Operational Security


In order to protect users in case of any unexpected changes in our code, a 24-hour timelock mechanism is utilised. As the protocol matures to a slower pace of development, the timelock delay may be upgraded to a longer duration.

Multi-sig with Hardware Wallets Signers

In addition to a timelock, every owner update to deployed smart contracts must be approved by 2/3 of the multi-sig signers. Each signer is verified by Jeff, the project lead of Steadefi, and is using a dedicated hardware wallet for this purpose. As the protocol matures to a slower pace of development, the number of signers for the multi-sigs may increase to 3/5.

Restrictive Permissions

We ensure in all internal communications, files, and contracts that only limited and specific relevant team members or advising parties can access or interact with any of Steadefi’s services and data.

Two-Factor Authentication (2FA)

Strong 2FA is required in all internal and external services used by Steadefi staff.

Safe Online Practices Education

Team members on every level are trained in avoiding all phishing or fake software/websites, including any crypto-related email files or other suspicious links. Public Wi-Fi will also be avoided.

Risk Assessments

Steadefi is working with LedgerWorks to assess our team and protocol’s risks on a holistic manner. More details will be shared upon completion of these assessments.