Yearn needs a dedicated security team with clearly defined tasks and values. Security and innovation are the main points that differentiate Yearn from other yield aggregators.
Plan
The strategy that lost money didn't have a problem in the code, meaning that the review was done correctly but the problem was in the underlying protocol. This means that the security measures done before deploying the code are on the level but there is a need to monitor the strategy and the protocol after the strategy has been deployed. Building a monitoring system for the underlying protocols must be a high-priority task to ensure strategy safety. The team will also do all internal security reviews of the Yearn ecosystem. All planned tasks are splitted into the following 3 categories.
1 - Internal security reviews of yearn
V3 Strategy Reviews:
Strategy Security Reviews: Focus on identifying bugs in production and assessing audit quality.
Enforcement of GitHub Actions: Ensure that GitHub Actions for tests are completed and working before moving to production. Create Actions to trigger daily on deployed strategy contracts to verify emergency functions won't revert. This was the problem with Sonne strategy, withdrawals were reverting.
Risk Score Attachment: Attach risk scores to issues based on prepared risk assessments and add comments to justify the scores if necessary.
Complex Strategies and High TVL: For strategies marked as complex, having significant TVL in production, or being good candidates for external protocol collaboration, the team will add a "Recurring Review" issue to prioritize later review by other team members. The frequency of recurring will depend on the TVL and strategy risk score. Detailed approach will be defined after asset allocation to single asset vaults.
Ventures (yETH, veYFI etc)
The team will do the full reviews of other projects from Yearn ecosystem. Recurring reviews will be done if needed.
Immunefi Management
Yearn Finance has an open bug bounty program on Immunefi. Submitted bugs will be checked and verified by the team. Also, the new contracts will be added to Immunefi as they are deployed and ready for the bug bounty program.
2 - Yearn Risk Assessment Dashboard
Risk Score Framework already defined previously by ySecurity team. All current strategies have assigned risk scores in Excel.
In addition to the Excel sheet and defined risk score parameters, there will be a brand new website for users to check all strategies and their risk scores, as well as the monitoring we are performing for the strategies, if any. The development of the website is currently being handled by Marco, who will also receive a grant specific to this BR for his great work.
There isn't any active maintenance required other than updating the new scores to the UI. However, if this needs any updates or maintenance we will take care of it.
These values will be used to define monitoring that has to be set up for the strategy, higher scores must provide higher monitoring. The dashboard will be hosted on yearn.fi subdomain.
3 - Risk Monitoring
The team will work with the strategist on which data should be monitored to ensure strategy safety. Help in building the monitoring system. Tenderly will be used heavily for this with additional custom tools depending on the protocol. An example of a Tenderly alert was the Sonne Timelock controller that was sending alerts for every new scheduled transaction. Another example of custom bots is USDR treasury tracker that helped us to withdraw the funds from Pearl strategy that was tested on ape.tax.
With better monitoring, we can allow more risky strategies but automated actions for existing strategies have to be in place.
Create and manage Telegram monitoring groups for each protocol. Some protocols that are planned to be monitored include:
Maker(DAI): sDAI conversion rate, convertToAsset value should only go up. Track PSM (Peg Stability Module) fee rates to verify USDC:DAI is 1:1.
Lido(stETH): Track market peg in Curve and Balancer stETH/ETH pools. Check slashing in validators.
Pendle: Monitor the Pendle PT underlying tokens' liquidity to ensure the strategy is not left with PT underlying tokens without liquidity to swap them back to the asset. An example of this would be the depegging of an LRT that has no withdrawals or a hacked protocol's yield token.
Define additional protocols for monitoring depending on asset allocation and configuration that can change. Ajna has only 8M TVL but could be first in line depending on allocation.
Explore future improvements to the current testing suite.
Note
We envision this BR as a recurring BR that we will renew each quarter.
For this one, Tapir has an already approved BR in this timeline. He won't be receiving any payment for the first half month of this BR as he got approved BR for that month.
Marco is in charge of the web development for the Yearn Risk Assessment Dashboard. He will also receive a one-time grant under this BR for his work.
Deadline
2024-10-30
People
Spalen
Tapir
Marco
Money
The budget will cover 3 and a half months: 15/07/2024 - 30/10/2024
Monthly $24k DAI. Tapir's budget for July will cover the first half of the month. He will receive the payment for the other 3 months.
One-time payment for Marco $10k DAI.
Infrastracture cost is covered with the total amount.
Scope
Yearn needs a dedicated security team with clearly defined tasks and values. Security and innovation are the main points that differentiate Yearn from other yield aggregators.
Plan
The strategy that lost money didn't have a problem in the code, meaning that the review was done correctly but the problem was in the underlying protocol. This means that the security measures done before deploying the code are on the level but there is a need to monitor the strategy and the protocol after the strategy has been deployed. Building a monitoring system for the underlying protocols must be a high-priority task to ensure strategy safety. The team will also do all internal security reviews of the Yearn ecosystem. All planned tasks are splitted into the following 3 categories.
1 - Internal security reviews of yearn
V3 Strategy Reviews:
Ventures (yETH, veYFI etc)
The team will do the full reviews of other projects from Yearn ecosystem. Recurring reviews will be done if needed.
Immunefi Management
Yearn Finance has an open bug bounty program on Immunefi. Submitted bugs will be checked and verified by the team. Also, the new contracts will be added to Immunefi as they are deployed and ready for the bug bounty program.
2 - Yearn Risk Assessment Dashboard
Risk Score Framework already defined previously by ySecurity team. All current strategies have assigned risk scores in Excel. In addition to the Excel sheet and defined risk score parameters, there will be a brand new website for users to check all strategies and their risk scores, as well as the monitoring we are performing for the strategies, if any. The development of the website is currently being handled by Marco, who will also receive a grant specific to this BR for his great work.
Sneak peek of the website: Yearn Risk Assessment Dashboard
There isn't any active maintenance required other than updating the new scores to the UI. However, if this needs any updates or maintenance we will take care of it. These values will be used to define monitoring that has to be set up for the strategy, higher scores must provide higher monitoring. The dashboard will be hosted on yearn.fi subdomain.
3 - Risk Monitoring
The team will work with the strategist on which data should be monitored to ensure strategy safety. Help in building the monitoring system. Tenderly will be used heavily for this with additional custom tools depending on the protocol. An example of a Tenderly alert was the Sonne Timelock controller that was sending alerts for every new scheduled transaction. Another example of custom bots is USDR treasury tracker that helped us to withdraw the funds from Pearl strategy that was tested on ape.tax.
With better monitoring, we can allow more risky strategies but automated actions for existing strategies have to be in place.
Create and manage Telegram monitoring groups for each protocol. Some protocols that are planned to be monitored include:
Define additional protocols for monitoring depending on asset allocation and configuration that can change. Ajna has only 8M TVL but could be first in line depending on allocation. Explore future improvements to the current testing suite.
Note
We envision this BR as a recurring BR that we will renew each quarter.
For this one, Tapir has an already approved BR in this timeline. He won't be receiving any payment for the first half month of this BR as he got approved BR for that month. Marco is in charge of the web development for the Yearn Risk Assessment Dashboard. He will also receive a one-time grant under this BR for his work.
Deadline
2024-10-30
People
Money
The budget will cover 3 and a half months: 15/07/2024 - 30/10/2024
Amount (Total)
88000 DAI
Wallet address
TBD
Reporting
Monthly