Our auditing fellowship program is a public good, covering smart contracts and zero-knowledge codebases.

Over the past 2.5 years we :

👩‍👩‍👦‍👦 Ran 8 fellowships 🐞 Uncovered 259 serious bugs in the process 🧑‍🎓 On-boarded 104 sec talent to the ecosystem 📜 Published original security research

yAcademy fellowships are trial-by-fire auditing programs where fellows shadow-audit alongside experienced auditors. The audited codebases are typically pre-deplyment production-ready.

Anyone can apply to join the fellowships. A vetting process comprised of assessment exams and technical interviews is implemented by the core team of yAcademy to ensure fellows have the technical skills to catch up quickly and learn. Prior experience in Solidity/Vyper/ZK is not required, however.

Fellowships start with a warm-up week where fellows are given CTF-like exercises and mentored throughout their attempts to solve them.

Auditing sprints typically go on for 2-4 weeks depending on the size and complexity of the codebase.

Fellows are divided into groups, with the core team of auditors providing mentorship to all.

Retreat sessions are held throughout the fellowship, whereby leading security experts are invited to present to the fellows.

At the end of each sprint, fellows submit their reports alongside the reports of yAcademy's resident auditors (and, occasionally, guest auditors).

Previous audits (smart contract fellowships): https://reports.yacademy.dev

Previous audits (ZK fellowships): https://yacademy.dev/fellowships/zBlock1