# Audits

SIR has been audited by multiple independent security firms. After the [March 2025 exploit](https://docs.sir.trading/protocol-overview/user-risks/exploit-and-relaunch), the protocol was rebuilt and subjected to four comprehensive audits before relaunching.

## MegaETH Launch Audit

| Auditor                                                          | Scope                     | Report                                                     |
| ---------------------------------------------------------------- | ------------------------- | ---------------------------------------------------------- |
| [**Egis Security**](https://www.sir.trading/audits/egis-megaeth) | MegaETH deployment review | [View Report](https://www.sir.trading/audits/egis-megaeth) |

## Post-Relaunch Audits (Ethereum)

These four audits were completed on the rewritten codebase before the protocol went live again:

| Auditor                                                          | Scope                | Report                                                 |
| ---------------------------------------------------------------- | -------------------- | ------------------------------------------------------ |
| [**Custodia Security**](https://www.sir.trading/audits/custodia) | Full protocol review | [View Report](https://www.sir.trading/audits/custodia) |
| [**Egis Security**](https://www.sir.trading/audits/egis)         | Full protocol review | [View Report](https://www.sir.trading/audits/egis)     |
| [**Syzygy**](https://www.sir.trading/audits/syzygy)              | Full protocol review | [View Report](https://www.sir.trading/audits/syzygy)   |
| [**Guild Audits**](https://www.sir.trading/audits/guild)         | Full protocol review | [View Report](https://www.sir.trading/audits/guild)    |

## Pre-Exploit Audit (Historical)

| Auditor                                                              | Scope                                    | Report                                                         |
| -------------------------------------------------------------------- | ---------------------------------------- | -------------------------------------------------------------- |
| [**Egis Security**](https://www.sir.trading/audits/egis-pre-exploit) | Original protocol audit (pre-March 2025) | [View Report](https://www.sir.trading/audits/egis-pre-exploit) |

{% hint style="info" %}
All audit reports are available at [sir.trading/audits](https://www.sir.trading/audits).
{% endhint %}

## Ongoing Security

Security is an ongoing commitment. In addition to audits, SIR maintains:

* A [Bug Bounty](https://docs.sir.trading/protocol-overview/user-risks/bug-bounty) program rewarding high and critical vulnerability disclosures
* A [Beta Period](https://docs.sir.trading/protocol-overview/user-risks/beta-period) with protocol state controls (Emergency Mode, Shutdown) as safety guardrails
* Immutable, non-upgradable core contracts — once deployed, the code cannot be changed