Independent third-party audit preparation pack

[truthixify]

Tier: L (1-2 weeks) Type: docs

Context

Before mainnet we want an external firm to audit the Stellar contracts. Need to assemble a complete audit pack: scope doc, threat model, prior internal audits, test coverage report, deployment manifest, reproducible build attestation.

Scope

• audit-prep/ directory at repo root
• Scope doc listing in-scope contracts, in-scope versions, out-of-scope assumptions
• Threat model document (STRIDE-style)
• Index of internal audits (Security audit of stealth-announcer Soroban contract #34, audit: security audit and storage optimization for stealth-registry #35, Security Audit: Stealth-Sender Soroban Contract #38, Audit/stellar wraith names #40, audit: SAC compatibility audit for stealth-sender #43)
• Test coverage report
• Reproducible build instructions
• Suggested audit firms shortlist

Acceptance criteria

• Complete audit-prep pack
• Threat model reviewed by maintainers
• At least 3 audit firms contacted with the pack
• Quote estimates documented

Files to start with

• All stellar/audits/*.md (existing internal audits)
• stellar/MAINNET_READINESS.md
• stellar/GOVERNANCE.md