diff --git a/samples/frontend/src/steps/embeddedWallet/AuthenticateAndSign.tsx b/samples/frontend/src/steps/embeddedWallet/AuthenticateAndSign.tsx
index c4780cc3..c158a95e 100644
--- a/samples/frontend/src/steps/embeddedWallet/AuthenticateAndSign.tsx
+++ b/samples/frontend/src/steps/embeddedWallet/AuthenticateAndSign.tsx
@@ -77,12 +77,13 @@ export default function AuthenticateAndSign({
         { clientPublicKey },
       )
 
-      // 3. WebAuthn assertion against the Grid-issued challenge. The OS shows
-      //    its biometric prompt regardless of whether we send the real
+      // 3. WebAuthn assertion against the Grid-issued challenge. The challenge
+      //    is a lowercase hex string; UTF-8 encode it exactly as returned. The
+      //    OS shows its biometric prompt regardless of whether we send the real
       //    signature or the sandbox magic value below.
       const assertion = (await navigator.credentials.get({
         publicKey: {
-          challenge: base64urlToBytes(challenge.challenge),
+          challenge: new TextEncoder().encode(challenge.challenge),
           userVerification: 'required',
           timeout: 60_000,
         },