diff --git a/disperser/apiserver/disperse_blob_v2.go b/disperser/apiserver/disperse_blob_v2.go index af227f05e..2da6a4a24 100644 --- a/disperser/apiserver/disperse_blob_v2.go +++ b/disperser/apiserver/disperse_blob_v2.go @@ -117,9 +117,6 @@ func (s *DispersalServerV2) validateDispersalRequest(ctx context.Context, req *p if blobHeader.PaymentMetadata == (core.PaymentMetadata{}) { return api.NewErrorInvalidArg("payment metadata is required") } - if err = s.authenticator.AuthenticateBlobRequest(blobHeader); err != nil { - return api.NewErrorInvalidArg(fmt.Sprintf("authentication failed: %s", err.Error())) - } if len(blobHeader.PaymentMetadata.AccountID) == 0 || blobHeader.PaymentMetadata.ReservationPeriod == 0 || blobHeader.PaymentMetadata.CumulativePayment == nil { return api.NewErrorInvalidArg("invalid payment metadata") @@ -139,6 +136,10 @@ func (s *DispersalServerV2) validateDispersalRequest(ctx context.Context, req *p } } + if err = s.authenticator.AuthenticateBlobRequest(blobHeader); err != nil { + return api.NewErrorInvalidArg(fmt.Sprintf("authentication failed: %s", err.Error())) + } + // validate every 32 bytes is a valid field element _, err = rs.ToFrArray(data) if err != nil {