Asset Management
Enforce investment mandates and risk controls as code. Reduce mandate drift, improve auditability, and contain risk with measurable guardrails.
Asset Management
Hook: investor trust meets mandate drift
It's Monday morning, and an allocator calls. The fund is up on the month, but the questions aren't about performance—they're about process.
"Why was that pool included in the universe?"
"Who approved this trade?"
"The risk officer reviewed that new token."
The portfolio manager has answers—screenshots, chats, a spreadsheet with timestamps. The risk officer has a different problem: none of it is enforceable in practice. The mandate is a PDF, trading is fast, and the line between "discretion" and "drift" is always one click away.
The mandate is a document sitting somewhere. Execution moves on-chain. And controls—universe limits, risk caps, execution quality—often stayed off-chain: best-effort checklists, internal policy, and after-the-fact reporting.
That's where things begin to break systemically: not because people stop caring, but because the system doesn't refuse violations. It only records them—sometimes not even reliably.
Problem Evolution: how crypto asset management scaled, and when it started breaking
Early days: trust-based operations (2017–2019)
Crypto asset management started with small teams moving quickly. Trades were manual: a trader clicked "buy," a multisig signed, and a transaction executed.
The process worked because teams were small and trusted. Oversight was simple—"did you sign that trade?"—and checks were manual reviews. If something went wrong, you fixed it.
Scaling complexity: "structured" products emerge (2019–2022)
As capital grew, strategies got more complex:
- Rebalancing: Automated delta-neutral vaults maintaining exposure across tokens
- Options vaults: Yield enhancement strategies selling covered calls and puts
- Structured products: Custom vaults with specific rules (target weights, asset universes, risk limits)
These "structured" products looked like DeFi innovation—smart contracts with configurable parameters—but the operating model remained trust-based. Investors approved a product design, but the day-to-day execution was handled by a trading desk and risk team using emails and spreadsheets.
The inflection point: on-chain execution meets enforcement gap (2023–present)
As protocols moved to on-chain operations, a gap emerged: execution became possible, but enforcement stayed off-chain.
- Smart contracts could execute strategies fast
- But permissioning still required manual approvals
This created a new pattern: delegated execution (operators, bots, services) with off-chain risk controls (checklists, monitoring).
The mismatch: sophisticated on-chain execution running on aspirational off-chain controls.
Tension: why existing approaches keep failing
You're responsible for fund safety. Your pains:
- Trust gaps: Can't verify if execution actually matched the mandate
- Mandate drift: Discovering deviations after they happen
- Opaque execution: Can't clearly see or explain why actions were taken
- Compliance friction: Every new rule requires manual review—what did this month's spreadsheet say?
Your stakes:
- Credibility on the line: Investor confidence drops when drift is discovered late
- Regulatory risk: Manual enforcement creates compliance blind spots
- Auditability breakdown: Post-mortems take weeks instead of being generated from data
You're executing strategy. Your pains:
- Process bottlenecks: Waiting for approvals slows you down
- Manual reconciliation: Matching trades back to mandate is error-prone
- Visibility gaps: Can't see exposure across all positions in real-time
- Ad-hoc overrides: Traders work around your constraints verbally ("just this once")
Your stakes:
- Operational efficiency: Execute more trades per day within constraints
- Accuracy: System enforces rules, reducing "fat-finger" mistakes
- Predictability: Know what's allowed before attempting actions
Insight: make mandates enforceable, not aspirational
The shift is simple: stop treating mandates as documents that people should follow, and start encoding them as policies—explicit rules that systems can enforce at execution time.
Instead of asking "was this discretionary?", the system checks a policy:
"Can this transaction pass mandate checks?"
That's the "aha." Matador lets you translate a prospectus into rules of the road—explicit constraints that either pass or revert.
In plain English: the rulebook isn't a PDF—it's enforced by chain.
"The mandate is code."
Instead of trusting that a trader won't exceed concentration limits, you enforce them with concentration guards.
This gives you the best of both worlds: human discretion on strategy choices, machine enforcement of boundary conditions.
Resolution: Matador's model for asset management
Matador doesn't ask you to automate everything. It asks you to make mandates enforceable.
You encode limits investors care about—what can be traded, how concentrated exposure can get, what execution quality looks like. Then you let the desk operate normally inside those rails.
This changes the operating model:
- For allocators and risk officers: You define and authorize constraints once. Then the allocator can deploy them directly.
- For portfolio managers: You receive a scoped session key or authorization. You can execute trades, but only within pre-defined parameter bounds.
- For investors: You get transparency. Every authorized action emits an event with policy metadata. You can verify that the mandate is being honored in real time.
For day-to-day workflows, it feels like this: a manager submits a transaction, and Matador checks it against the mandate. If it's on-mandate, it goes through. If it's out-of-mandate, it fails safely.
Proof: trust comes from constraints you can inspect
Explicit constraints
Mandates are encoded as human-readable policies. Reviewers can see exactly what's allowed and what's blocked. No more "we followed the spirit of the document" excuses when things drift sideways.
On-chain enforcement
Constraints are enforced on-chain by an interpreter. Guarantees don't depend on a manager's code path, retry logic, or monitoring setup. If a policy says "no concentration above 20%," that bound is checked where the transaction is decided.
Fail-safe behavior
The system is designed to fail closed. Unknown or malformed inputs revert. Stateful checks run before and (when configured) after execution. If conditions aren't met, the transaction doesn't execute—period.
What we don't claim
We don't guarantee liveness. Market congestion, RPC failures, and adversarial conditions can still block execution. We make failure predictable and bounded—so you can design for it, not be surprised by it.
Next steps: where to start
Read the architecture
Learn how the DSL, compiler, and interpreter work together to enforce policies on-chain.
Understand mandates and constraints
Explore the constraint types available (universe constraints, concentration limits, execution constraints, risk controls) and how to encode them in policy.
Build your first policy
Walk through a guided tutorial: define a simple mandate and deploy it as a vault or smart account module.
Explore recipes
Start from proven patterns: target-weight rebalancing, covered calls, concentration guards.
Why it matters
When mandates are enforceable, conversation changes. Instead of debating interpretation or investigating drift months after the fact, you can point to the encoded policy and ask "was this compliant?"
This speeds up operations and reduces friction. Allocators can deploy new strategies without waiting for governance cycles. Portfolio managers can execute more trades while staying within risk limits. Investors get transparency without slowing down the desk.
The compounding effect
Every constrained action you don't have to review is one you can safely automate. Over time, your approval backlog shrinks, your operational overhead drops, and your team can focus on strategy instead of permission-chasing.
Story snippet
A fund allocates to a new crypto strategy that hasn't been used before. The risk officer encodes concentration limits and exposure caps into a policy. The allocator deploys this as a vault with Matador enforcement. The portfolio manager receives a scoped session key.
Weeks pass. Trades execute automatically: within the 10% concentration limit, only through approved protocols. Every transaction that violates the policy (too much exposure, trading outside the universe) reverts with a clear error message.
Month-end audit. The risk officer pulls on-chain logs and generates a report. No one touched a private key. No one had to reconstruct trades from spreadsheets.
The mandate stayed within bounds. The investor can verify this—on-chain—in real time.
"The fund stays on mandate, and the investor report writes itself."