Hacken audited ROZO’s Rust/Soroban contracts powering intent-based stablecoin transfers across Stellar, Base, and other chains.
“Security is part of the product at ROZO. We are building intent-based payment infrastructure across Stellar and other chains, so the contracts behind token forwarding, escrow, and cross-chain settlement need to be reviewed with the same level of seriousness as the user experience.
Hacken’s audit helped us strengthen ROZO Intents across bridge accounting, Soroban-specific behavior, and trust boundaries. We see this as an important step toward making stablecoin payments simple for users and secure under the hood.”
— Shawn Yu, Co-founder of ROZO
ROZO is building the Visa Layer for Stablecoins: a frictionless, non-custodial payment network supported by the Stellar Community Fund and Base, Coinbase’s L2 network. As part of ROZO’s work in the Stellar ecosystem, Hacken audited its Rust/Soroban Token Forwarder and Intent Bridge contracts, identified 8 findings, and verified that every issue was fixed before the final public report.
If your project is building on Stellar, smart contract security is not just a technical checkbox. Through the Soroban Security Audit Bank, the Stellar ecosystem gives a clear signal: structured audits, remediation, and follow-up reviews are part of responsible project growth.
ROZO’s audit shows this process in practice: a Stellar ecosystem project, supported by the Stellar Community Fund, working with a trusted auditor to review Rust/Soroban contracts behind cross-chain stablecoin transfers.
Need a Rust/Soroban smart contract audit? See how Hacken supports Stellar builders: hacken.io/services/smart-contract-audit/
ROZO: Visa For Stablecoins
ROZO is building what it calls the Visa Layer for Stablecoins: infrastructure that lets users pay, bridge, buy, or earn with stablecoins without manually managing chains, bridges, swaps, settlement, or rewards. The problem ROZO solves is simple: USDC on Stellar and USDC on Base may feel like the same money to users, but they move on different rails.
ROZO uses intents to hide that complexity. A user states what they want to do, such as paying for a purchase or moving funds across chains, and ROZO handles routing, swapping, bridging, and settlement in the background. Its model is designed to make stablecoin payments feel as simple as one-tap card payments while keeping funds user-controlled and non-custodial.
In this audit, Hacken reviewed ROZO’s Soroban contracts for token forwarding and escrow-based intent bridging on Stellar. For the Stellar ecosystem, ROZO Intents sits at the intersection of stablecoin payments, cross-chain transfer logic, and Soroban smart contract security.
Why Stellar Builders Need Smart Contract Audits
In Q1 2026, smart contract exploits surged 213% year-over-year, with $86M lost across 28 incidents. For Stellar builders working with token transfers, bridge logic, escrow flows, or stablecoin movement, smart contract audits are a must-have security layer before serious deployment.
ROZO trusted Hacken to validate its Soroban-based contracts supporting cross-chain stablecoin movement on Stellar. The audit covered the Token Forwarder and Intent Bridge, including Rust/Soroban dependencies, storage behavior, bridge accounting, token forwarding logic, timeout protection, and privileged role assumptions.
How Hacken Audited ROZO’s Stellar-Based Contracts
Hacken reviewed ROZO Intents V2, a set of Soroban smart contracts enabling cross-chain token forwarding and bridging on Stellar. The scope included the Token Forwarder for bidirectional transfers between Smart Wallets and Stellar Accounts, and the Intent Bridge for escrow-based cross-chain intents with timeout protection.
1. Cross-Chain Transfer Logic
ROZO abstracts bridging and settlement for users, but the contracts behind that experience still need to handle fund movement precisely. Hacken reviewed how funds move between Smart Wallets and Stellar Accounts, how intents are created and filled, and how timeout protection works in the bridge flow.
2. Soroban-Specific Reliability
Hacken assessed implementation details specific to Stellar/Soroban, including instance storage, persistent memo mappings, dependency versions, and test coverage. The audit identified issues that could affect reliability even when the core business logic appears correct, including missing TTL extensions and an outdated soroban-sdk dependency.
3. Trust Boundaries and Operational Roles
The audit also mapped privileged role assumptions across the system. The report documented that Messenger, Relayer, and Admin roles were immutable after deployment, while the off-chain messenger, relayer, backend infrastructure, and frontend applications were outside the audit scope. This helped clarify what the contracts secured directly and which parts of the cross-chain settlement flow depended on external components.
Audit Findings and Fixes
Example Findings and Fixes
1. Fee-on-Transfer Tokens Could Break Intent Accounting
In this medium severity issue, the Intent Bridge accepted arbitrary token contract addresses and recorded the intended source_amount as the escrowed amount without verifying the actual amount received. For non-standard tokens, such as fee-on-transfer tokens, this could create undercollateralized intents and break both settlement and refund flows.
Fix: Use an on-chain allowlist or balance delta verification. ROZO fixed the issue by adding balance delta verification in create_intent() and storing the actual received amount.
2. Missing TTL Extensions Could Affect Contract Availability
Hacken identified Soroban-specific storage issues where instance storage and memo mappings did not extend TTL correctly. This could cause temporary contract unavailability or silent routing failure after inactivity, especially for G→C wallet routing through memo mappings.
Fix: Add TTL extensions to relevant state-changing functions and memo mapping reads/writes.
See the full ROZO audit report:
hacken.io/audits/rozo/sca-rozo-sdf-audit-mar2026/
What ROZO Received
- Public smart contract audit report for ROZO Intents V2
- Review of Rust/Soroban contracts on Stellar
- Assessment of Token Forwarder and Intent Bridge logic
- Findings across bridge accounting, storage behavior, dependencies, and privileged roles
- Test coverage review, including 97.69% line coverage
- Documented trust assumptions and scope limitations
- Remediation validation confirming all findings were resolved
For ROZO, the result was a stronger and better-documented contract system supporting stablecoin payment infrastructure. For Stellar builders, the report gives a concrete example of Hacken’s Soroban audit approach: defined scope, ecosystem-specific review, documented findings, and verified remediation.
About Hacken’s Stellar Smart Contract Audits
ROZO is supported by the Stellar Community Fund and operates in an ecosystem where smart contract security is treated as part of responsible project growth. Stellar’s Soroban Security Audit Bank reflects this approach by helping eligible projects access structured audit support, remediation expectations, and follow-up reviews as they scale.
Hacken supports Stellar ecosystem projects with Rust/Soroban smart contract audits covering contract logic, bridge accounting, storage behavior, dependencies, privileged roles, scope limitations, and remediation validation. ROZO’s public audit report shows how this process works in practice for Stellar-based payment and bridge infrastructure.
Request a Stellar smart contract audit:hacken.io/services/smart-contract-audit/
