Security
Last updated
Last updated
Yala is a DeFi platform focused on offering YU, a Bitcoin-backed stablecoin that can earn yield across multiple blockchain ecosystems (meta yield). Please read our whitepaper to understand the protocol design and mission of bringing DeFi capabilities powered by Bitcoin to a wider ecosystem.
This document outlines the security system design for Yala's YU stablecoin and the infrastructure enabling its meta-yield earning potential across different chains and DeFi platforms.
At Yala Labs, we are committed to building secure and trusted DeFi solutions that unlock Bitcoin's value proposition through innovative approaches like YU. We aim to bridge Bitcoin's robustness with the burgeoning DeFi sector, allowing Bitcoin holders to earn yield while preserving Bitcoin's core tenets. Yala welcomes community participation to learn, contribute, and collectively build our decentralized financial future. As a pioneering DeFi primitive for Bitcoin, we rigorously explore potential risks and collaborate with security experts to develop a robust protocol aligned with Bitcoin's principles of decentralization and self-sovereignty.
As a module-based system built on Bitcoin, Yala inherits the underlying security of the Bitcoin network. Our paper will focus on the module designs, and here is a list of some key components in the Yala architecture design:
Asset management : Yala facilitates collateralizing two distinct asset types: Bitcoin and inscriptions. For Bitcoin, the protocol utilizes the multisig MPC technology from Fireblocks to ensure secure storage of assets within a vault on the Bitcoin network. Inscriptions are managed by integrating black-and-white modules based on the Unspent Transaction Output (UTXO) model.
Federated indexer: Indexers operate under the validation guidelines outlined in the BRC-20 protocol. They are responsible for processing transactions, monitoring balances, and verifying the authenticity of inscriptions. Collaboration with Nubit enhances the validation of the protocol's Data Availability (DA) layer.
Decentralized Oracle network: This component provides up-to-the-minute price data for assets used as collateral within the protocol. Accurate pricing is crucial for managing liquidations and maintaining stablecoin pegs.
EVM-Compatible DeFi smart contract protocol: The foundational lending protocols are implemented on Ethereum Virtual Machines (EVMs), inheriting the robust security framework of the EVM ecosystem.
Asset security is a pivotal concern for users considering the Yala solution, which supports the collateralization of Bitcoin and inscriptions assets. Here is a concise overview of the security strategies for these assets.
The protocol utilizes the Fireblocks MPC vault for Bitcoin collateral to ensure asset security. Fireblocks' MPC Wallet-as-a-Service (WaaS) leverages state-of-the-art Multi-Party Computation (MPC) technology to deploy a Threshold Signature Scheme (TSS), offering a robust security mechanism. In this MPC-TSS framework, each participant generates private key segments collaboratively within a protected environment. This enables joint transaction signatures without revealing individual key segments or forming an actual private key. This innovative approach ensures that the conceptual private key—for transaction execution—never physically exists on any device, presenting a unified value created collectively. Such a configuration eradicates any single points of failure, substantially complicating attempts at key theft, internal deceit, and collusion by malicious entities. It guarantees that no single participant can independently control funds. Transaction execution requires a consensus among designated signatories, reducing risks linked to solitary failure points and unauthorized access. This method involves securing private keys in an isolated environment and distributing them among five trusted individuals. The multi-signature wallet is crafted using sophisticated cryptographic practices like P2SH or P2WSH to safeguard transaction authenticity. The system prioritizes stringent access management, explicit definitions of signatory roles, and thorough identity verification. Regular security evaluations and established protocols for key recovery and substitution strengthen the vault's defense. For the long term, the governance will transition to the Yala Foundation.
Yala adopts a modular strategy for the BRC-20 framework, enabling seamless development and integration of inscription-based applications. This approach, detailed by Unisat, emphasizes security principles to maintain the integrity, confidentiality, and availability of the BRC-20 network.
Black Modules are designed for deposits and provide a straightforward security setup. Their primary aim is to guarantee deposits' security, verifiability, and irreversibility, except for transitions to White Modules.
White Modules are dedicated to withdrawals and require unanimous support from indexers and the adoption of a consensus algorithm specific to these modules. Withdrawals are prohibited until a Black module is officially converted into a White one. This conversion is irreversible; once a Black module becomes White, it cannot revert to Black. The decision to convert a module originating from a source inscription to White is made through a collective vote by all participants.
In DeFi platforms like Yala, where operations span multiple blockchain ecosystems, the security of cross-chain interactions becomes paramount. BRC-20 tokens, at the heart of Yala's operations, rely on a network of indexers to manage transaction details and balances. Unlike ERC-20 tokens that maintain balances directly on the blockchain, BRC-20 tokens utilize centralized indexers for off-chain balance management in a JSON format. This centralized approach has historically introduced vulnerabilities, as evidenced by the April 2023 incident involving Unisat, where a double-spending attack led to significant financial losses. This incident underlines the critical need for a more secure and robust indexing system to ensure the integrity and reliability of cross-chain transaction data. To mitigate these risks and address the inherent challenges of centralized indexers, Yala proposes a comprehensive approach that combines decentralized indexing with enhanced cross-chain security protocols. This approach includes:
Decentralized indexing framework: Transitioning from a centralized to a distributed network of indexers to reduce single points of failure and distribute trust. This framework ensures that transaction details and balances are managed more securely and transparently across multiple chains.
Federated voting mechanism: Implementing a federated voting system within the network of indexers to reduce centralization and ensure that decisions regarding indexing and data management are made collectively, thereby enhancing security and trust in the system.
Rigorous data verification and consensus protocols: Stringent data verification and consensus protocols guarantee the accuracy and integrity of token balance information, which is especially crucial in a cross-chain environment where data consistency across different blockchains is essential.
Cross-chain security enhancements: This specifically addresses the security of cross-chain operations by implementing dedicated mechanisms for secure data transfer and validation between chains. This includes cryptographic proofs for verifying transaction finality and integrity across different blockchain ecosystems, ensuring that cross-chain transactions are processed securely and reliably.
Collaboration for enhanced DA: Partnering with entities like Nubit to leverage advanced DA techniques for indexer validation. This collaboration aims to promote honest and transparent practices among indexers, further strengthening the security and reliability of cross-chain data management.
By adopting this multi-faceted approach, Yala aims to establish a more secure, decentralized, and resilient infrastructure for managing BRC-20 tokens and facilitating cross-chain interactions. This addresses the vulnerabilities associated with centralized indexers and lays a robust foundation for secure and efficient cross-chain DeFi operations, ensuring the integrity and reliability of the Yala ecosystem across multiple blockchain platforms.
Yala Finance prioritizes oracle security because it relies on real-time asset price data for its lending protocol. This data, sourced from Oracle nodes, is processed by the Oracle and OSM Modules under the Yala Foundation. In Web3, smart contract security heavily depends on oracles for external data integration. However, this dependency brings security risks, as compromised data integrity from oracles can jeopardize the smart contract. Thus, ensuring high-quality data inputs and a secure oracle mechanism is crucial to protect against potential exploits and maintain the robustness of decentralized applications. In the early journey, the Yala Foundation acts as a coordinator composed of Yala holders, participating in rate setting, price stabilization mechanisms, maintaining lending script codes, and monitoring the market for emergency preparedness.
A key benefit of the Yala solution is its ability to leverage established EVM-based DeFi platforms, such as Aave and MakerDAO, which have demonstrated success over the past few years. By building on top of these protocols using Solidity, Yala can take advantage of their proven security practices.
Smart contract audits
High-reputational security auditors will systematically review our smart contracts. Based on auditor remediation guidance, we will prioritize medium and high-risk findings. We will employ automated testing tools during development to identify common vulnerabilities early in the design process. We will conduct bi-annually to account for upgrades and additions to our codebase.
Formal verification
Formal verification mathematically proves that smart contract code functions as intended. We will leverage external firms specializing in formal verification to analyze and validate all core components of the Yala Finance, including:
Lending and borrowing algorithms
Liquidity pools and yield farming rewards
Governance, staking, and voting contracts
Token econometrics and minting/burning logic
We will continuously perform formal verification as we upgrade existing components or introduce new features. All verification results will be publicly available to promote transparency in our development process.
A 24/7 security operations center (SOC) will monitor network activity, utilize vulnerability scanners, and collect threat intelligence to detect potential security issues rapidly. SOC analysts will investigate anomalies and determine if an incident has occurred based on the severity of the impact. Our incident response plan dictates actions to contain threats, mitigate damage, coordinate disclosures, and integrate fixes. We will also test the response plan through simulated scenarios to prepare for sophisticated attacks.
Yala Finance will provide educational materials outlining best practices for securing crypto wallets, detecting scam attempts, and understanding risks. Our Web3 interface will also support robust identity protections like multi-factor authentication, biometrics, and address allowlisting to prevent unauthorized access. These measures empower users to be their accounts' first line of defense.
By undertaking these comprehensive security initiatives, Yala Finance aims to set the standard for transparency, reliability, and safety in the DeFi landscape. This living document will grow alongside the protocol to address emerging attack vectors and integrate innovative protections suggested by our community.
The governance foundation will transform into a Decentralized Autonomous Organization (DAO) to ensure sustainable development and broader community engagement. This transformation aims to enhance transparency, increase community members' voting rights on key decisions, and foster broader community-driven innovation and growth. The roles of DAO include:
Enhancing transparency and fairness: Utilizing blockchain technology, DAO ensures that all transactions and decision-making processes are open and transparent, allowing community members to verify them in real time.
Community governance: DAO allows community members to directly participate in the decision-making process, including but not limited to fund allocation, project direction, and major policy changes. Each member has the right to voice their opinion and vote on proposals.
Incentive mechanisms: A DAO can motivate and reward community members for their contributions and participation through a token reward system, thus driving the growth and development of the ecosystem.
Flexibility and adaptability: The DAO structure allows quick adaptation to market changes and community needs, ensuring the project's continuous development and innovation.
By transitioning to Yala DAO, the Yala Foundation aims to establish a more democratic, efficient, and participatory governance structure, ultimately promoting the prosperity and innovation of the entire ecosystem. Yala's thoughtful protocol design for its Bitcoin-backed stablecoin YU and the planned robust security practices demonstrate a strong commitment to enabling secure and trusted DeFi solutions powered by Bitcoin. I'm excited to see this pioneering DeFi platform develop with integrity, unlocking Bitcoin's potential through innovative approaches like meta yield earning capabilities across multiple blockchain ecosystems. Fostering active community participation will be key to achieving a thriving and trusting DeFi ecosystem built on Bitcoin's fundamentals in the long term.