
We will build:
a network of verification services
the on-chain, public-infrastructure hub to integrate them all and surface their information
a one-time data-ingestion event to process existing, deployed-before-the-SEP wasms and, as able, add verified (repo, img) info for each
$131.3K
A Stellar-focused engineering firm with a strong delivery record: major contributions to the Stellar CLI, institutional work bringing Société Générale-Forge's EURCV stablecoin onto Stellar rails, and multiple SCF-funded public goods including Moonlight and Scaffold Stellar. We support ecosystem governance and developer education (largely through hackathons).
This project extends infrastructure we already operate, Stellar Registry, which includes:
stellar-registry-cli published on crates.io (~6,400+ all-time downloads).
Live registry browser at https://stellar.rgstry.xyz; registry contract on testnet, mainnet rollout underway.
Active in the SEP-55 / reproducible-builds discussions (#1573, #1923), where this registry effort is already flagged.
A leading formal-verification and smart-contract security firm. Founded in 2010 by Grigore Roșu, creator of the K framework, it has since 2018 delivered formal verification and security services to major blockchain foundations and protocols including the Ethereum Foundation, Stellar, EigenLayer, Optimism, Uniswap, Lido, Gnosis, and Morpho. RV maintains widely-used open-source verification tooling such as Kontrol and Simbolik, and its formal-verification engine now powers Immunefi's Magnus security platform. RV also has extensive experience in the Stellar and Soroban ecosystem, having provided high-quality audits to DeFi protocols deploying on Stellar for over 2 years and developed tooling for Soroban like Komet for fuzz testing and formal verification. RV will operate an independent verifier node in the network and provide audit-grade trust signals.
Creator of CosmWasm, the WebAssembly smart-contract platform that directly inspired Soroban's architecture — Wasm runtime, Rust SDK, host-function model, and contract metadata sections all overlap. Through Confio, the company he founded, and building on earlier work as a contributor to the Cosmos SDK, CosmWasm grew into the dominant smart-contract engine in the Cosmos ecosystem, deployed across 30+ independent app-chains (Osmosis, Neutron, Sei, Injective, Archway, and others) and securing billions in on-chain value. He brings direct prior art for this RFP's hardest problem: he designed and shipped CosmWasm/optimizer, the deterministic, toolchain-pinned Wasm build image that essentially every CosmWasm contract verification has run through for years and the proven blueprint for this project's Soroban build pipeline, along with the hard-won lessons (--locked enforcement, single-architecture determinism) now feeding directly into SEP-58; and he built cosmwasm-verify, a source-verification proof-of-concept (git repo + commit → deployed Wasm hash) that is essentially the centralized version of what this proposal decentralizes for Soroban. As an advisor to Warp Drive, the Stellar port of WAVS, he also brings the EigenLayer-style restaked operator network that provides the multi-operator, cryptoeconomically secured attestation layer this proposal depends on. He is actively shaping the live SEP-58 / reproducible-builds design (Stellar discussions #1923) and working to standardize architecture deicisions via the SEP-process, like Stellar Protocol PR #1951, so this verifier composes with the emerging standard rather than working around it, with all work MIT-licensed and built in the open.
Brief description: Architecture documents, SEP proposals (SEP-58 and the verifier-API SEP), and the high-level interoperability specification defining the formats and interfaces between the three parties.
How to measure completion: A spec everyone can build against.
Estimated date of completion: 3 weeks after signing
Budget: $26,250
Brief description: hermetic rebuild engine, signing, and claim submission, tested end-to-end.
How to measure completion: Source info added to Testnet registry, or wasm uploaded to testnet that includes source info, results in processing by Runtime Verification and subsequent submission of verification data to Registry.
Estimated date of completion: 2 weeks after Tranch 1 completion.
Budget: $17,500
Brief description: Final contract interface & event design; GoldSky indexer; and query API.
How to measure completion: Source info added to Testnet registry, or wasm uploaded to testnet that includes source info, results in processing by Runtime Verification and subsequent submission of verification data to Registry, which exposes it via its query API.
Estimated date of completion: 3 weeks after Tranch 1 completion.
Budget: $26,250...
Brief description: Connect every component end-to-end and launch on mainnet. SEPs, RFCs, and the API spec are settled; protocols finalized.
How to measure completion: Source info added to mainnet registry, or wasm uploaded to mainnet that includes source info, results in processing by Runtime Verification and subsequent submission of verification data to Registry, which exposes it via its production query API.
Estimated date of completion: 4 weeks after Tranch 2 completion.
Budget: $35,000
Brief description: A significant corpus of existing contracts is recovered and uploaded.
How to measure completion: Tranch 1 will help determine exact fraction of extant-at-SEP-creation contracts to be back-verified. At a minimum:
rain-crossmint smart-account/factory wasm, which accounts for 70% of active Soroban mainnet contracts
a significant fraction (20%? 50%?) of ~970 wasms that carry both a cliver and rsver. The final fraction depends on how many of these wasms have a source repository which source can be located.
Estimated date of completion: 3 weeks after Tranch 2 completion.
Budget: $26,250
A partnership between The Aha Company and Runtime Verification.
The Aha Company
Chad Ostrowski, CEO - moved into Web3 in 2019; built Ethereum DAO dApps, joined NEAR Inc. in 2020, co-founded The Aha Company in 2021. Has led the design of key Stellar smart-contract developer workflows.
Connect → GitHub
Willem Wyndham, CTO - programming-languages and security specialist (PhD track, U. Maryland); blockchain runtime engineering at NEAR; deep Rust and WebAssembly expertise in execution environments and security, directly relevant to deterministic, reproducible builds.
Connect → GitHub
Tupui, Principal Engineer - software-supply-chain / SLSA specialist and maintainer of Tansu (on-chain source provenance on Soroban); active in the SEP-55 / reproducible-builds discussions. Former NumFOCUS security council member; advises the Scientific Python ecosystem on security.
Connect → GitHub
Runtime Verification
Everett Hildenbrandt, CEO - 8+ years leading RV’s technical and business work across developer tooling, public goods, and audits; lead author of KEVM. Advisory role, ensuring RV delivers to-spec verifier nodes.
Connect: GitHub
Anton Savienko, SRE / Fullstack - builds and runs RV’s server infrastructure and integrates its tools into SaaS (including the KaaS platform for long-running FV/fuzzing jobs); will engineer the containerized verification-as-a-service environment.
Connect: GitHub
Paul Len, COO - established RV’s relationship with the SDF, keeping delivery aligned with the foundation’s goals.
Connect: GitHub
Ethan Frey

No other submissions.