diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0fa9777d8..73888994a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@
 
 ### Update
 - fix: add stricter validation for Ed25519 Signed Payload.
+- fix: replace assert statements with explicit null checks in `Federation` class to ensure validation is not bypassed when assertions are disabled.
 
 ## 2.2.1
 
diff --git a/src/main/java/org/stellar/sdk/federation/Federation.java b/src/main/java/org/stellar/sdk/federation/Federation.java
index 56ddb9d9f..89ed39d7e 100644
--- a/src/main/java/org/stellar/sdk/federation/Federation.java
+++ b/src/main/java/org/stellar/sdk/federation/Federation.java
@@ -147,13 +147,17 @@ private FederationResponse resolve(String q, String domain, QueryType queryType)
   private HttpUrl getFederationServerUri(@NonNull String domain) {
     String uriBuilder = "https://" + domain + "/.well-known/stellar.toml";
     HttpUrl stellarTomlUri = HttpUrl.parse(uriBuilder);
-    assert stellarTomlUri != null;
+    if (stellarTomlUri == null) {
+      throw new IllegalArgumentException("Invalid domain: " + domain);
+    }
     Request request = new Request.Builder().get().url(stellarTomlUri).build();
     try (Response response = httpClient.newCall(request).execute()) {
       if (response.code() >= 300) {
         throw new StellarTomlNotFoundInvalidException(response.code());
       }
-      assert response.body() != null;
+      if (response.body() == null) {
+        throw new StellarTomlNotFoundInvalidException("Empty response body");
+      }
       Toml stellarToml = new Toml().read(response.body().string());
       String federationServer = stellarToml.getString("FEDERATION_SERVER");
       if (federationServer == null || federationServer.isEmpty()) {
diff --git a/src/main/java/org/stellar/sdk/federation/exception/StellarTomlNotFoundInvalidException.java b/src/main/java/org/stellar/sdk/federation/exception/StellarTomlNotFoundInvalidException.java
index ca606d330..3f46a7318 100644
--- a/src/main/java/org/stellar/sdk/federation/exception/StellarTomlNotFoundInvalidException.java
+++ b/src/main/java/org/stellar/sdk/federation/exception/StellarTomlNotFoundInvalidException.java
@@ -7,4 +7,8 @@ public class StellarTomlNotFoundInvalidException extends NetworkException {
   public StellarTomlNotFoundInvalidException(Integer code) {
     super(code, null);
   }
+
+  public StellarTomlNotFoundInvalidException(String message) {
+    super(message, null, null);
+  }
 }