Risk mitigation

LYS Protocol takes security extremely seriously. Our smart contracts have undergone comprehensive testing and adhere to industry-leading best practices. Strict access controls, advanced network security measures, and proactive vulnerability management protect our infrastructure. We are committed to continuous security improvement and maintaining the highest level of protection for our users' assets.

Role-based access control

Our smart contracts have role-based access control (RBAC) for all important functionalities. These roles are assigned to multi-sig wallets that have different transaction execution criteria based on the functionality's importance. This approach ensures a high level of security and operational flexibility, allowing for the efficient management and safeguarding of critical contract functions against unauthorized access or malicious attacks.

Emergency protection

In case of a possible attack, our smart contracts implement emergency stop functionality, which halts all contract operations. This emergency stop, often called the "circuit breaker" mechanism, is designed to prevent further damage by immediately freezing all transactions and interactions with the contract. It allows our team to thoroughly investigate and address the security vulnerability, ensuring that funds and assets are protected from unauthorized access or theft. Once the issue has been resolved and the system's integrity is confirmed, we can safely resume operations, minimizing user impact and maintaining trust in our platform's security measures.

Transaction atomicity

Atomic transactions ensure that operations within a transaction are either fully completed or entirely reverted, with no intermediate states left in case of failure. This atomicity guarantees that if any part of the transaction fails, the entire transaction fails, thus ensuring the safety and integrity of funds by preventing partial updates that could lead to accidental loss.

Transparent execution

Our smart contracts are fully transparent, with open-source code that can be publicly verified on Etherscan. This level of openness invites everyone to examine our code and confirm its functionality, which helps build trust and demonstrates our commitment to responsible development practices.

Multi-sig & Upgrade Timelock

All of our smart contracts feature upgradeability, ensuring that should a bug be identified or a security breach occur, we can activate emergency protocols. This allows us to temporarily suspend the smart contract operations and address the issue by deploying a patch to fix the vulnerability. This measure not only enhances our system's security resilience but also provides a rapid response mechanism to protect user assets and maintain trust in our platform.

For enhanced security, contract upgrades require both a time delay and approval from a multi-sig wallet. This wallet is managed by a distributed group, including YGRO core contributors and potentially other trusted partners.

We prioritize user autonomy and security. Contract upgrades are carefully tested, audited, and verified by multiple signers. Users have a 24-hour window to review and decide whether to stay or leave before an upgrade occurs. This proactive approach was inspired by the need to avoid costly errors often seen in Web3 projects.

Audits

The LYS Protocol utilizes its proprietary smart contracts to provide unique functionality and financial services. We prioritize security as a paramount concern, so we collaborate with top-tier auditing firms in the blockchain industry. These auditors rigorously scrutinize our smart contract code to identify potential vulnerabilities and safeguard both your funds and ours. We are committed to continuous improvement and proactively work with auditors to maintain the highest security standards.

Bug Bounty

We have plans to offer bug bounties to the community and software development community at large to incentivize the responsible disclosure of vulnerabilities within our smart contracts. We understand the critical nature of security in the blockchain space and are committed to proactive collaboration with ethical hackers. Participants can expect rewards commensurate with the severity of the discovered flaws that are in line with industry standards. Our bug bounty program will provide clear guidelines for disclosure, outlining eligible smart contracts, vulnerability categories, and details on potential rewards.

Last updated