Security

yAcademy

(c) yAcademy

Yearn Finance launched yAcademy (proposal launched in November 2020, pilot executed in July 2021).

What is yAcademy you ask? Here is a summary (from the original proposal):

We launch the yAcademy: a security wing tasked with auditing Yearn’s contracts, attracting and retaining top talent, and eventually generating revenue by expanding its auditing services to the ecosystem at large. Mission: audit Yearn contracts in a collaborative and semi-structured process. Administrative costs are kept near zero, as the tasks of advocacy, event organizing, educational curriculum are handled by our partners at Gitcoin and Status. The yAcademy is net positive from day one since money that would have otherwise been an operational expense given to auditing firms is now an investment that should pay back the principle immediately (in the form of audits of Yearn contracts) and generate revenue eventually (once the team has expanded to offer services to the ecosystem).

yAcademy will be operated as a joint venture by the yAcademy partners—Yearn (through the Multisig Council), Gitcoin, Status and member-auditors (including the first five auditors to join). The alignment can be seen in the following figure:

yAcademy's envisioned talent funnel (c) yAcademy
  • What is Yearn Finance? Check out this article: https://coincentral.com/what-is-yearn-finance/ 
  • There exists a DAO (ReviewDAO) to engage security reviews from peers, but it seems dead (unless there is an active Discord, which I doubt, but I didn't check).
  • Immunefi is a DeFi bug bounty platform which has more success, but I'll cover this in a separate blog post.