Yam Finance DeFi protocol has successfully prevented a malicious governance attack that would have allowed a hacker to steal the entire funds in its treasury. Decentralized finance protocols are now major targets for bad actors.
Yam Finance Thwarts Attack
Yam Finance (YAM), a decentralized finance protocol powered by Ethereum, has managed to thwart a malicious attack that would have enabled the bad actors to take over the governance processes and treasury of the protocol.
Per sources close to the matter, the Yam Finance team detected an anomaly in its protocol on July 9, two days after a hacker had embedded a malicious governance proposal into the platform via internal transactions, to make it harder for the community to detect.
“Earlier today, there was a governance attack on the DAO that has been thwarted. An unverified contract was deployed and a governance proposal was submitted via internal transactions to make it harder to notice. But the attack was noticed and the proposal has been canceled,” tweeted the project.
If the bad actors had succeeded, the malicious proposal deployed on the network would have enabled them to drain the entire funds in the Yam Finance treasury, which stood at $3.1 million at the time, according to on-chain data on DeepDAO.
More Trouble for Yam Finance
Launched during the crypto summer of 2020 as an experiment in monetary design and protocol governance, the project became the darling of yield farmers shortly after its launch, attracting $400 million in deposits from its early adopters. However, that success was short-lived, as a bug in its unaudited smart contracts eventually crashed the protocol.
However, the team behind the project was able to raise $115,000 in grants, which enabled them to conduct a comprehensive security audit that paved the way for a rebirth of Yam Finance.
“We will be setting up a Gitcoin grant to coordinate a community-funded audit of the YAM contracts. If the funding goal is reached, upon the completion of the audit, we plan to support the launch of YAM 2.0 via a migration contract from YAM,” said the team at the time.
Following the significant price crash witnessed by the YAM token, the Yam Finance community floated a proposal that would’ve allowed token holders no longer interested in the project to redeem their assets in the Yam treasury with YAM tokens at a price of $0.25. Though the proposal passed by a narrow margin, some members of the community have called for a re-vote.
“As some of you may have noticed, there was a snapshot vote recently that proposes to make the treasury redeemable at a pro-rata rate. This vote passed by a narrow margin and people complained that they didn’t even know it was happening,” tweeted Yam Finance.
Decentralized finance (DeFi) protocols have been a major target for hackers and crypto thieves in recent times. In 2022, alone, DeFi platforms have lost more than $1 billion to bad actors and these attacks will continue until blockchain projects start paying more attention to the security and resilience of their networks.