Summary
The audit found multiple severe issues (for a detailed description see the Resolved Findings section). All severe issues have been fixed accordingly. In summary, we find that the codebase now provides a good level of security.
Yet, the types of issues identified indicated that the code had an insufficient diligent internal review process and meaningful testing. E.g., the critical issues should have been caught as these issues are well-known in vaults. We highlight this to make YieldNest aware that in the event of contract updates, a thorough review and testing process is essential to ensure the security of the codebase.
For the current version of the code, we are not aware of any further severe issues, but it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project. These measures include, but are not limited to, further unit and integration testing, fuzzing, and a careful roll-out in case significant funds are expected to be held by the new code base.
About YieldNest Protocol
YieldNest implements a liquidity pooling system built on top of EigenLayer, where users can deposit ETH and LSD tokens and earn yield.
YieldNest is a next-generation liquid restaking protocol that provides simple-to-understand, risk-adjusted restaking strategies.