Bug Bounty

Following the launch of YIN Finance’s mainnet at the end of November 2021, we launched our own Bug Bounty Program as an effort to maximize the security of our mainnet products. We partnered with leading DeFi Bug Bounty platform Immunefi to launch the YIN Finance Bug Bounty Program on December 14th 2021. 
​
Through our partnership with Immunefi and its wider open source security community, we have attracted professional developers and bounty hunters to continuously conduct in-depth testing on our products, so as to timely identify and repair any bugs, threats and vulnerabilities found in the various functions of YIN Finance, especially those related to the security of user assets.
​
What kind of bugs is focused on preventing:
Thefts and freezing of principal of any amount
Thefts and freezing of unclaimed yield of any amount
Theft of governance funds
Governance activity disruption
Website goes down
Leak of user data
Deletion of user data
Access to sensitive pages without authorization
Assets in Scope
Smart Contract — YIN Asset Manager Vault (YANG)
​https://etherscan.io/address/0x271b7ed53e217d9a2dfa2b80ba39b436472eec04#code​
Smart Contract — YIN Uniswap V3 Positions Manager (CHI)
​https://etherscan.io/address/0x47311560a625042a4cd14ded8567472e79a7a26a#code​
Smart Contract — ChainLinkFeedsRegistry
​https://etherscan.io/address/0x3dad37a1dacdb0e5ce30ee738165efcdb3fdfadc​
Smart Contract — CHIVaultDeployer
​https://etherscan.io/address/0x7f990083369bc83e07be4029acc5eed29902dca3​
Web/App
​https://yin.finance​
All smart contracts of YIN Finance can be found at https://github.com/YinFinance. However, only those in the Assets in Scope table are considered as in-scope of the bug bounty program.
Last modified 10mo ago