This audit covered code across there repositories: stellar-core, stellar-env, and stellar-xdr. The scope of the audit was quite large, covering most code in stellar-env, all rust-based code in stellar-core from the folder src/rust/, and the folder src/next/ from stellar-xdr. It should be noted that much of the code from stellar-xdr is actually automatically generated from an internal tool at Stellar, meaning this code was fuzzed but otherwise not manually audited. Additionally, because of the extremely large scope of the audit, auditors focused specially on certain modules, including the authentication and authorization modules (auth.rs, account_contract.rs), and ledger state handling (storage.rs). Finally, it should be noted that our audit focused on the Rust portions of the code. There is also a large portion of the codebase written in C++; for these portions of the codebase, we consulted with developers to understand how those portions of the code interacted with Rust portions of the code.