search
WebsiteDiscordDashboardMedium

FAQ

Check out the FAQ to answer all your questions! If you can't find your answer, ask it in the #scf-general channel on the Stellar Developers Discordarrow-up-right, and someone will help you shortly.

chevron-rightWho is eligible for an audit through the Soroban Security Audit Bank?hashtag

Projects funded through the Stellar Community Fund involving financial protocols, high-dependency data services, or high-traction dApps. See details here.

chevron-rightHow much does SDF cover for the Initial Audit?hashtag

Prior to an eligible project's initial audit, the project must pay 5% of its first audit cost as an upfront co-payment to SDF. Subsequently, SDF will pay the entire first audit cost to the selected audit firm. The project's co-payment amount may be refunded by SDF to the project provided the project remediates all critical, high, and medium vulnerabilities within 20 business days of receiving the audit report. See details here.

chevron-rightWhen should I audit my project?hashtag

Projects should request an audit if they are eligible, and are close to launching on Stellar mainnet, demonstrate technical maturity, including stable code, comprehensive documentation, and readiness for review—typically after completing the SCF Build testnet tranche.

chevron-rightHow quickly can my project get audited?hashtag

Eligible projects are typically matched with an audit firm within approximately two weeks after passing the readiness review. Audit firms are able to schedule most audits within 3-6 weeks after matching. The audit length depends on the scope of the code to be audited, and can take anywhere from 2 to 8 weeks.

chevron-rightCan I request more than one audit?hashtag

Complimentary follow-up audits are available at significant traction milestones, such as $10M and $100M Total Value Locked. If you haven’t met these milestones yet but need an additional audit, a co-payment will be required (20% of total audit cost for 2nd audit, 50% of total audit cost for 3rd audit). See details here.

chevron-rightIs there any self-serve tooling available?hashtag

Yes, the Stellar ecosystem has advanced security tooling which help identify and address vulnerabilities before and after audits. See a full list of available tooling herearrow-up-right.

chevron-rightWhere can I find preparation resources and guidelines?hashtag

The Audit Readiness Checklist, including STRIDE threat model frameworkarrow-up-right, are available to support your audit readiness.

PreviousAudit Readiness ChecklistNextPublic Goods Award

Last updated