The Definitive Security & Formal Verification Suite for Stellar Soroban
Sanctifier is an institutional-grade security framework built to ensure that "Code is Law" remains a reality on the Stellar network. By combining Static Analysis, Formal Verification (Kani), and Runtime Guardians, Sanctifier provides a multi-layered defense system for the next generation of DeFi and Fintech applications on Soroban.
In an ecosystem where security is non-negotiable, Sanctifier serves as the "Proof-of-Trust" layer. Our mission is to eliminate common vulnerabilities and provide developers with the formal certainty required to manage billions in on-chain assets safely.
Sanctifier is designed with a modular, tool-chain approach:
tooling/: The Rust-based engine for static analysis and formal verification bridges.contracts/: A library of reusable, security-hardened contract templates and guards.frontend/: A sleek, real-time dashboard for visualizing "Sanctity Scores" and security logs.docs/: Deep technical guides on formal methods and Soroban security best practices.
Scans your Soroban code at compile-time to detect:
- Authorization Gaps: Missing
require_author weak access controls. - Storage Collisions: Improper usage of Instance vs. Persistent storage.
- Arithmetic Safety: Proactive detection of potential overflows and underflows.
Integrates with Kani and SMT solvers to provide mathematical certainty:
- State Invariants: Proving that a contract's state can never enter an invalid or "hacked" mode.
- Initialization Gards: Mathematically ensuring
initializefunctions are truly idempotent.
A library of opt-in hooks to monitor contract health live:
guard_invariant(): Reverts transactions if high-level business logic is violated.monitor_events(): Automates the verification of critical event emissions.
cargo install --path tooling/sanctifier-cliRun an initial security audit on your project:
sanctifier analyze ./contracts/my-projectSanctifier is Open-Source and Ecosystem-First. Our 30+ issue roadmap covers everything from enhanced formal verification bridges to real-time security dashboards. See Issues for 'Good First Issues'.
Built with 🛡️ for the Stellar Ecosystem.