Developers
Soroban Security Audit Bank: Raising the Standard for Smart Contract Security
Author
Anke Liu
Publishing date
The Stellar Development Foundation (SDF) is deeply committed to helping ensure that the highest security standards are available for projects building on the Stellar network. Last year SDF launched the Soroban Security Audit Bank, an initiative to provide projects access to auditing experts and tooling that are proven to help prevent hacks by catching potential bugs, inefficiencies, and security flaws before contracts go live. Through the Soroban Security Audit Bank, we’re empowering teams building on Soroban with comprehensive security audits from leading audit firms, enhanced readiness support, and robust tooling, significantly elevating the ecosystem’s safety and efficiency.
Since launch, the Soroban Security Audit Bank has successfully conducted over 40 essential audits, deploying over $3 million to support security of the smart contracts on Stellar. Check it out!
Ecosystem Success Stories: How the Soroban Audit Bank Drives Security Forward
By making automated formal verification available to developers, in addition to allocating significant budget for securing many of the top DeFi protocols built on top of Stellar, SDF has established a new security standard in the Web3 ecosystem.
–Mooly Sagiv, Co-Founder of Certora
SDF has been a strong partner as we’ve worked with teams across the Stellar ecosystem. SDF’s Audit Bank initiative allows for a smooth and streamlined review process, and is a clear reflection of the Stellar ecosystem’s enhanced commitment to security.
–Robert Chen, CEO of OtterSec
Leading projects within the Soroban ecosystem have highlighted the impact of the Audit Bank
Finding a good auditor is difficult, expensive, and high-stakes. The Audit Bank streamlines the process and supports ecosystem projects with security review at critical growth milestones.
–Markus Paulson, Co-Founder of Script3
The audit firms we worked with deeply understood the full ecosystem and the underlying protocols used. Their expertise and the tools from the Audit Bank strengthened our security and supported user and investor trust.
–Esteban Iglesias Manríquez, Co-Founder of Palta.Labs
What's New in 2025: Enhanced Audit Support for Soroban Builders
Teams building financial protocols, high-dependency data services, high-traction dApps funded by the Stellar Community Fund are able to request an audit and will typically be matched with a reputable audit firm within two weeks. We recently restructured the program for this year to enhance audit efficiency and incentivize accountability, and rapid and complete vulnerability remediation:
- Complimentary Initial Audit: Projects will need to contribute 5% of the audit cost upfront, but this co-payment amount is eligible for a full refund, provided that critical, high, and medium vulnerabilities identified are swiftly remediated within 20 business days of receiving the initial audit report (learn more).
- Incentivized Security at Key Traction Milestones: Complimentary, extensive follow-up audits are available as projects achieve critical traction milestones (e.g., $10M and $100M TVL). These audits include deeper assessments such as formal verification or competitive audits, significantly boosting project security at pivotal stages.
- Advanced Security Tooling: Projects can enhance their security self-serve through complimentary or discounted access to specialized tooling, which provide vulnerability detection and formal verification capabilities (see full list of available tooling). These tools are encouraged to capture ‘easy-to-spot’ issues prior to audit as well as a final check post-audit to increase the effectiveness and thoroughness of audits.
- Enhanced Audit Readiness Support: Projects receive structured preparation support, including the implementation of best practices and security standards based on the STRIDE threat modeling framework. This ensures project teams are thoroughly prepared, optimizing audit efficiency and minimizing delays.
Get Started Today
If you're already funded through the Stellar Community Fund, meet the criteria and ready to secure your smart contracts, check your email for an invitation to submit an audit request–if you haven’t received one, contact [email protected].
If you haven't built on Stellar yet, we encourage you to start your journey with the Stellar Community Fund to become eligible for future security audits and ecosystem support. For any broader questions on the program, contact [email protected].
Also, we’re organizing an exciting series of workshops–join us for the kick-off on Soroban Security Best Practices on Friday, May 30, 2025 at 2 PM ET on @StellarOrg. Together, we're shaping a secure and resilient future for smart contracts on Stellar.