Report identifies 18 serious 'non-financial risks' for DeFi

Published at: Dec. 11, 2020

A November report by data and research company BraveNewCoin has highlighted a number of serious ‘non-financial’ risks in decentralized finance.

The financial risks involved with DeFi have been well documented, but the new report delves into more technical concerns associated with Ethereum-based smart contract finance protocols.

The report, penned by BNC analyst Xavier Meegan, begins with scalability risks which anyone dealing with DeFi in September this year will be familiar with. Network congestion resulting in high gas fees and failed transactions can cause DeFi protocols to malfunction or not work as intended.

During the height of the yield farming frenzy, average Ethereum transaction fees skyrocketed to record figures around $15. The report cited the Black Thursday event as an example;

“We saw this happen on Black Thursday in March 2020, when actors in MakerDAO (liquidators) could not access auctions to bid on collateral,resulting in collateral being sold for free.”

Numerous smart contract vulnerabilities were cited, including reentrancy risk which occurs when a contract sends ETH before updating its internal state. The $25 million dForce attack in April is an example of a reentrancy exploit.

Flash loans (where assets can be borrowed and repaid within the same transactions) can exploit this, with notable examples this year including bZx, Opyn, Harvest Finance, and more recently Pickle Finance.

Oracles also pose a risk as a smart contract may receive deceitful or innacurate input regarding off-chain values or asset prices due to the manipulation of information from the provider or a malicious actor.

Protocol design can pose a risk if it can be manipulated to benefit cyber-criminals. Composability is a good example of this whereby a DeFi protocol needs to rely on another protocol to function. The report noted that the "money Lego" concept of interconnectivity within the ecosystem opens it up to further risk;

“The current inter-connectedness of DeFi is extremely similar to how traditional finance was before the Global Financial Crisis (GFC) in 2007–08.”

There is also centralization risk associated with DeFi, if protocols are controlled by a central intermediary or governance is controlled by a few whales. Uniswap’s first governance vote was a good example of how a small number of players can attempt to control the outcome. Additionally, the bulk of stablecoins used in DeFi are centralized and controlled by corporations.

Reliance on Infura as a node infrastructure operator is also risky as the industry found out during the minor outage in mid-November. Infura provides cloud-based Ethereum clients so that users do not have to run their own nodes.

“An estimated 63% of the Ethereum community use Infura as their preferred method of interacting with the blockchain. What are the consequences if Infura does not function as expected one day?”

The report added that there were several other risks such as economic incentive risk, financial illiteracy risk, and regulatory risk. It concluded that there was also the risk of more risks being found making the entire ecosystem sound like one big financial nightmare!

Tags
Technology
Defi
Related Posts
No-collateral lending protocol Teller opens public alpha to NFT holders
Teller Finance, a project building an undercollateralized lending protocol for decentralized finance, has announced the launch of its mainnet alpha stage. This will enable certain users to obtain credit without being required to post collateral, which is the case for most other DeFi lending protocols. The Teller alpha will be accessible only to holders of a special nonfungible token, called the Fortune Teller NFT. The tokens will be sold on Thursday, with half of the proceeds of the sale going to the protocol’s liquidity pools, and the remaining half will be used to fund development. Only $10 million in total …
Technology / March 23, 2021
Warp Finance reportedly loses up to $8M in flash loan attack
DeFi lending protocol Warp Finance has reportedly suffered a flash loan attack resulting in the loss of as much as $8 million in digital assets. Reports are coming in that an attacker has made off with between $1 million, to as much as $8 million according to DeFi Prime. The losses follow a series of flash loans that have exploited vulnerabilities in the Warp Finance protocol. Warp Finance is a new DeFi platform announced in early November that enables users to deposit liquidity provider (LP) tokens from other protocols and receive stablecoin loans in exchange. The Warp Finance Twitter feed …
Technology / Dec. 18, 2020
Yearn Finance announces another ‘merger’ with the Cream lending protocol
Two days after Yearn Finance (YFI) and Pickle Finance joined forces in DeFi’s first effective merger, Yearn founder Andre Cronje published details of another upcoming integration with Cream, a lending protocol similar to Compound and Aave. The blog post, published on Thursday, outlines how the two protocols will cooperate for the launch of Cream V2. As part of the partnership, the teams will merge development resources and introduce several symbiotic interactions between the two protocols. Yearn users will be able to put their vault tokens — their share in a yield farming strategy fund — as collateral to borrow on …
Technology / Nov. 26, 2020
DAOs need checks and balances to have better governance
Over the past few years, decentralized autonomous organizations (DAOs) have introduced a clear paradigm shift in blockchain governance. With their community decision-making and adherence to hardcoded rules, they have challenged the role of hierarchy and central authority that are present in modern organizations, especially as it pertains to business. Ideologically, DAOs have a lot in common with democracies: individuals holding an amount of a DAO’s specific token can allocate those tokens as votes on governance proposals. Once voting has concluded, the final outcome is executed autonomously by smart contracts. In functional democracies, however, citizens elect representatives to legislate laws and …
Decentralization / Oct. 18, 2022
Cosmos Interchain Foundation allocates $40M for ecosystem development in 2023
According to a medium post on Feb. 20, the Interchain Foundation (ICF), a non-profit organization behind the creation of the Cosmos (ATOM) interblockchain communications (IBC) ecosystem, has committed to spending approximately $40 million in 2023 to develop its core infrastructure and applications. As a part of the Interchain Stack, which is utilized by around 50 blockchains, these include the Tendermint Core (and now CometBFT), Cosmos SDK, Cosmos Hub, and the IBC protocol. "Throughout the year, we envisage engaging other teams to deliver smaller, tightly defined tasks within each area of work. Such contracts will be to supplement the work of …
Adoption / Feb. 21, 2023