News

Andre Cronje, the creator of Yearn.Finance, has recently made security audits of his project publicly available. He explained to Cointelegraph that he had been previously withholding these audits, which were completed months ago, so as to not give users a false sense of security:

I always refused to publish the audits because I don’t want people to get a false sense of security because of them.

Yesterday, Cronje published five audits on the project’s GitHub repository. The audits were performed between February and July by leading auditors, such as Certik and Quantstamp. Some of the vulnerabilities that were discovered are classified as “critical”. For instance, Certik identified “a major vulnerability, which under quite common situations could temporarily block users from withdrawing all of their funds.” Cronje explained that although this was a design choice, it is still a vulnerability:

If you lend, the risk always exists that there are more assets borrowed than the available liquidity to withdraw.

He added that other major DeFi projects like Compound and Aave share this vulnerability. Cronje decided to publish these audits as proof that he subjects his code to external scrutiny, but regardless, people “throw money into contracts when they see ‘audited'”:

“But since the whole ‘no audit yolo’ narrative, decided to share them, so people understand, I still do audits, I just don’t share them, because I want people to understand the risk.”

Another DeFi project called Yam.Finance recently collapsed due to an irreconcilable bug after launching without external audits.

Products You May Like

Articles You May Like

New Peer to Peer Exchange Provides Africans with an Alternative to Paxful
Joke MEME coin airdrop is now worth $600K
DeFi, celebrities charged and Kiss: Bad crypto news of the week
CoinEx Lists ONES Token First and Launches Initial Trade Offering with OneSwap’s Official Launch
James Charles Didn’t Invent Color Blocking, Neither Did Hila Klein
Analyst: 1,500 Bitcoins Lost Every Day, Less Than 14 Million Coins Will Ever Circulate

Leave a Reply

Your email address will not be published. Required fields are marked *