From April 14, 2025 to April 24, 2025, Risc Zero engaged Veridise to conduct a security assessment of their Steel library. The security assessment covered the updates made to the Steel zkVM application library. Compared to the previous version, which Veridise has audited previously, the new version adds several new features, including the ability to create historical proofs for older execution blocks, the ability to prove that an event was emitted in a block and the ability to verify a steel commitment with respect to another environment. Veridise conducted the assessment over 27 person-days, with 3 security analysts reviewing the project over 9 days The review strategy involved a tool-assisted analysis of the program source code performed by Veridise security analysts as well as thorough code review.