Stellar Community Fund

By Scout

Scout - BugFighter for Soroban

SCF #27

$90.0K

Legacy v5.0 Community Award

Awarded

To enhance the usability of Scout and raise awareness about the product and the security issues it tackles, aiding Soroban devs.

Products & Services

In November 2023, Scout started its journey in the Stellar ecosystem with the award of a grant from SCF. The goal was to start building Scout for Soroban, a static analysis tool, based on the existing Scout for ink!. Two months later, we delivered a prototype of the tool, which included a CLI, a set of detectors for common vulnerabilities and enhancements, and a VS Code extension to integrate Scout into the development workspace. In February 2024, we were awarded a second community award to continue developing Scout. In this opportunity, our main focus was testing the tool against actual Soroban projects to analyze its results, measure its accuracy and work on improvements. We worked along our senior auditors, who helped us fine-tune detectors to reduce false-positive and false-negative results, as well as in the identification of new detectors. Furthermore, we implemented new features, such as different output formats and a GitHub action to include Scout into the CI/CD pipeline and automatically run the tool on code commits. Scout is ready and available. Yet, it needs to be proven useful. Now we need to engage the Soroban developer community to learn about Scout’s capabilities, as well as making them key contributors of Scout continuous improvement. We want to showcase the tool, have it used, and incorporate the learnings into a version that meets the community's needs.

Requested Budget

$90.0K

Team

CoinFabrik is a pioneering research, development, and security auditing company with a distinct focus on Web3 technologies. Established in 2014, our extensive portfolio comprises over 500 projects related to Web3, spanning the globe. Ranging from dynamic startups to industry giants, our expertise extends across a spectrum of cutting-edge technologies -Stellar being one of them.

Scout for Soroban has been developed thanks to the support of the SCF and its grants program, and we're proud to say that since its launch it has had great acceptance in the Soroban community.