Diligence

Security & operations documents

Independent reviews, smart-contract controls, infrastructure operations, Matador assurance, and restricted security materials

Security overview

Steer operates contracts, adapters, offchain workers, data providers, and privileged operating paths around onchain capital. The security package therefore covers both reviewed code and the operating controls used to deploy, monitor, update, pause, and recover the system.

Independent reviews

The legacy source set contains the following 13 unique public report links. Steer does not use a single aggregate audit count in this room because one engagement can produce multiple reports and a report supports only the code and scope it reviewed.

ReportPublished dateAuditorScope
Periphery updates2025-12-04OmnisciaPeriphery updates
Base liquidity vaults2025-11-27OmnisciaBase liquidity vaults
Poolshark vaults2025-11-27OmnisciaPoolshark vaults
SushiSwap fee-management ALM2025-11-18OmnisciaFee-management ALM
Blackhole position manager2025-10-16OmnisciaBlackhole position manager
Uniswap v4 liquidity manager2025-09-19OmnisciaUniswap v4 liquidity manager
PancakeSwap Infinity hook2025-09-03OmnisciaPancakeSwap Infinity hook
Algebra v4 hook integration2025-08-28OmnisciaAlgebra v4 hook integration
Options-vault report2024-04-03*HashlockOptions vaults with Stryke
Algebra Integral position manager and Smart Rewarder2024-05-02OmnisciaPosition manager and Smart Rewarder
Algebra strategies2023-10-23OmnisciaAlgebra strategies
Core implementation2023-10-23OmnisciaCore implementation
Early core-contract report2023-05-02OmnisciaEarly core contracts

*The date shown is the label in the prior report index. The controlled audit register uses the date stated in the report itself.

Control areas

Control areaCoverageDetailed material
Smart-contract change managementReview, release approval, privileges, timelocks, guardians, and deployed versionsNDA / restricted
Offchain infrastructureWorker versions, rollout controls, health, telemetry, alerting, and rollbackRestricted
Administrative authorityRole inventory, multisig or timelock policy, access review, and recoveryRestricted
Integration reliabilityAdapter versions, provider dependencies, redundancy, and failure handlingNDA / restricted
Monitoring and incident responseSeverity, detection, escalation, communication, and postmortem processRestricted
Business continuityBackup, recovery, dependency, and continuity testingRestricted

Matador assurance

Matador’s security package connects the policy mechanism to a deployed product path. It includes the policy schema, authority model, covered paths, deployed versions and addresses, pre- and post-condition tests, example allowed and reverted transactions, independent-review mapping, and emergency or exception controls.

Read the Matador technical overview →

Security document index

MaterialAccessWhat investors can review
Public independent-review linksLink accessOpen the independent reviews now
Audit-to-release and deployment mappingNDARelease and deployment mapping after NDA
Finding, remediation, and retest registerNDA / restrictedRemediation summary after NDA; sensitive finding details reviewed separately
Smart-contract authority and change-control packageRestrictedAuthority model, privileged roles, and change-control procedures during security diligence
Infrastructure architecture and access controlsRestrictedInfrastructure design and access-control procedures during security diligence
Monitoring, incident, and near-miss recordsRestrictedIncident-response process and relevant records during security diligence
Business-continuity and recovery testsRestrictedRecovery procedures and test evidence during security diligence
Matador policy and transaction-assurance packageNDA / restrictedPolicy specifications after NDA; sensitive transaction evidence reviewed separately

Contact Steer to arrange NDA access or a security diligence review.

Back to Documents →