From 4c242000be2002b254483ec91335a41817fc6d83 Mon Sep 17 00:00:00 2001
From: Kirbyrawr <devkirbyrawr@gmail.com>
Date: Wed, 13 Jan 2021 23:03:20 +0100
Subject: [PATCH 1/2] SEP-10 3.1 Changes

---
 .../WebAuthenticationTest.cs                  | 186 ++++++++++--------
 stellar-dotnet-sdk/WebAuthentication.cs       |  41 ++--
 2 files changed, 135 insertions(+), 92 deletions(-)

diff --git a/stellar-dotnet-sdk-test/WebAuthenticationTest.cs b/stellar-dotnet-sdk-test/WebAuthenticationTest.cs
index 2af30709d..4ab7211ba 100644
--- a/stellar-dotnet-sdk-test/WebAuthenticationTest.cs
+++ b/stellar-dotnet-sdk-test/WebAuthenticationTest.cs
@@ -11,6 +11,8 @@ namespace stellar_dotnet_sdk_test
     public class WebAuthenticationTest
     {
         private const string HomeDomain = "thisisatest.sandbox.anchor.anchordomain.com";
+        private const string WebAuthDomain = "thisisatest.sandbox.anchor.webauth.com";
+
         private string ManageDataOperationName => $"{HomeDomain} auth";
 
         [TestMethod]
@@ -18,9 +20,8 @@ public void TestBuildChallengeTransaction()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF";
-            var anchorName = "NET";
             Network.UseTestNetwork();
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, anchorName);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, HomeDomain, WebAuthDomain);
 
             var serializedTx = tx.ToEnvelopeXdrBase64();
             var back = Transaction.FromEnvelopeXdr(serializedTx);
@@ -38,7 +39,6 @@ public void TestBuildChallengeTransactionWithOptions()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = KeyPair.FromAccountId("GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF");
-            var anchorName = "NET";
 
             var nonce = new byte[48];
             Array.Clear(nonce, 0, nonce.Length);
@@ -47,7 +47,7 @@ public void TestBuildChallengeTransactionWithOptions()
             var duration = TimeSpan.FromMinutes(10.0);
 
             var tx = WebAuthentication
-                .BuildChallengeTransaction(serverKeypair, clientAccountId, anchorName, nonce, now, duration, Network.Test());
+                .BuildChallengeTransaction(serverKeypair, clientAccountId, HomeDomain, WebAuthDomain, nonce, now, duration, Network.Test());
 
             var serializedTx = tx.ToEnvelopeXdrBase64();
             var back = Transaction.FromEnvelopeXdr(serializedTx);
@@ -66,7 +66,6 @@ public void TestBuildChallengeTransactionFailsWithMuxedAccount()
             var clientAccountId =
                 MuxedAccountMed25519.FromMuxedAccountId(
                     "MAAAAAAAAAAAJURAAB2X52XFQP6FBXLGT6LWOOWMEXWHEWBDVRZ7V5WH34Y22MPFBHUHY");
-            var anchorName = "NET";
 
             var nonce = new byte[48];
             Array.Clear(nonce, 0, nonce.Length);
@@ -77,7 +76,7 @@ public void TestBuildChallengeTransactionFailsWithMuxedAccount()
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
                 var tx = WebAuthentication
-                    .BuildChallengeTransaction(serverKeypair, clientAccountId.Address, anchorName, nonce, now, duration,
+                    .BuildChallengeTransaction(serverKeypair, clientAccountId.Address, HomeDomain, WebAuthDomain, nonce, now, duration,
                         Network.Test());
             });
         }
@@ -91,10 +90,10 @@ public void TestVerifyChallengeTransactionReturnsTrueForValidTransaction()
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair);
 
-            Assert.IsTrue(WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now));
+            Assert.IsTrue(WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now));
         }
 
         [TestMethod]
@@ -114,7 +113,7 @@ public void TestVerifyChallengeTransactionThrowsIfSequenceIsNotZero()
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -123,17 +122,17 @@ public void TestVerifyChallengeTransactionThrowsIfServerAccountIdIsDifferent()
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, KeyPair.Random().AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, KeyPair.Random().AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -156,7 +155,7 @@ public void TestVerifyChallengeTransactionThrowsIfTransactionHasNoManageDataOper
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -177,7 +176,7 @@ public void TestVerifyChallengeTransactionThrowsIfOperationHasNoSourceAccount()
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
 
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -201,7 +200,7 @@ public void TestVerifyChallengeTransactionThrowsIfOperationDataIsNotBase64Encode
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -210,18 +209,18 @@ public void TestVerifyChallengeTransactionThrowsIfNotSignedByServer()
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Signatures.Clear();
             tx.Sign(clientKeypair);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -230,17 +229,17 @@ public void TestVerifyChallengeTransactionThrowsIfSignedByServerOnDifferentNetwo
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now, network: Network.Public());
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now, network: Network.Public());
             });
         }
 
@@ -249,16 +248,16 @@ public void TestVerifyChallengeTransactionThrowsIfNotSignedByClient()
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now);
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             });
         }
 
@@ -267,17 +266,17 @@ public void TestVerifyChallengeTransactionThrowsIfSignedByClientOnDifferentNetwo
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair, Network.Public());
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now, network: Network.Test());
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now, network: Network.Test());
             });
         }
 
@@ -286,17 +285,17 @@ public void TestVerifyChallengeTransactionThrowsIfItsTooEarly()
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
                 {
-                    WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now.Subtract(TimeSpan.FromDays(1.0)));
+                    WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now.Subtract(TimeSpan.FromDays(1.0)));
                 });
         }
 
@@ -305,17 +304,17 @@ public void TestVerifyChallengeTransactionThrowsIfItsTooLate()
         {
             var serverKeypair = KeyPair.Random();
             var clientKeypair = KeyPair.Random();
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
 
             var now = DateTimeOffset.Now;
 
-            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, anchorName, now: now);
+            var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientKeypair.AccountId, HomeDomain, WebAuthDomain, now: now);
             tx.Sign(clientKeypair);
 
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
                 {
-                    WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now.Add(TimeSpan.FromDays(1.0)));
+                    WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now.Add(TimeSpan.FromDays(1.0)));
                 });
         }
 
@@ -331,7 +330,7 @@ public void TestVerifyChallengeTransactionThrowsIfServerIsMuxedAccount()
             var tx = Transaction.FromEnvelopeXdr(txXdr);
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now.Add(TimeSpan.FromDays(1.0)));
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now.Add(TimeSpan.FromDays(1.0)));
             });
         }
 
@@ -347,7 +346,7 @@ public void TestVerifyChallengeTransactionThrowsIfClientIsMuxedAccount()
             var tx = Transaction.FromEnvelopeXdr(txXdr);
             Assert.ThrowsException<InvalidWebAuthenticationException>(() =>
             {
-                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, now: now.Add(TimeSpan.FromDays(1.0)));
+                WebAuthentication.VerifyChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: now.Add(TimeSpan.FromDays(1.0)));
             });
         }
 
@@ -360,11 +359,10 @@ private void CheckAccounts(Transaction tx, KeyPair serverKeypair)
 
         private void CheckOperation(Transaction tx, string clientAccountId)
         {
-
-            Assert.AreEqual(1, tx.Operations.Length);
+            Assert.AreEqual(2, tx.Operations.Length);
             var operation = tx.Operations[0] as ManageDataOperation;
             Assert.IsNotNull(operation);
-            Assert.AreEqual("NET auth", operation.Name);
+            Assert.AreEqual($"{HomeDomain} auth", operation.Name);
             Assert.AreEqual(clientAccountId, operation.SourceAccount.AccountId);
             Assert.AreEqual(64, operation.Value.Length);
             var bytes = Convert.FromBase64String(Encoding.UTF8.GetString(operation.Value));
@@ -395,7 +393,7 @@ public void TestReadChallengeTransactionValidSignedByServerAndClient()
             transaction.Sign(serverKeypair);
             transaction.Sign(clientKeypair);
 
-            var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+            var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
 
             Assert.AreEqual(clientKeypair.AccountId, readTransactionID);
         }
@@ -423,7 +421,7 @@ public void TestReadChallengeTransactionValidSignedByServer()
 
             transaction.Sign(serverKeypair);
 
-            var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+            var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
 
             Assert.AreEqual(clientKeypair.AccountId, readTransactionID);
         }
@@ -450,7 +448,7 @@ public void TestReadChallengeTransactionInvalidNotSignedByServer()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
 
             }
             catch (Exception exception)
@@ -483,7 +481,7 @@ public void TestReadChallengeTransactionInvalidServerAccountIDMismatch()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -515,7 +513,7 @@ public void TestReadChallengeTransactionInvalidSequenceNoNotZero()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -544,7 +542,7 @@ public void TestReadChallengeTransactionInvalidOperationWrongType()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -574,7 +572,7 @@ public void TestReadChallengeTransactionInvalidOperationNoSourceAccount()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -604,7 +602,7 @@ public void TestReadChallengeTransactionInvalidDataValueWrongEncodedLength()
 
             try
             {
-                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -642,7 +640,7 @@ public void TestVerifyChallengeTransactionThresholdInvalidServer()
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test());
+                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -684,7 +682,7 @@ public void TestVerifyChallengeTransactionThresholdValidServerAndClientKeyMeetin
                 clientKeypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -730,7 +728,7 @@ public void TestVerifyChallengeTxThresholdValidServerAndMultipleClientKeyMeeting
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -778,7 +776,7 @@ public void TestVerifyChallengeTransactionThresholdValidServerAndMultipleClientK
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -822,7 +820,7 @@ public void TestVerifyChallengeTransactionThresholdInvalidServerAndMultipleClien
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -866,7 +864,7 @@ public void TestVerifyChallengeTransactionThresholdInvalidClientKeyUnrecognized(
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -908,7 +906,7 @@ public void TestVerifyChallengeTransactionThresholdInvalidNoSigners()
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -954,7 +952,7 @@ public void TestVerifyChallengeTransactionThresholdWeightsAddToMoreThan8Bits()
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -998,7 +996,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServer()
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionThreshold(transaction, serverKeypair.AccountId, threshold, signerSummary, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1034,7 +1032,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndClientMasterKey()
                 clientKeypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test());
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test());
 
             Assert.AreEqual(clientKeypair.Address, signersFound[0]);
         }
@@ -1068,7 +1066,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServerAndNoClient()
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1107,7 +1105,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServerAndUnrecognizedCli
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1152,7 +1150,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndMultipleClientSig
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -1197,7 +1195,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndMultipleClientSig
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -1239,7 +1237,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndClientSignersNotM
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -1282,7 +1280,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndClientSignersIgno
                 client2Keypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -1321,7 +1319,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServerNoClientSignersIgn
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1363,7 +1361,7 @@ public void TestVerifyChallengeTransactionSignersValidServerAndClientSignersIgno
                 clientKeypair.Address
             };
 
-            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+            var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
 
             for (int i = 0; i < wantSigners.Length; i++)
             {
@@ -1408,7 +1406,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServerAndClientSignersIg
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1447,7 +1445,7 @@ public void TestVerifyChallengeTransactionSignersInvalidServerAndClientSignersFa
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1484,7 +1482,7 @@ public void TestVerifyChallengeTransactionSignersInvalidNoSigners()
 
             try
             {
-                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, Network.Test()).ToList();
+                var signersFound = WebAuthentication.VerifyChallengeTransactionSigners(transaction, serverKeypair.AccountId, signers, HomeDomain, WebAuthDomain, Network.Test()).ToList();
             }
             catch (Exception exception)
             {
@@ -1520,7 +1518,7 @@ public void TestVerifyChallengeTransactionNotValidSubsequentOperation()
 
             try
             {
-                WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -1556,7 +1554,7 @@ public void TestVerifyChallengeTransactionNotValidSubsequentDataOperation()
 
             try
             {
-                WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, Network.Test());
+                WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, WebAuthDomain, Network.Test());
             }
             catch (Exception exception)
             {
@@ -1569,12 +1567,12 @@ public void TestReadChallengeTransactionBadHomeDomain()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF";
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
             try
             {
-                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, anchorName);
-                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, $"{anchorName}bad");
+                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, HomeDomain, WebAuthDomain);
+                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, $"{HomeDomain}bad", WebAuthDomain);
             }
             catch (InvalidWebAuthenticationException e)
             {
@@ -1587,12 +1585,12 @@ public void TestReadChallengeTransactionNoHomeDomain()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF";
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
             try
             {
-                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, anchorName);
-                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, new string[0]);
+                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, HomeDomain, WebAuthDomain);
+                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, new string[0], WebAuthDomain);
             }
             catch (InvalidWebAuthenticationException e)
             {
@@ -1605,11 +1603,11 @@ public void TestReadChallengeTransactionNoTransaction()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF";
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
             try
             {
-                WebAuthentication.ReadChallengeTransaction(null, serverKeypair.AccountId, new string[0]);
+                WebAuthentication.ReadChallengeTransaction(null, serverKeypair.AccountId, HomeDomain, WebAuthDomain);
             }
             catch (InvalidWebAuthenticationException e)
             {
@@ -1622,17 +1620,45 @@ public void TestReadChallengeTransactionExpiredTimeBounds()
         {
             var serverKeypair = KeyPair.Random();
             var clientAccountId = "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF";
-            var anchorName = "NET";
+
             Network.UseTestNetwork();
             try
             {
-                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, anchorName);
-                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, anchorName, now: DateTimeOffset.Now.Subtract(new TimeSpan(0, 20, 0)));
+                var tx = WebAuthentication.BuildChallengeTransaction(serverKeypair, clientAccountId, HomeDomain, WebAuthDomain);
+                WebAuthentication.ReadChallengeTransaction(tx, serverKeypair.AccountId, HomeDomain, WebAuthDomain, now: DateTimeOffset.Now.Subtract(new TimeSpan(0, 20, 0)));
             }
             catch (InvalidWebAuthenticationException e)
             {
                 Assert.AreEqual(e.Message, "Challenge transaction expired");
             }
         }
+
+        [TestMethod]
+        public void TestReadChallengeTransactionNoWebAuthDomain()
+        {
+            Network.Use(Network.Test());
+
+            var serverKeypair = KeyPair.Random();
+            var clientKeypair = KeyPair.Random();
+
+            var txSource = new Account(serverKeypair.Address, -1);
+            var opSource = new Account(clientKeypair.Address, 0);
+
+            var plainTextBytes = Encoding.UTF8.GetBytes(new string(' ', 48));
+            var base64Data = Encoding.ASCII.GetBytes(Convert.ToBase64String(plainTextBytes));
+
+            var operation = new ManageDataOperation.Builder(ManageDataOperationName, base64Data).SetSourceAccount(opSource.KeyPair).Build();
+            var transaction = new TransactionBuilder(txSource)
+                .AddOperation(operation)
+                .AddTimeBounds(new TimeBounds(DateTimeOffset.Now, DateTimeOffset.Now.AddSeconds(1000)))
+                .Build();
+
+            transaction.Sign(serverKeypair);
+            transaction.Sign(clientKeypair);
+
+            var readTransactionID = WebAuthentication.ReadChallengeTransaction(transaction, serverKeypair.AccountId, HomeDomain, "", Network.Test());
+
+            Assert.AreEqual(clientKeypair.AccountId, readTransactionID);
+        }
     }
 }
diff --git a/stellar-dotnet-sdk/WebAuthentication.cs b/stellar-dotnet-sdk/WebAuthentication.cs
index ff172defe..85d16681f 100644
--- a/stellar-dotnet-sdk/WebAuthentication.cs
+++ b/stellar-dotnet-sdk/WebAuthentication.cs
@@ -25,7 +25,7 @@ public static class WebAuthentication
         /// <exception cref="ArgumentNullException"></exception>
         /// <exception cref="ArgumentException"></exception>
         public static Transaction BuildChallengeTransaction(KeyPair serverKeypair, string clientAccountId,
-            string homeDomain, byte[] nonce = null, DateTimeOffset? now = null, TimeSpan? timeout = null,
+            string homeDomain, string webAuthDomain, byte[] nonce = null, DateTimeOffset? now = null, TimeSpan? timeout = null,
             Network network = null)
         {
             if (string.IsNullOrEmpty(clientAccountId)) throw new ArgumentNullException(nameof(clientAccountId));
@@ -33,7 +33,7 @@ public static class WebAuthentication
             if (StrKey.DecodeVersionByte(clientAccountId) != StrKey.VersionByte.ACCOUNT_ID)
                 throw new InvalidWebAuthenticationException($"{nameof(clientAccountId)} is not a valid account id");
             var clientAccountKeypair = KeyPair.FromAccountId(clientAccountId);
-            return BuildChallengeTransaction(serverKeypair, clientAccountKeypair, homeDomain, nonce, now, timeout,
+            return BuildChallengeTransaction(serverKeypair, clientAccountKeypair, homeDomain, webAuthDomain, nonce, now, timeout,
                 network);
         }
 
@@ -51,12 +51,13 @@ public static class WebAuthentication
         /// <exception cref="ArgumentNullException"></exception>
         /// <exception cref="ArgumentException"></exception>
         public static Transaction BuildChallengeTransaction(KeyPair serverKeypair, KeyPair clientAccountId,
-            string homeDomain, byte[] nonce = null, DateTimeOffset? now = null, TimeSpan? timeout = null,
+            string homeDomain, string webAuthDomain, byte[] nonce = null, DateTimeOffset? now = null, TimeSpan? timeout = null,
             Network network = null)
         {
             if (serverKeypair is null) throw new ArgumentNullException(nameof(serverKeypair));
             if (clientAccountId is null) throw new ArgumentNullException(nameof(clientAccountId));
             if (string.IsNullOrEmpty(homeDomain)) throw new ArgumentNullException(nameof(homeDomain));
+            if (string.IsNullOrEmpty(webAuthDomain)) throw new ArgumentNullException(nameof(webAuthDomain));
 
             if (nonce is null)
             {
@@ -87,9 +88,17 @@ public static class WebAuthentication
                 .SetSourceAccount(clientAccountId)
                 .Build();
 
+            var webAuthDataKey = "web_auth_domain";
+            var webAuthDataValue = Encoding.UTF8.GetBytes(webAuthDomain);
+
+            var webAuthOperation = new ManageDataOperation.Builder(webAuthDataKey, webAuthDataValue)
+                .SetSourceAccount(serverKeypair)
+                .Build();
+
             var tx = new TransactionBuilder(serverAccount)
                 .AddTimeBounds(timeBounds)
                 .AddOperation(operation)
+                .AddOperation(webAuthOperation)
                 .Build();
 
             tx.Sign(serverKeypair, network);
@@ -116,10 +125,10 @@ public static class WebAuthentication
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns>The client account id</returns>
         /// <exception cref="InvalidWebAuthenticationException"></exception>
-        public static string ReadChallengeTransaction(Transaction transaction, string serverAccountId, string homeDomain,
+        public static string ReadChallengeTransaction(Transaction transaction, string serverAccountId, string homeDomain, string webAuthDomain,
             Network network = null, DateTimeOffset? now = null)
         {
-            return ReadChallengeTransaction(transaction, serverAccountId, new string[1] { homeDomain }, network, now);
+            return ReadChallengeTransaction(transaction, serverAccountId, new string[1] { homeDomain }, webAuthDomain, network, now);
         }
 
         /// <summary>
@@ -141,7 +150,7 @@ public static class WebAuthentication
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns>The client account id</returns>
         /// <exception cref="InvalidWebAuthenticationException"></exception>
-        public static string ReadChallengeTransaction(Transaction transaction, string serverAccountId, string[] homeDomains,
+        public static string ReadChallengeTransaction(Transaction transaction, string serverAccountId, string[] homeDomains, string webAuthDomain,
             Network network = null, DateTimeOffset? now = null)
         {
             network = network ?? Network.Current;
@@ -199,6 +208,14 @@ public static class WebAuthentication
                 {
                     throw new InvalidWebAuthenticationException("The transaction has operations that are unrecognized");
                 }
+
+                var opManageData = (ManageDataOperation)op;
+                var opDataValue = opManageData.Value != null ? Encoding.UTF8.GetString(opManageData.Value) : null;
+
+                if (opManageData.Name == "web_auth_domain" && (opManageData.Value == null || opDataValue != webAuthDomain))
+                {
+                    throw new InvalidWebAuthenticationException($"Invalid 'web_auth_domain' value. Expected: {webAuthDomain} Actual: {opDataValue}");
+                }
             }
 
             var clientAccountKeypair = operation.SourceAccount;
@@ -235,10 +252,10 @@ public static class WebAuthentication
 
         public static ICollection<string> VerifyChallengeTransactionThreshold(Transaction transaction,
             string serverAccountId,
-            int threshold, Dictionary<string, int> signerSummary, string homeDomain, Network network = null, DateTimeOffset? now = null)
+            int threshold, Dictionary<string, int> signerSummary, string homeDomain, string webAuthDomain, Network network = null, DateTimeOffset? now = null)
         {
             var signersFound =
-                VerifyChallengeTransactionSigners(transaction, serverAccountId, signerSummary.Keys.ToArray(), homeDomain, network,
+                VerifyChallengeTransactionSigners(transaction, serverAccountId, signerSummary.Keys.ToArray(), homeDomain, webAuthDomain, network,
                     now);
             var weight = signersFound.Sum(signer => signerSummary[signer]);
             if (weight < threshold)
@@ -264,14 +281,14 @@ public static class WebAuthentication
         /// <returns></returns>
         /// <exception cref="ArgumentException"></exception>
         public static string[] VerifyChallengeTransactionSigners(Transaction transaction, string serverAccountId,
-            ICollection<string> signers, string homeDomain, Network network = null, DateTimeOffset? now = null)
+            ICollection<string> signers, string homeDomain, string webAuthDomain, Network network = null, DateTimeOffset? now = null)
         {
             if (!signers.Any())
                 throw new ArgumentException($"{nameof(signers)} must be non-empty");
 
             network = network ?? Network.Current;
 
-            ReadChallengeTransaction(transaction, serverAccountId, homeDomain, network, now);
+            ReadChallengeTransaction(transaction, serverAccountId, homeDomain, webAuthDomain, network, now);
 
             // Remove server signer if present
             var serverKeypair = KeyPair.FromAccountId(serverAccountId);
@@ -314,12 +331,12 @@ public static class WebAuthentication
         /// <returns>True if the transaction is valid</returns>
         /// <exception cref="InvalidWebAuthenticationException"></exception>
         [Obsolete("Use VerifyChallengeTransactionThreshold and VerifyChallengeTransactionSigners")]
-        public static bool VerifyChallengeTransaction(Transaction transaction, string serverAccountId, string homeDomain,
+        public static bool VerifyChallengeTransaction(Transaction transaction, string serverAccountId, string homeDomain, string webAuthDomain,
             Network network = null, DateTimeOffset? now = null)
         {
             network = network ?? Network.Current;
 
-            var clientAccountId = ReadChallengeTransaction(transaction, serverAccountId, homeDomain, network, now);
+            var clientAccountId = ReadChallengeTransaction(transaction, serverAccountId, homeDomain, webAuthDomain, network, now);
 
             if (!ValidateSignedBy(transaction, clientAccountId, network))
                 throw new InvalidWebAuthenticationException("Challenge transaction not signed by client");

From b26d41c2ce8ae7198ef2fa7d074e9045bee2e03d Mon Sep 17 00:00:00 2001
From: Kirbyrawr <devkirbyrawr@gmail.com>
Date: Wed, 13 Jan 2021 23:05:29 +0100
Subject: [PATCH 2/2] Updated autodoc comments

---
 stellar-dotnet-sdk/WebAuthentication.cs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/stellar-dotnet-sdk/WebAuthentication.cs b/stellar-dotnet-sdk/WebAuthentication.cs
index 85d16681f..6eeb31d8f 100644
--- a/stellar-dotnet-sdk/WebAuthentication.cs
+++ b/stellar-dotnet-sdk/WebAuthentication.cs
@@ -17,6 +17,7 @@ public static class WebAuthentication
         /// <param name="serverKeypair">Server signing keypair</param>
         /// <param name="clientAccountId">The client account id that needs authentication</param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="nonce">48 bytes long cryptographic-quality random data</param>
         /// <param name="now">The datetime from which the transaction is valid</param>
         /// <param name="timeout">The transaction lifespan</param>
@@ -43,6 +44,7 @@ public static class WebAuthentication
         /// <param name="serverKeypair">Server signing keypair</param>
         /// <param name="clientAccountId">The client account id that needs authentication</param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="nonce">48 bytes long cryptographic-quality random data</param>
         /// <param name="now">The datetime from which the transaction is valid</param>
         /// <param name="timeout">The transaction lifespan</param>
@@ -121,6 +123,7 @@ public static class WebAuthentication
         /// <param name="transaction">The challenge transaction</param>
         /// <param name="serverAccountId">The server account id</param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="network">The network the transaction was submitted to, defaults to Network.Current</param>
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns>The client account id</returns>
@@ -146,6 +149,7 @@ public static class WebAuthentication
         /// <param name="transaction">The challenge transaction</param>
         /// <param name="serverAccountId">The server account id</param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="network">The network the transaction was submitted to, defaults to Network.Current</param>
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns>The client account id</returns>
@@ -276,6 +280,7 @@ public static class WebAuthentication
         /// <param name="serverAccountId">The server account id</param>
         /// <param name="signers"></param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="network">The network the transaction was submitted to, defaults to Network.Current</param>
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns></returns>
@@ -326,6 +331,7 @@ public static class WebAuthentication
         /// <param name="transaction">The challenge transaction</param>
         /// <param name="serverAccountId">The server account id</param>
         /// <param name="homeDomain">The server home domain</param>
+        /// <param name="webAuthDomain">The server auth domain</param>
         /// <param name="network">The network the transaction was submitted to, defaults to Network.Current</param>
         /// <param name="now">Current time, defaults to DateTimeOffset.Now</param>
         /// <returns>True if the transaction is valid</returns>