Yearn's security policy is available at https://github.com/yearn/yearn-security/blob/master/SECURITY.md
This git repository is a central place for all other security-related information about the Yearn project. It includes the following:
- Security contact PGP keys (
keys/
) - Public disclosures (
disclosures/
) - Security audits (
audits/
)
The files contained in this repository can be verified in two ways:
- By verifying the git commit tags (
git tag -v
) - By verifying the detached PGP signatures provided for most files included here