Published in


Refactoring for security. Recalibrating for sustainability.

care about building hyper-optimal vaults. We care about having the lowest fees. We care even more about the safety of our users’ funds — even from ourselves.

We are immensely grateful for the support the community has shown us since our inception and hence, do owe it to our users to ensure that we provide the highest level of security to the funds they have entrusted with us. At the tradeoff of slowing down innovation, we feel that investing in security now will reap tremendous returns in the long run.

AutofarmV2 does not have much to show for on the frontend, but many security upgrades have taken place in our contracts. Most were small upgrades/patches.


We have implemented time locking contracts compliant with the battle-tested Openzeppelin timeclock controller contract with a minimum lock duration of 24 hours on all function calls besides those explicitly specified. Functions that interact with the main contract and/or vaults that do not require a timelock include:

  • add() — Add a new pool with 0 AUTO allocation.
  • set() — Increase/decrease AUTO Allocation (12h timelock).
  • earn()
  • farm()
  • pause()
  • unpause()
  • rebalance() — for Venus vaults
  • wrapBNB() — for the Venus WBNB vault

Note: Timelock durations are currently <1 min to facilitate the V2 migration. Once migration is over, they will be increased to stated durations.

Security Patches

Through the constant review of our own contracts and from other projects in the space, we have added some minor security enhancements to safeguard users, mostly from ourselves / the future governance.

In general, we stand by the following principles for all our auto-compounding vaults. If we release any new vault that goes against these 2 principles, we will be responsible for informing the community + the reasons why we are deviating from these principles.

We never hold funds in our contracts.

Check our contracts on your preferred block explorer. You should never find any significant amount of funds held within. They should either be out on the farm getting you more yield or safely back in your wallet, never lying around in our contracts, exposing them to increased risks.

We never do vault migration.

Vault migration has been the culprit of too many exploits and/or rug pulls. There is significant merit in helping users migrate the entire vault of funds. We just think the risks significantly outweigh the benefits. Should one of our vaults become less profitable, we will prompt users to withdraw their funds and switch to another more profitable vault.


We have employed Vidar “the Auditor” to audit our smart contracts, and have resolved all major issues before the launch of V2.

Audit report:

24h Migration Period

A migration period allows for users to migrate their funds from VaultsV1 to VaultsV2 without losing AUTO mints and/or deposit fees.

  • 21 Jan 2021 1900 GMT — AUTO token emissions will stop. Please withdraw all funds from Vaults1 and deposit them into Vaults2 (the website will be updated by then). Deposit fees will be 0 during migration day. Auto-compounding will start on VaultsV2.
  • 22 Jan 2021 1900 GMT — AUTOv2 token emissions will start on VaultsV2. Deposit fees will be set to <0.1% for all vaults. Auto-compounding will stop on VaultsV1.
  • 25 Jan 2021 0100 GMT — AMA with the Autofarm team, hosted by BSC Gemz:
  • By ~19 Feb 2021 — Swap AUTO token to AUTOv2 on Exact dateline:


Having 0 fees is unsustainable. To ensure the long-term sustainability of Autofarm, we will be introducing:

  • 1.5% fee on profits for all vaults to buy back and burn AUTOv2 on the launch of v2.

This should bring value to early AUTO farmers who supported Autofarm through its most ambiguous days.

  • Autofarm dev team will also be time locking all our AUTO earned so far for 6 months, on 30 Jan 2021. We have not and will not sell any AUTO before then.

Repositioning for the Future

DeFi is inevitable. Vaults and DEX aggregators will continue to have a significant use-case well into the future. Be it on BSC, ETH, or any other chain, we hope to be able to run with the long-term growth of DeFi. We hope that you’ll join us.



Autofarm is a chain-agnostic, yield aggregating DeFi protocol with three key product offerings; a yield optimizer (vault service), DEX aggregator and an intelligent portfolio manager. Autofarm’s vision is to continuously innovate, expand and grow the Autofarm brand and protocol.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

One-stop DeFi hub with hyper-optimised cross-chain DEX & yield aggregators on 19 EVM-compatible chains