How One Line of Code Destroyed Yam DeFi

The now notorious project, Yam.Finance, was launched without a proper code audit just like many other projects in the space.

"Not having an audit is currently seen as a good way to use reverse-psychology to do marketing." He added, "It creates the perception that these projects are so in-demand, and that you're getting in on it at the ground floor, before other people have heard of it."

According to Ma, many popular projects like Yearn Finance, Cream and Yearn Finance II were launched in the same fashion.

He notes that it does not necessarily mean that DeFi users need to be paranoid about these beloved projects; Ma noted that "The most danger lies in the early days."

If a project survives its early growing pains, it "Starts to accumulate many informal security reviews".

In the case of Yearn Finance, Quantstamp ended up performing a formal security audit later on.

Yam was not fortunate enough to make it to that stage.

Though Ma performed an unofficial audit of some of Yam's smart contracts, he did not audit the one that led to the project's failure.

Quanstamp's CEO does not believe that the Yam debacle will break DeFi as "DeFi people have a way of being okay with volatility".

He also added that many crypto influencers invested in the now defunct project, noting that "So many influencers got into YAM - it's about 1/3rd of my twitter feed now".