Operational security

Opsec Reviews

Review of the keys, processes, and pipeline around your protocol, not just the code.

The most common way a protocol loses money is not a smart-contract bug, it's a compromised deployer key, a stale upgrade authority, or an incident response that nobody rehearsed. We review the whole operational surface.

Audit Inquiry Speak to an Auditor

Operational security

Process is the perimeter.

A code audit answers “can this program be broken?” An opsec review answers a more uncomfortable question: “if something goes wrong, do we have the people, processes, and access controls to recover?” On Solana, that question is increasingly the one with the highest expected cost, most of the public losses in the last 18 months were operational, not cryptographic.

We start with structured interviews. Who has signing authority? On which keys? Where do those keys live? When was the last time the multisig signer set was reviewed? Are there off-boarded contributors whose keys are still in the topology? These are simple questions, but they’re rarely written down in one place, and the act of writing them down is itself half the value of the engagement.

We then observe at least one live operation, a deploy, an upgrade, a parameter change, end-to-end. Watching a signing ceremony is the only way to find out whether the actual practice matches the policy.

Finally we run a tabletop incident drill: a critical bug has just been disclosed, an exploit has just landed on mainnet, a signer’s laptop has just been compromised. We walk through who pages whom, who can pause what, what the communication channels are. The report that follows isn’t a list of code findings, it’s a prioritized list of process changes, with which ones are urgent and which can wait a quarter.

What we cover

The surface area of a typical engagement.

01

Key custody

Hot vs. cold separation, hardware wallet usage, signing ceremony procedures.

02

Multisig topology

Squads / Realms configurations, signer set, threshold, off-boarding hygiene.

03

Deployment pipeline

Build reproducibility, CI signing, artifact verification, upgrade authority lifecycle.

04

Incident response

Runbooks, on-call rotations, freeze procedures, communication channels.

How we work

01

Interview-driven discovery

Structured interviews with engineering and ops leads to map current practice.

02

Live signing-ceremony review

We observe a real deploy or upgrade end-to-end and flag every weakness in real time.

03

Tabletop incident drill

A scenario walkthrough, "a critical bug has just been reported, what happens next?"

04

Report with prioritized fixes

Findings ranked by likelihood × impact, with concrete process changes.

Ready to audit your protocol?

Submit your protocol for review and we'll respond within 24 hours. Our researchers have prevented 50+ critical exploits across the Solana ecosystem.

Lead time2–4 weeksPost-audit support6 monthsCoverage100% Solana

Submit Audit Inquiry Speak to an Auditor