DeFi is a dangerous place. On every chain, insecure protocols bleed money due to greed, ignorance, or just pure chance. According to the Rekt leaderboard, over $2B has been taken by hackers since the start of 2021. But it doesn’t have to be that way. At Y2K, security is one of our core principles. Y2K uses both DeFi-native and traditional cybersecurity techniques to ensure that vaults are a world-class DeFi product.
Y2K Finance has commissioned Halborn to audit the core contracts of Y2K’s first product, Earthquake. Halborn has provided security reviews for various respected crypto/DeFi projects such as Solana, Polygon, Avalanche Wallet, Sushi, Euler Finance, Bancor, NFTFi, and Ocean Protocol, totaling over $20 billion in TVL. Y2K has chosen Halborn due to its strong track record in the security industry. According to John Wu (President of Ava Labs), “What sets Halborn apart is its extensive knowledge of best security practices inside and outside of the blockchain industry. With the pen test report on the Avalanche Wallet, Halborn led with the highest level of professionalism and extreme care with every last detail”. Halborn is widely trusted in the blockchain industry by a variety of projects: “Halborn serv[es] over 250 clients focusing on Layer 1 blockchains, infrastructure providers, financial institutions, and application and game developers”. Halborn has raised $90m in funding from notable technology investors Digital Currency Group, Castle Island, and Brevan Howard. Halborn has found 2 medium risk-level vulnerabilities, 2 low-risk-level vulnerabilities and made 3 informational recommendations. Y2K will patch all vulnerabilities before publicly launching vaults.
This isn’t the only audit Y2K will be receiving. All major protocol updates will be thoroughly reviewed by expert security researchers, whether auditors or external contractors, to ensure that all protocol upgrades are deployed securely. This is in accordance with DeFi security standards pioneered by organizations like MakerDAO. Y2K’s core protocol code will be available for public audit with a prize pool of $50,000 to incentivize skilled hackers to comb out any final bugs within the system. Come participate here. Additional rewards are included for critical vulnerabilities.
At Y2K, we inform our understanding of security with not just DeFi-native sources but also well-respected traditional cybersecurity research. One example is Y2K’s adherence to the “Open Design” principle of the National Institute of Standards and Technology (NIST). According to NIST’s guide to general server security, one recommended principle is “Open Design — System security should not depend on the secrecy of the implementation or its components.” At Y2K, we take these security standards seriously, embracing open source code and incentivizing both public and private auditors to thoroughly review code.
Y2K’s multifaceted approach to security helps ensure that our products possess institutional-grade security so that any DeFi user, DAO, or financial institution can appreciate a safe DeFi experience.
Join us on Discord/Twitter
Learn more about our products on Medium
Use vaults at Y2K.finance
Halborn is an award-winning, elite cybersecurity company for blockchain organizations.
Security work never ends. Halborn serves as a third-party partner to continuously assess an organization’s most vital assets, drive maximum value and provide world-class cybersecurity consulting and execution every step of the way — far beyond smart contracts.
Website | Blog | Twitter | Youtube