The financial industry has come a long way to establishing a sophisticated network of institutions and markets with a variety of tools driven by centralization. Yet, the need for autonomous financial systems and the desire to eliminate the middleman never quite went away, eventually creating DeFi – the term given to the decentralized financial system, which includes a wide range of services, such as decentralized trade and exchange.
The total value locked in DeFi protocols is $72.043 billion as of today according to DeFi Pulse. It is obvious that there are some clear advantages to the DeFi space – it allows for a flexible, direct person-to-person trade with high levels of transparency and zero requirements for joining. However, certain disadvantages have come to challenge DeFi’s status quo, posing questions as to whether the system is as credible and secure as we imagine it to be.
Hacks and scams
The expanding space of DeFi attracts hackers with large volumes of investments locked. In 2020 alone, cyber attacks launched on DeFi caused $129 million-worth damage in comparison to no damages recorded in 2019. When it comes to the overall losses, 122 attacks were carried out with $3.78 billion losses in the crypto space. Vygandas Masilionis, the CEO of Lossless, a protocol which freezes and returns stolen funds back to the owner’s account, told CyberNews about the issues DeFi is currently facing.
“The reason for DeFi hacks occurring so frequently could be split into two – intentional so called “rugpulls” from anonymous teams and hacks or exploits of legitimate projects that occur due to the complexity of smart contracts and the nature of blockchain technology – everyone having access to the public code, leaving more room for bad actors.”
Craig Steven Wright, who claims to have belonged to the main team that created bitcoin, called DeFi projects a “complete scam” during the virtual conference Reimagine 2020. While there are many credible DeFi protocols, fake ones are speedily entering the market. As Masilionis explains, certain small contracts and unaudited protocols make up the biggest security issue challenging the DeFi space.
DeFi protocols are continuously facing attacks with Alpha Finance suffering $37.5 million in losses when Alpha Homora V2 product was exploited. This comes back to filling the market gaps of providing theft-prevention security if the identification of vulnerabilities is not carried out properly.
How to invest in DeFi safely?
While using DeFi might come with certain challenges, there are some good general rules that will help you stay safe. Masilionis identified three key steps you need to take to ensure your investments are secure, transparent, and fair.
- Don’t trust blindly
If you decide that listening to other people is a rational thing to do, opt for expert opinion rather than anecdotal evidence from random advisors. Remember that while personal experience might be of certain use, it is likely not as important as getting credible information from a trustworthy source. Furthermore, when taking advice from strangers, you are putting yourself in danger of falling for scams.
- Understand what you are getting yourself into
According to Masilionis, due diligence is key for any type of investment. Before you decide to put your money in a certain protocol, do the necessary research to understand how it works, what are the possible risks, and what kinds of vulnerabilities they have. Assess and remember: investment is not gambling, it is a calculated balance between risk and profit.
- Keep up good cybersecurity practises
To avoid being an easy target for malicious threat actors, it is important not to publicly disclose your crypto net worth. Apart from that, all of the general security rules apply: use a password manager and a two-factor identification, be aware of the files you click on, and store your login information safely.
Is there a way to make DeFi a safer space?
While understanding the risks that come along with using DeFi is certainly a good place to start, Masilionis argues that regulations and higher standards will help DeFi on its road to becoming more secure.
“In the long run, to address the intentional exit scam strategies, we hope that Lossless will act as a safety standard – all projects without Lossless integration could be deemed untrustworthy. In the meanwhile, the whole DeFi ecosystem, whether on BSC or ETH network, could enjoy peace of mind against frequent DeFi hacks. To achieve that, we want to use the same mechanisms as Tether does, but in a decentralized way. Tether (USDT) can freeze any funds on the blockchain and revert that, but they are solely centralized on Tether decisions. In the case of a hack, they could help by recovering those funds. But here, the decision is not made solely by us, but comes from several different parties and entities.”
As such, DeFi is currently subject to existing regulation laws, but since there is no centralized governing system, it is unclear who should be held responsible for violations happening within the space. It is necessary to rethink regulations applicable to DeFi to overview the issues of liability while maintaining its status of a fully decentralized blockchain.