> For the complete documentation index, see [llms.txt](https://stellar.gitbook.io/scf-handbook/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://stellar.gitbook.io/scf-handbook/supporting-programs/audit-bank/faq.md).

# FAQ

Check out the FAQ to answer all your questions! If you can't find your answer, ask it in the #scf-general channel on the [Stellar Developers Discord](https://discord.gg/stellardev), and someone will help you shortly.

<details>

<summary>Who is eligible for an audit through the Soroban Security Audit Bank?</summary>

Projects funded through the Stellar Community Fund involving financial protocols, high-dependency data services, or high-traction dApps. See details [here](/scf-handbook/supporting-programs/audit-bank/official-rules.md#participant-eligibility).

</details>

<details>

<summary>How much does SDF cover for the Initial Audit?</summary>

Prior to an eligible project's initial audit, the project must pay 5% of its first audit cost as an upfront co-payment to SDF. Subsequently, SDF will pay the entire first audit cost to the selected audit firm. The project's co-payment amount may be refunded by SDF to the project provided the project remediates all critical, high, and medium vulnerabilities within 20 business days of receiving the audit report. See details [here](/scf-handbook/supporting-programs/audit-bank/official-rules.md#audit-co-payment-system).

</details>

<details>

<summary>When should I audit my project?</summary>

Projects should request an audit if they are [eligible](/scf-handbook/supporting-programs/audit-bank/official-rules.md#participant-eligibility), and are close to launching on Stellar mainnet, demonstrate technical maturity, including stable code, comprehensive documentation, and readiness for review—typically after completing the [SCF Build testnet tranche](/scf-handbook/scf-awards/build-award.md#structure-and-timeline-scf-build-award).

</details>

<details>

<summary>How quickly can my project get audited?</summary>

[Eligible](/scf-handbook/supporting-programs/audit-bank/official-rules.md#participant-eligibility) projects are typically matched with an audit firm within approximately two weeks after passing the readiness review. Audit firms are able to schedule most audits within 3-6 weeks after matching. The audit length depends on the scope of the code to be audited, and can take anywhere from 2 to 8 weeks.

</details>

<details>

<summary>Can I request more than one audit?</summary>

Complimentary follow-up audits are available at significant traction milestones, such as $10M and $100M Total Value Locked. If you haven’t met these milestones yet but need an additional audit, a co-payment will be required (20% of total audit cost for 2nd audit, 50% of total audit cost for 3rd audit). See details [here](/scf-handbook/supporting-programs/audit-bank/official-rules.md#audit-co-payment-system).

</details>

<details>

<summary>Is there any self-serve tooling available?</summary>

Yes, the Stellar ecosystem has advanced security tooling which help identify and address vulnerabilities before and after audits. See a full list of available tooling [here](https://developers.stellar.org/docs/tools/developer-tools/security-tools).

</details>

<details>

<summary>Where can I find preparation resources and guidelines?</summary>

The [Audit Readiness Checklist](/scf-handbook/supporting-programs/audit-bank/audit-readiness-checklist.md), including [STRIDE threat model framework](https://developers.stellar.org/docs/build/security-docs), are available to support your audit readiness.

</details>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://stellar.gitbook.io/scf-handbook/supporting-programs/audit-bank/faq.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.