Yearn Finance

Yearn Finance receives a C+ risk grade (38/100) from Hindenrank, where lower scores indicate lower risk. Moderate risk — pioneered yield vaults and holds $560M, but repeated legacy code exploits and admin key risk undermine confidence The original DeFi yield aggregator that automatically invests your deposits across lending and trading protocols to maximize returns. It manages $560M in deposits. Its C grade reflects four separate hacks across its history -- including two in 2025 targeting old vault code -- and the risk that a compromised admin key could redirect all vault funds instantly.

The key risks identified for Yearn Finance are: (1) Four separate hacks have hit Yearn vaults, including a $9M exploit in December 2025 and a $11M exploit in 2021 -- old code keeps getting attacked (2) An admin key holder can attach a new strategy to any vault at any time with no delay -- if that key gets stolen, vault funds can be drained instantly (3) Your deposits are spread across other DeFi protocols like Aave and Curve -- if any of those get hacked, your Yearn vault takes the loss

Yearn Finance scores 38/100 across eight risk dimensions: Mechanism Novelty: 2/15, Interaction Severity: 8/20, Oracle Surface: 0/10, Documentation Gaps: 3/10, Track Record: 13/15, Scale Exposure: 5/10, Regulatory Risk: 2/10, Vitality Risk: 5/10. The highest risk area is Track Record at 13/15.

Among 116 rated Yield protocols on Hindenrank, Yearn Finance ranks #68 by safety (lowest risk score = safest). Its 38/100 risk score and C+ grade place it in the middle tier of Yield protocols.

Yearn Finance scores 13/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.