All media
VideoYouTubeStellar Development FoundationJuly 8, 2026today14:22

Stellar Developer Meeting: Modular Custom Accounts and Signature Security in Protocol 27

Protocol 27 will implement CAP-712, a signature security improvement for Soroban custom accounts. The update addresses a narrow vulnerability in signature pre-image handling and introduces address credentials v2 while maintaining backward compatibility. CAP-711 makes modular custom accounts easier to build and deploy.

Smart ContractsDeveloper ToolsSecurity
Lumen Loop's take

Stellar developers presented CAP-71 and CAP-712, improvements coming in Protocol 27 that make custom accounts safer and more practical. CAP-711 introduces built-in delegation support for modular custom accounts, letting developers compose sub-account logic more easily. CAP-712 fixes a signature vulnerability: the standard authorization pre-image didn't include the signer's address, creating a narrow but real security risk in specific edge cases where private keys are shared between accounts and signer rotation occurs simultaneously. The protocol now provides address credentials v2 using an updated signature payload format; old credentials remain usable, so clients can migrate at their own pace. The fix was discovered through security audits and prevents potential signature replay attacks.

Mentioned projects
2 projects linked
O
OpenZeppelinDeveloper Tooling
Audited
SecurityDevXSDK

OpenZeppelin is a recognized leader in blockchain security and smart contract development, known for creating widely-used framew…

View →
S
Stellar Development FoundationInfrastructure & Services
Audited
InfrastructureCommunity

The Stellar Development Foundation (SDF) is a non-profit organization that supports the development and growth of the Stellar ne…

View →