The Weekly Yax #18: v3 Launch Strategy

The Weekly Yax is the easiest way to keep up with the yAxis Project.

Every Sunday, we highlight major news and developments, alongside key takeaways from the week’s episode of Ya Herd?

Major News & Developments

Ya Herd? Week #18 Key Takeaways

This week’s episode was motivated by the desire to align the v3 Launch Strategy with community sentiment. As a result, yAxis utilized this week’s Ya Herd? as an opportunity to summarize major takeaways from the recent v3 Launch Strategy medium article, highlight key themes from the ongoing Forum discussion, and field community questions.

Summarizing the v3 Launch Strategy Medium Article

To recap the driver behind the delay in audit completion, as discussed in Ya Herd? Week 17, the yAxis team had a prior relationship with Quantstamp that allowed yAxis to bypass the audit queue in previous launches, saving time and allowing yAxis to launch products quickly after the code was completed. As a result of this historical relationship, the assumption was made that the v3 launch would proceed similarly. However, changing circumstances and explosive demand for audits make this no longer the case. yAxis was forced to sit the audit queue — a Quantstamp queue that is booked through the end of 2021.

With Tier 1 audit firms like Sigma Prime and Trail of Bits also with 6–9+ month wait times, you may be wondering what the drivers are behind this exorbitantly long queue. The explosion of DeFi and accompanying exploits has led to massive demand growth for reputable auditors. This demand growth comes against a backdrop of a limited talent pool of solidity experts with deep security knowledge, setting up a dynamic of rapid growth against a relatively inelastic supply and thus leading to long wait times.

As we discussed in the Week 5 Origin Story article, smart contract security is still a comparatively new discipline, which is why yAxis is so lucky to have transferAndCall (T&C), which is an OG solidity professional and security expert. Even with T&C’s credentials, the audit process still brings value in having another set of eyes on the code and helping to create user trust. Given that, yAxis has an audit with Haechi scheduled to begin September 28th, a timeline only possible given yAxis’s prior relationship with Haechi.

In the meantime, there are other tools yAxis can leverage to bolster the robustness of v3’s security. Peer review is the primary tool in yAxis’s toolkit.

yAxis will continue to engage white hats through our Immunefi bug bounty. Moreover, yAxis’s War Room crisis response hotline through Immunefi will provide another ongoing layer of protection. In addition to these existing efforts, yAxis could also pursue a community-sourced peer review, such as Code 423n4. Code423n4 would establish a framework for yAxis to incentivize a community of white hats to generate a report of any issues found with the v3 code. Another team that’s utilized Code423n4 informed yAxis that their experience with C4 was valuable. Interesting issues were discovered even after a formal audit from an auditing firm. Check out the projects that Code423n4 has worked with here.

While both audits and peer reviews can provide value, each approach brings their own issues with misalignment of incentives — nothing is perfect. Audit firms are in high demand and are turning around audits very quickly. They are paid regardless of whether they find issues and are not responsible for exploits on code they’ve reviewed. On the other hand, participants in bug bounties are only paid to find issues, so they may opt to review lower quality code. In addition, it’s often more lucrative for these participants to exploit the issues themselves rather than accept the bounties.

Therefore, a combination of both audit and peer review, along with the ongoing War Room crisis response hotline, leave yAxis well-positioned, but none of these measures are perfect. A key differentiator for yAxis is starting from a place with T&C as a security expert. Unlike the v2 codebase, the v3 codebase is a complete rework focused on quality and documentation. Given this, yAxis in confident in its position and is excited to bring the v3 Canonical Vaults to market as quickly and securely as possible. As a result, yAxis opened up a community discussion to inform this launch process.

Highlights from Community Feedback on Forum

  1. 12 out of 14 community members indicated support for a guarded launch prior to the completion of a formal audit.

There were a multitude of other interesting ideas mentioned during the Forum discussion. One community member suggested adjusting the performance fee lower at the start of the guarded launch to help attract users and then normalizing the fee once the audit and full launch are completed. Another individual mentioned incentivizing early users of the guarded launch, which is along the same line of launching with a lower performance fee. In addition, some other ideological considerations were raised. One individual pressed that time is of the essence with the rapid pace of innovation in the DeFi space, while another community member asserted that you only get one reputation, whether an issue occurs during a guarded or unguarded launch. Lastly, dogperrokukur linked RektHQ for a reminder that audits don’t guarantee anything.

Reaching Consensus on Launch Strategy

Based on the highlights above, there seem to be a few points of consensus emerging throughout the community, all of which align pretty closely with yAxis Team and Champs sentiment as well.

  1. Complete a Code423n4 or similar peer review prior to a guarded launch with a TVL cap. Some sort of incentive mechanism, such as a lower performance fee, could be a tool to help bootstrap the guarded launch.

The yAxis team is eager to begin this launch journey alongside the community. Such robust community engagement and participation continue to propel yAxis. Given the recent Convex Finance strategy pull request, things are shaping up well on the strategy side following the completion of core v3 development, so while under the radar, the yAxis Team and Champs are excited about our current positioning.

The full recording of this week’s episode can be found on YouTube and in podcast format.

yAxis Project Stats of the Week

  1. MetaVault TVL $3.2 million.

Join Us: Bounties & Jobs

Coordinated by the yAxis Champions Programme, the yAxis Bounty Board lists requests for proposals (RFPs), where community members can respond to specific Project needs and receive compensation upon task completion. See the current opportunities below and check the Bounty Board frequently as more opportunities will be added over time, such as the recently added Convex Development Bounty, which led to this Github Pull Request.

If none of the current opportunities appeal to you, but you would still like to contribute, reach out to waali@yaxis.io. You have the opportunity to shape the next era of yAxis.

That concludes the eighteenth edition of The Weekly Yax. Thank you for reading and looking forward to many more!

Onward and upward, Herd!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store