a simulation-acquired
SorobanAuthorizedInvocationor otherwise built) - on a particular network (uniquely identified by its passphrase, see
Network) - until a particular ledger sequence is reached.
This is in contrast to
authorizeEntry(java.lang.String, org.stellar.sdk.KeyPair, java.lang.Long, org.stellar.sdk.Network), which signs an existing entry "in place".- Parameters:
signer- aAuth.Signerthat takes the authorization preimage (aHashIDPreimage) and returns the signatureSCValthe account at the entry's address expectsaddress- the address being authorized — a classicG...account or aC...contract address (the typical custom-account case)validUntilLedgerSeq- the (exclusive) future ledger sequence number until which this authorization entry should be valid (if `currentLedgerSeq==validUntil`, this is expired)invocation- invocation the invocation tree that we're authorizing (likely, this comes from transaction simulation)network- the network is incorporated into the signaturecredentialsType- the credential type for the new entry, either the legacySOROBAN_CREDENTIALS_ADDRESS(the default of the shorter overloads, valid on every network) or the address-boundSOROBAN_CREDENTIALS_ADDRESS_V2(CAP-71-02, requires a protocol 27 network). To build aSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESentry, usebuildWithDelegatesEntry(SorobanAuthorizationEntry, long, List, SCVal)instead- Returns:
- a signed Soroban authorization entry
- a particular identity (i.e. signing
-
getAddressCredentials
@Nullable public static SorobanAddressCredentials getAddressCredentials(SorobanCredentials credentials) Extracts theSorobanAddressCredentialsfrom any address-based Soroban credential, regardless of which credential type variant is used.This unifies access across
SOROBAN_CREDENTIALS_ADDRESS,SOROBAN_CREDENTIALS_ADDRESS_V2(which carries identical fields but binds the address into the signature payload, CAP-71-02), andSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES(which wraps the same address credentials alongside a set of delegate signatures, CAP-71-01).- Parameters:
credentials- the credentials to inspect- Returns:
- the inner address credentials, or
nullfor source-account credentials (which carry no address payload)
-
authorizationPayloadHash
Returns the 32-byte payload that account contracts receive in__check_auth: the SHA-256 hash of the authorization preimage's XDR bytes.Use this inside a custom
Auth.Signerto obtain the exact bytes the host asks the account contract to verify, then return whatever signatureSCValthe contract expects. It is the same payload theKeyPairsigning path signs.- Parameters:
preimage- the Soroban authorization preimage, seebuildAuthorizationEntryPreimage(SorobanAuthorizationEntry, long, Network)- Returns:
- the SHA-256 hash of the preimage XDR bytes
-
defaultAccountSignatureScVal
Builds the signatureSCValshape expected by the default Stellar Account contract:Vec<Map{public_key: Bytes, signature: Bytes}>.This is the building block for ed25519
Auth.Signerimplementations that sign elsewhere (a hardware module or remote signing service) yet target a classicG...account — the same shape theKeyPairsigning path produces. Use thisbyte[]overload when you already hold the raw public key (e.g. from an HSM); usedefaultAccountSignatureScVal(String, byte[])to pass aG...address instead.- Parameters:
publicKey- the raw 32-byte ed25519 public key that producedsignaturesignature- the 64-byte ed25519 signature overauthorizationPayloadHash(HashIDPreimage)- Returns:
- the default Stellar Account signature value
- See Also:
-
defaultAccountSignatureScVal
Builds the default Stellar Account signatureSCValfrom a classicG...account address — a convenience wrapper overdefaultAccountSignatureScVal(byte[], byte[])that decodesaccountIdto its raw ed25519 public key.- Parameters:
accountId- theG...account whose ed25519 public key producedsignaturesignature- the 64-byte ed25519 signature overauthorizationPayloadHash(HashIDPreimage)- Returns:
- the default Stellar Account signature value
-
buildAuthorizationEntryPreimage
public static HashIDPreimage buildAuthorizationEntryPreimage(SorobanAuthorizationEntry entry, long validUntilLedgerSeq, Network network) Builds theHashIDPreimagewhose hash a signer must sign to authorizeentry. This is the low-level signature payload used byauthorizeEntry(java.lang.String, org.stellar.sdk.KeyPair, java.lang.Long, org.stellar.sdk.Network), exposed for callers that drive signing themselves — most notably forSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES, where the client (not simulation) decides which delegates sign and how.For
SOROBAN_CREDENTIALS_ADDRESSthis is the legacy, non-address-boundENVELOPE_TYPE_SOROBAN_AUTHORIZATIONpreimage. ForSOROBAN_CREDENTIALS_ADDRESS_V2andSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESit is the address-boundENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESSpreimage (CAP-71). For the delegates variant this single payload — bound to the top-level address — is what the top-level account and every (nested) delegate each sign.To get the raw bytes to sign, hash the XDR:
Util.hash(preimage.toXdrByteArray()).- Parameters:
entry- the authorization entry to build the payload forvalidUntilLedgerSeq- the expiration ledger committed into the payload (must match thesignatureExpirationLedgeron the credentials you submit)network- the network whose id is mixed into the payload- Returns:
- the preimage to hash and sign
- Throws:
IllegalArgumentException- ifentrycarries source-account or otherwise non-address credentials
-
buildWithDelegatesEntry
public static SorobanAuthorizationEntry buildWithDelegatesEntry(SorobanAuthorizationEntry entry, long validUntilLedgerSeq, List<Auth.DelegateSignature> delegates, @Nullable SCVal signature) Builds aSOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESauthorization entry (CAP-71-01) by wrapping the address credentials of an existingSOROBAN_CREDENTIALS_ADDRESSorSOROBAN_CREDENTIALS_ADDRESS_V2entry (e.g. one returned by simulation) together with a caller-provided set of delegate signers.Simulation never emits the delegates variant on its own — which accounts use delegated authentication is account-specific policy known only to the client (much like a multisig policy). This helper just assembles the wrapper XDR; you supply the delegate tree (addresses and, optionally, signatures). To produce the signatures, build the shared payload with
buildAuthorizationEntryPreimage(SorobanAuthorizationEntry, long, Network)on the returned entry and sign it, or fill each node afterwards withauthorizeEntry(SorobanAuthorizationEntry, Signer, Long, Network, String)(passing the signer's address asforAddressand the samevalidUntilLedgerSeqas given here — the shared payload commits to it).Which delegates must actually sign is decided by the top-level account contract: per CAP-71-01 the host verifies a listed delegate only when the account's
__check_authconsumes it, so a delegate left with its void placeholder is valid as long as the account's policy does not require it.Each delegates list (the top-level set and every
nestedDelegates) is sorted by address in ascending order, and duplicate addresses within a list are rejected, as the protocol requires (CAP-71-01) — otherwise the host rejects the entry.- Parameters:
entry- an existingSOROBAN_CREDENTIALS_ADDRESSorSOROBAN_CREDENTIALS_ADDRESS_V2entry whose address credentials should be wrappedvalidUntilLedgerSeq- the expiration ledger sequence stored on the top-level credentialsdelegates- the delegate signers to attachsignature- the top-level account's signature, ornullfor anSCV_VOIDplaceholder, which is valid for accounts that authorize purely via delegated signers- Returns:
- a new
SOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATESauthorization entry - Throws:
IllegalArgumentException- ifentrydoes not carryADDRESS/ADDRESS_V2credentials, or if any delegates list contains a duplicate address
-