Security Checklist from Veridise to Avoid Smart Contract Vulnerabilities

Soroban, Stellar’s native smart contract platform, is designed to integrate with Stellar’s blockchain network, offering advantages such as fast transactions and low costs. Veridise, having conducted numerous audits on Soroban, provides a security checklist aimed at developers to mitigate common vulnerabilities. Important recommendations address trust assumptions, timing for addressing audit issues, and managing dependencies among contracts using Soroban’s macros. Developers should focus on safe input validation for data types like Vec and Map and avoid storing unbounded data in Instance Storage to prevent cost increases and DoS vulnerabilities. The content emphasizes the criticality of preparing secure Soroban contracts, making it particularly relevant for developers working within the Stellar ecosystem.