Yields Digital

Security

Last Updated: January 14, 2026

1. Our Security Commitment

At Yields Digital, security is fundamental to everything we build. We are committed to protecting our users and maintaining the highest standards of security for our platform. This page outlines our security practices and provides guidance for users.

2. Platform Security

Yields Digital is designed with security-first principles:

  • Non-Custodial: We never have access to your private keys or control over your assets. Your wallet remains entirely in your control.
  • Read-Only Connections: When you connect your wallet, we only read publicly available blockchain data. We cannot initiate transactions on your behalf.
  • No Asset Custody: We are an analytics and information platform only. We do not hold, transfer, or manage any cryptocurrency assets.
  • Public Data Only: Portfolio analysis uses publicly available on-chain data that anyone can access via blockchain explorers.

3. Infrastructure Security

Our infrastructure is built on enterprise-grade security foundations:

  • Cloud Infrastructure: Hosted on a leading cloud infrastructure provider with enterprise-grade security certifications and compliance standards.
  • Encryption in Transit: All communications are encrypted using TLS 1.2+ to protect data during transmission.
  • API Security: Our APIs implement rate limiting, request validation, and authentication to prevent abuse and unauthorized access.
  • Secrets Management: Sensitive credentials are stored using encrypted secrets management with strict access controls.
  • Monitoring: Continuous monitoring and logging for security events and anomalous activity.

4. Data Protection

We minimize data collection and protect what we do collect:

What We Don't Store

  • Private keys or seed phrases
  • Wallet passwords or PINs
  • Personal identification documents
  • Bank account or credit card information

What We Process

  • Public wallet addresses (for portfolio analysis)
  • Publicly available blockchain transaction data
  • Basic usage analytics (anonymized where possible)
  • Session data for authenticated features

5. Third-Party Integrations

We integrate with trusted, vetted third-party services for wallet connection and blockchain data aggregation. Each integration is carefully evaluated for security practices and data handling policies before being incorporated into our platform.

For a complete list of our data processors and third-party services, please see our Privacy Policy.

6. Smart Contract Risks

Important: Yields Digital does not develop, deploy, or control any smart contracts. When you interact with DeFi protocols:

  • You are interacting directly with third-party protocols, not with Yields Digital.
  • Smart contracts may contain bugs, vulnerabilities, or be subject to exploits.
  • We provide risk assessments through our LYRA framework, but these are informational only and not guarantees of safety.
  • Always do your own research (DYOR) before interacting with any DeFi protocol.

7. Security Best Practices for Users

Protect yourself by following these security practices:

Wallet Security

  • Never share your seed phrase or private keys with anyone
  • Use hardware wallets for significant holdings
  • Enable all available security features on your wallet
  • Keep your wallet software updated

Phishing Awareness

  • Verify you are on the correct domain: yields.digital
  • We will never ask for your seed phrase or private keys
  • Be cautious of unsolicited messages claiming to be from Yields Digital
  • Bookmark our official site to avoid phishing links

Official Domains

  • Website: yields.digital
  • QA Environment: qa.yields.digital

8. Vulnerability Disclosure

We take security vulnerabilities seriously. If you discover a potential security issue, please report it responsibly:

  • Email security concerns to: security@yields.digital
  • Include detailed steps to reproduce the issue
  • Allow reasonable time for us to investigate and address the issue
  • Do not publicly disclose until we have had an opportunity to remediate

We appreciate responsible disclosure and will acknowledge researchers who help us improve our security.

9. LYRA Risk Framework

Our proprietary LYRA (Liquidity Yield Risk Assessment) framework provides risk analysis across four dimensions:

  • Asset Risk: Token stability, liquidity, and market factors
  • Pool Risk: Liquidity depth, impermanent loss exposure, utilization
  • Protocol Risk: Smart contract security, audit status, governance
  • Chain Risk: Network security, decentralization, track record

While LYRA provides data-driven risk assessments, it is intended as an informational tool only and should not be considered financial advice.