During this assessment, we did not uncover any severe issues and in summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

Yearn implements a program allowing Yearn contributors to buy YFI at a discount each month, the discount is subject to the duration of their veYFI lock and the purchased YFI are immediately locked into veYFI according to the contributor’s current lock.

—

Yearn Finance is “a suite of DeFi tools and products in an interconnected financial ecosystem running on various smart contracts. The yEarn Finance ecosystem is community-controlled and governed via a governance token called YFI.”

Source: https://docs.yearn.finance/resources/defi-glossary