NafuSec — Stellar Soroban Smart Contract Security Scanner

NafuSec provides deep vulnerability scanning and security auditing for Soroban smart contracts on the Stellar blockchain. Our scanner performs WASM bytecode inspection, on-chain risk analysis, deployer trust verification, and produces comprehensive audit reports with risk scores from 0 to 100.

Key features: Soroban smart contract security audit, Stellar blockchain vulnerability scanner, WASM bytecode analysis, on-chain heuristics, require_auth verification, upgradeability detection, admin centralization checks, mint and burn control analysis, cross-contract call risk assessment, storage TTL persistence checks, DeFi token audit, and Nafuloo ecosystem integration.

Stellar Network Security Tool
Powered by
Nafuloo
Nafuloo

Scan Soroban
Smart Contracts

Deep vulnerability scanning and security auditing for Stellar's Soroban smart contracts. WASM bytecode inspection, static analysis, on-chain risk heuristics, and comprehensive audit reports — all powered by 10,000 NAFU per scan.

10
Check Categories
0–100
Risk Score
A–F
Grade System

Soroban Smart Contract Security Analysis

Purpose-built security analysis engine for Soroban smart contracts on the Stellar blockchain. WASM bytecode inspection, on-chain risk heuristics, and vulnerability detection — all checks follow Stellar ecosystem best practices.

Static Analysis

10-category Soroban-specific checks: auth, upgradeability, mint/burn control, storage TTL, cross-contract risks, and more.

On-Chain Heuristics

Deployer age analysis, invocation patterns, admin centralization detection, and upgrade history tracking via Horizon.

Risk Scoring

0–100 score with letter grade (A–F), confidence level, and explainable deductions per finding severity.

Detailed Reports

Every finding includes severity, why it matters, how to fix it, code context, and Soroban best-practice references.

Payment Gated

10,000 NAFU per scan with on-chain payment verification, anti-replay invoice binding, and treasury routing.

Scan History

Full audit trail of all your scans with filtering, downloadable reports, and invoice tracking.

10 Soroban Security Check Categories

Every smart contract scan runs through a comprehensive ruleset covering Soroban-specific vulnerabilities, Stellar on-chain risk patterns, and WASM bytecode analysis.

Missing require_auth on privileged functions
Upgradeability & admin control risks
Mint/burn supply manipulation
Blacklist/freeze/clawback logic
Storage TTL state persistence risks
Cross-contract call vulnerabilities
Precision & rounding issues
DoS via unbounded loops
Event transparency gaps
Deployer account age heuristics

Smart Contract Risk Grading System

Clear, actionable security grades for Soroban contracts backed by explainable score deductions per vulnerability finding.

A90–100Minimal risk
B75–89Low risk
C60–74Moderate risk
D45–59High risk
F0–44Critical risk

How It Works

01

Connect Wallet

Link your Stellar wallet via Freighter or paste your public key.

02

Enter Contract

Paste the Soroban contract ID and select mainnet or testnet.

03

Pay 10,000 NAFU

Send exactly 10,000 NAFU to treasury with the scan invoice memo.

04

Get Report

Receive a full vulnerability report with score, findings, and fixes.

Ready to Audit Your Contract?

Join the Nafuloo ecosystem and secure your Soroban smart contracts on the Stellar blockchain today. 10,000 NAFU per security audit — transparent, on-chain, and verifiable.