The Weekly Yax #10: Security

The Weekly Yax is the easiest way to keep up with the yAxis Project.

Every Sunday, we highlight major news and developments, alongside key takeaways from the week’s episode of Ya Herd?

Major News & Developments

• June 21st revealed the winning “Cointest” design. View the voting results here.
• June 22nd the yAxis Project Twitter eclipsed 7,000 followers.
• June 25th marked the 10th episode of Ya Herd?
• June 26th concluded the second Champions Table Design Contest. Voting for the design submissions will begin shortly.

Ya Herd? Week #10 Key Takeaways

Security Features & Practices:

• Major product changes are always audited and relevant issues identified by the audit are resolved. See the v2 audits here.
• Smart contract interactions (which introduce flash loan risk) are not allowed in MetaVault v2. Canonical Vaults will introduce a solution to allow select interactions to open up new pools of capital to deposit, but retain security and mitigate flash loan risk.
• Halt flag introduced in v3 will mitigate the risk of malicious governance as yAxis continues down its DAO-directed management journey.
• Chainlink Keepers in v3 will introduce more automation, enabling greater decentralization of vault management and quicker response times to further increase safety of users’ funds.
• Decentralized fund management adds an extra layer of security due diligence before major changes and/or strategies are deployed.

Immunefi: As ongoing preventative security measures, yAxis has a Bug Bounty through Immunefi and is an early adopter of Immunefi’s War Room crisis response hotline. See recent evidence of the effectiveness and robustness of Immunefi’s Bug Bounty system here.

Planned Insurance Implementation: As discussed in Week 8, yAxis’s planned insurance implementation would enable vault users to lock their vault tokens in a separate contract, which would be used to credit remaining vault users in the case of an insurance event, as determined by governance (i.e. underlying strategy is exploited). This market-driven solution is similar to a tranching implementation, which allows the vault users themselves collateralize the insurance via market incentives (i.e. earning higher yield). Bringing insurance in-house improves the UX because vault users no longer have to waste time identifying and vetting insurance providers, trust that the third-party provider will actually pay out in the case of an insurance event, or constantly renew their coverage. All of these hurdles are resolved in an efficient, market-driven manner — consistent with yAxis’s goal of making DeFi easy, accessible, and secure.

How Security Drives Value to yAxis: Building upon Week 7, where we did a landscape analysis of yields in traditional finance, even low single-digit yields appear attractive to institutional capital. The main barrier to onboarding this capital is institutions don’t want to take risk, can’t quantify smart contract risk, and don’t have time or expertise to navigate DeFi. yAxis, moving to more automated, DAO-directed management with in-house insurance, provides a strong suite of solutions to these address barriers. Leveraging this competitive advantage and institutional partners like COSIMO X, yAxis is well-positioned to grow its TVL and drive revenue for vault governors.

Even within “crypto native” capital, risk-adjusted yields are gaining traction. People pop in Discord all the time with “[insert new farm] offers 5,000% APY. How will yAxis compete with that?” As you saw with Titan, we didn’t have to compete with them very long and that situation resolved itself. As we discussed in Week 8, not all yields are built the same. If all users chased the “highest nominal yield,” then yAxis, yearn, and others would have no TVL. As we all know, that’s not the case. This risk-adjusted dynamic really highlights the value proposition of yAxis, which is to provide attractive returns with industry-leading security.

Why Do Many Projects Struggle With Security? Solidity is still very niche, new, and difficult to master. Across the DeFi landscape, there is a real lack of experienced developers who have a track record of consistently building safe, useful products. As a result, this naivety often leads to exploits and other issues. While audits and other security measures are helpful, experienced Solidity developers, who are able to see potential holes and vulnerabilities that others cannot, are invaluable, which is why yAxis so lucky to have transferAndCall, who is not only a Solidity OG, but a professional at it.

The full recording of this week’s episode can be found here.

yAxis Project Stats of the Week

• MetaVault TVL $36.1 million, earning 13% APY.
• YAXIS staking 291% APY (137% APR) and LP 420% APY (177% APR).
• Nearly 1,450 YAXIS bought back with MetaVault revenue this week for distribution in The Great Harvest.

Community Content Spotlight

This week’s community content spotlight goes to warwickd, the winner of the first Champions Table Design Contest — the “Cointest.” The yAxis community spoke, and warwickd’s outstanding design (shown below) resonated with them the strongest.

You can view the voting results and other finalist designs here. Congratulations warwickd! Thank you to all yAxis Herd members who participated.

Join Us: Bounties & Jobs

Coordinated by the yAxis Champions Programme, the yAxis Bounty Board lists requests for proposals (RFPs), where community members can respond to specific Project needs and receive compensation upon task completion. See the current opportunities below and check the Bounty Board frequently as more opportunities will be added over time.

If none of the current opportunities appeal to you, but you would still like to contribute, reach out to waali@yaxis.io. You have the opportunity to shape the next era of yAxis.

That concludes the tenth edition of The Weekly Yax. Thank you for reading and looking forward to many more!

Onward and upward, Yax Herd!