Swarm (Swarm Markets)

About

Swarm is a compliant blockchain platform that tokenizes real-world assets — publicly traded stocks, US Treasury bond ETFs, and gold — and enables 24/7 on-chain trading via a decentralized exchange infrastructure on Polygon. The platform offers a regulated environment where users can swap tokenized securities and crypto, place limit orders through the dOTC (decentralized over-the-counter) protocol, and earn rewards by providing liquidity or holding/staking RWAs. It serves both retail investors and institutions seeking compliant, self-custodied access to traditional financial assets on-chain.

Where Does Yield Come From?

On Swarm, you can earn yield from three main reward streams. All of them are paid from the SMT Rewards Pool — a large pool of SMT tokens (the platform's own token) that releases a little less each week over 10 years.

1. Liquidity Provider Rewards. If you place limit orders (offers to buy or sell at a set price) on the dOTC (decentralized over-the-counter) trading protocol, and those offers are visible, sensible, and within a reasonable price range, you earn SMT tokens. The amount you earn is based on the dollar value of your offer compared to the total value locked across the protocol. If your offer includes a real-world asset (RWA) like tokenized stock or gold, your reward weight gets a 2x boost.

2. RWA Holder Rewards. Simply holding tokenized stocks, bonds, or gold NFTs in your wallet counts toward rewards — and with a 4x boost on the balance used for calculating your share.

3. RWA Staking Rewards. You can stake (lock up) SMT tokens against a specific real-world asset. Your reward is a proportional share of that asset's own reward pool, based on how much SMT you've staked compared to others.

On top of those reward streams, the tokenized US Treasury Bond ETFs (called TBONDS01 and TBONDS13) earn yield from the actual interest paid by the underlying bonds. That interest flows directly to the token holders.

Fees and costs. When you trade on the dOTC protocol and someone takes your limit order, you pay a 0.25% maker fee. In AMM-style liquidity pools (automated market maker pools), the pool operator sets swap fees; before they get their cut, 25% of those swap fees (or 0.1% of the amount swapped, whichever is larger) is set aside as claimable by Swarm. Swarm also collects fees when RWAs are issued or redeemed.

Governance. Holding SMT tokens gives you a vote on decisions about reward policies and token economics — so the community helps shape how the rewards system works over time.

Persons

Philipp Pieper
Co-founder
LinkedIn
Timo Lehes
Co-founder
LinkedIn
Katie Evans
Chief Business Development and Communications Officer
LinkedIn
Sam Stone
Head of Product
LinkedIn
Peter Schott
Managing Director
LinkedIn

Audits

Audit / Date	Findings	Verdict
Pessimistic15-04-2021	Critical0 High0 Medium5 Low17 Info0	The Pessimistic audit found no critical vulnerabilities and a manageable set of medium-severity issues, most of which were fixed before the rechecked version; the residual risks (unchecked approve returns and the Balancer-original bug) were acknowledged by the development team and scoped to the project's specific token environment.
Pessimistic03-06-2022	Critical0 High0 Medium0 Low0 Info0	No critical vulnerabilities were identified, and all substantive medium-severity bugs were fixed across the audit's iterative rechecks; the remaining design concern around privileged roles is mitigated by the project's regulated-financial-entity framework and mandatory KYC/AML for all administrative addresses.
Pessimistic04-03-2022	Critical0 High0 Medium2 Low1 Info0	The audit found no critical or high severity vulnerabilities; the two medium severity issues (overpowered admin roles and a single failing test) and one low severity code quality issue were noted with actionable recommendations, indicating that the contracts can be deployed after the team addresses centralisation risks and test failures.
Pessimistic11-05-2022	Critical2 High0 Medium4 Low14 Info1	The audit identified and remediated critical front-running and access-control vulnerabilities, but residual risks from overpowered admin roles and declining test coverage warrant continued attention before deployment.
Pessimistic28-03-2022	Critical0 High0 Medium4 Low6 Info0	The audit found no critical vulnerabilities, and all medium and low issues (except the acknowledged overpowered roles) were fixed in the updated codebase; the residual risk around privileged roles should be mitigated with multisig as recommended.
Pessimistic09-11-2021	Critical0 High0 Medium3 Low4 Info0	The audit found no critical vulnerabilities, and the three medium-severity concerns — an overpowered admin role, failing tests, and missing documentation — were either addressed in the subsequent code update or carry inherent architectural risk that the project accepted. Overall, the Action Manager contract poses low residual security risk provided the admin keys are secured (e.g., via multisig).
PeckShield07-02-2025	Critical0 High0 Medium2 Low1 Info0	The PeckShield audit found no critical or high-severity issues; the two medium-severity and one low-severity findings were promptly fixed or mitigated, indicating the Swarm Bundles contracts are reasonably well-secured for deployment.
Protofire—	Critical0 High0 Medium1 Low1 Info1	Protofire found one medium-severity front-running risk and several lower-severity issues in the AssetTokenIssuer contract, all of which the developer fixed; the audit confirms the remediated code is safer but emphasizes that careful administration of price feeds remains critical to avoid mispricing.
PeckShield07-02-2025	Critical0 High0 Medium2 Low3 Info0	The audit found no critical or high-severity issues; the two medium-severity findings (weak type validation and admin key trust) were resolved or mitigated, and all low-severity findings were fixed, indicating the codebase is reasonably secure for deployment.
Pessimistic15-04-2021	Critical0 High0 Medium5 Low17 Info0	The audit found no critical vulnerabilities, and all five medium-severity issues were resolved or acknowledged before the final code version, indicating that the Swarm Markets contracts met a reasonable security standard at the time of review.
Pessimistic22-11-2021	Critical8 High0 Medium7 Low16 Info0	The audit identified eight critical vulnerabilities that completely break the system's economic model, along with numerous medium and low severity issues, and the report strongly recommends against deploying the contracts without substantial rework and proper testing.

Legal

Legal form

GmbH (Gesellschaft mit beschränkter Haftung, limited liability company under Liechtenstein law)

Registration jurisdiction

Liechtenstein (Vaduz); Register FL-0002.608.155-1, Amtsgericht (Vaduz)

Status and notes

Operator: Swarm Capital GmbH, Landstr. 37, 9490 FL-Vaduz, Liechtenstein. Registered with the Amtsgericht of Liechtenstein under FL-0002.608.155-1, TaxID 2608155. Managing directors: Philipp Pieper and Timo Lehes. Imprint, Terms of Service (including General T&Cs, Special Conditions for Cryptographic Assets, and Custody Agreement), and Privacy Policy are published at docs.swarm.com. The website footer displays “Swarm Capital GmbH – All rights reserved” and links to these legal documents. The Terms of Service state that the laws of the Federal Republic of Germany apply (to the extent not overridden by Liechtenstein corporate law). Swarm Capital GmbH describes itself as a technical service provider, not a bank or financial services firm under German law.