DeFi protocols offer to earn up to 15% per annum, and protocols using Yield Farming (income pharming) - up to 100%. While Western Cen...
DeFi protocols offer to earn up to 15% per annum, and protocols using Yield Farming (income pharming) - up to 100%. While Western Central Banks continue to supportzero interest rate policy, DeFi market offerings look like a source of very good income. The same S&P 500 index rarely returns more than 10%. These high returns have contributed to the impressive growth of this sector over the past year. Now $ 4.2 billion is locked in DeFi protocols - 8 times more than a year ago. The DeFi situation is a lot like the ICO hype in 2017. But the impressive returns offered by DeFi products come with great risks that users of decentralized financial protocols don't always realize. How vulnerable are smart contracts of DeFi platforms, is it safe to invest in income pharming and what other risks are decentralized financing, we understand the material.
DeFi Smart Contracts Vulnerability
Security is the main concern of the new crypto sector. DeFi protocols are susceptible to malicious attacks or developer errors.
DeFi has no centralized management structures and unnecessary intermediaries - all the rules for the circulation of funds are spelled out in a smart contract. But without an intermediary controlling the settlement of the transactions, users must fully trust the software. Therefore, if an error creeps into it or a vulnerability is discovered, the system easily loses funds.
Vitalik Buterin, the creator of Ethereum, in an interview with Laura Sheen on her podcast Unchained, noted that the biggest problem with DeFi is that users underestimate the risks of smart contracts of decentralized protocols. He also warned them against investing all their savings in decentralized lending.
Interest rates in the DeFi sector are much higher than deposit ones for a reason - this is a payment for a higher risk. Buterin is not convinced that even proven decentralized platforms and protocols can guarantee complete code security and zero bugs. The developer emphasized that the DeFi sector is clearly not an area in which many ordinary people should invest money.
Buterin's opinion has a basis. This year, the DeFi sector faced a number of smart contract bugs that resulted in users losing funds:
- So, in February, a hacker twice exploited the vulnerability of the bZx protocol and brought ETH for almost $ 1 million. Then, due to an error in the algorithm, the criminal was able to deceive the price oracle checking the conditions for the execution of smart contracts. The bZx team used the admin key to shut down the protocol, which sparked accusations from the crypto community of being centralized. Centralized oracles are, in general, a weak point in DeFi protocols. In February, DeCenter predicted that the number of new attacks would grow and, unfortunately, we were not mistaken.
- In April, a scammer withdrew $ 25 million blocked in the Chinese DeFi protocol dForce, using its vulnerability.
- Funds in DeFi protocols can be lost not only through the fault of the developers, but also through excessive haste. So, at the end of April, an anonymous programmer Molly Wintermute launched the Hegic DeFi protocol, ordering a code audit from the well-known Trail of Bits company. However, the very next day, a one-letter typo in the code resulted in the loss of almost $ 48,000 that belonged to users. Wintermute gave the money back and restarted the protocol, but the incident highlighted the security standards of DeFi protocols - not even auditors can guarantee. The sector is developing so rapidly that developers do not have time to test protocols.
- In June, a smart contract error at Bancor caused the network to go offline.
- In the same month, an unknown hacker withdrew $ 500,000 in WETH, WBTC, SNX and LINK tokens from the pool of the DeFi project Balancer Labs, taking advantage of a smart contract vulnerability that allowed him to create a shortage of funds. He took advantage of the deflationary mechanism in STA tokens, burning 1% on every transaction. The hacker exchanged WETH tokens for STA and back 24 times, each time receiving 1% STA. The crime also brought down the STA rate by 70%.
All of these cases show that the DeFi sector needs stricter security rules, without which it is not ready for mass adoption. The industry is now developing blindly. She needs comprehensive audits from several firms, insurance against smart contract errors and hacker attacks. Otherwise, users will continue to lose their funds.
Yield Farming is temporary
Yield Farming is one of the main trends in DeFi and the main driver of the sector. The essence of Yield Farming is simple - the user can receive up to 100% per annum from the placement of their cryptocurrencies and stablecoins on various DeFi credit platforms. Most popular: Compound, Aave, Synthetix, Uniswap, Balancer. At the same time, Yield Farming allows even borrowers to earn money - sometimes it is even more profitable than borrowing. Platforms pay users their native tokens for any interactions with the DeFi protocol: providing liquidity, obtaining loans, voting. That is, income pharming projects develop due to the network effect - new receipts.
It is believed that this should stimulate users, but in reality it resembles a bubble. Yield Farming is really like a pyramid scheme, and all its participants are well aware of this (we hope that they do). Yield Farming users hope they can make money by attracting liquidity, capital and new users to the platform. As long as there is an inflow of funds, the whole system works.
In the aforementioned interview, Buterin also revealed that he is concerned about the volatility of Yield Farming. He believes the protocols are not going to constantly give out coins to users.
"It's not for long. Once the bait for users disappears, you can see the rates of return fall very close to zero percent, ”said Buterin.
At any time, the protocol teams can refuse to distribute tokens or make it less profitable.
Bitcoin growth threatens the DeFi sector
Kelvin Koh, co-founder and CIO Spartan Group, and previously a former partner of Goldman Sachs, on July 28 in a series of tweets said that the rising cost of Bitcoins will negatively affect DEFI-sector.
Koch believes that the Bitcoin rally that has begun encourages traders to withdraw their capital from the rapidly growing, but so far not very secure sector of decentralized finance, and invest in the first cryptocurrency, which has already repeatedly proved its reliability. Most DeFi tokens have risen strongly in the wake of the hype around the new sector, but the analyst expects their sell-off in the coming sessions.
Koch's predictions are confirmed by the fall of a number of DeFi tokens - DAI, HOT, COMP, SUSD and REP - over the past seven days, just after the start of the BTC growth and reaching an annual maximum of $ 11,420. ETH, by the way, also grew by 20%, showing an annual maximum. Koch expects the DeFi correction to continue.
“When everything goes up, people do not think about risk ... When asset prices go down, everyone will try to exit at the same time, creating a downward spiral ...”, - he summed up.
This correction of DeFi tokens also has a positive side - the market will be slightly cleared of weak projects, most of which grew on the excitement around income pharming, leaving only those that are focused on long-term business models and have real value.
“Hopefully this will be a short and less painful lesson for investors,” the analyst added.
Volatility as a source of volatility
The volatility of cryptocurrencies used as collateral in DeFi systems makes them highly volatile in the event of an unexpected market crash. When the price of underlying assets locked in protocols drops sharply, users begin to liquidate them en masse, which can bring the entire system to a standstill. To prevent this from happening, credit protocols try to secure loans with excess assets, but this lowers their cost.
On March 12, Donald Trump gave a ten-minute speech that COVID-19 has arrived in the US - this, combined with the WHO's official announcement that the coronavirus outbreak is a pandemic, has caused panic in global markets. They sold everything, and the crypto market collapsed almost twice in a matter of hours. This dramatic change in rates led to the collapse of DeFi - a number of protocols simply ceased to function. Two of the most prominent examples are MakerDAO and Compound.
In mid-March, hackers attacked the MakerDao project. Taking advantage of the protocol vulnerability, they spammed the ETH network and won auctions to buy a coin worth $ 8.3 million for almost nothing. In normal times, this situation should not have happened, but hackers took advantage of the sharp drop in the market on March 12-13.
When the value of ETH began to plummet on the evening of March 12, the MakerDAO oracles - automated bots that determine asset prices for lenders and borrowers - were unable to keep up with the speed and scale of the price drop. MakerDAO users were desperate to get their loans back, but severe network congestion and outrageously high gas rates prevented them from both depositing more ETH (to maintain a 150: 100 collateral to loan ratio) and paying off their DAIs. This led to the liquidation of assets at absurdly low prices. Compound similarly lost over $ 4.2 million, mostly backed by ETH.
The asset liquidation mechanism is also one of the pain points of the DeFi protocols. When network problems arise, elimination-based mechanisms can wreak havoc on unsuspecting users. Positions cannot be repaired in time, loans cannot be repaid, oracles cannot update their prices, oracles' prices lag behind their true value, and liquidation operations cease to function properly.
Instead of a liquidation mechanism, it seems more appropriate to use interoperable assets backed by the platform's own tokens, the value of which is determined only by the use of these assets. Decentralized exchanges using this approach remained safe during the March crash.
Ethereum addiction
The March events revealed another DeFi vulnerability - the sector is overly dependent on Ethereum assets, which creates systemic risks for it. Relying almost entirely on one coin violates the principle of diversification. As a result, Ethereum problems are DeFi problems.
The main problem of the second cryptocurrency network is scaling. The blockchain is overloaded, transactions are slowing down, and gas prices are rising. The network is becoming too expensive and slow to send transactions, negatively impacting the use, mass adoption, and security of dApps and DeFi protocols. The problem is spiraling out of control, but there is still no quick fix. The developers hope to deal with it by updating the network to the Ethereum 2.0 state. But the launch of the update, which should take place before the end of the year, has been postponed for many years, and the final implementation of all updates will take up to two years. Until then, the problem of congestion and high commissions will remain relevant.
DeFi systems need either an updated Ethereum or access to a wider range of cryptocurrencies. The latter is preferable - it will provide more liquidity for DeFi applications, reduce the risk of ETH price impact, and reduce DeFi's dependence on the Ethereum network.
DeFi is for professionals and speculators
DeFi aims to become an alternative to the traditional financial system, covering all types of services and operations: lending, loans, trade. The sector provides anyone with access to financial instruments, eliminating the need for traditional intermediaries. And if for Western users the DeFi sector is just a story about earnings, then for residents of developing and unstable economies it is an opportunity to gain access to the financial system.
But it's important to understand that the DeFi sector is an experimental arena that exists in a regulatory gray area. Regulators don't seem to be a major issue for the DeFi sector yet. But we're sure they just haven't gotten to it yet. Recent stories from Libra, Telegram, and companies that have conducted major ICOs have shown what regulators expect from massive blockchain projects. And the DeFi sector is still weak (or, rather, does not comply at all) with the KYC / AML requirements.
Moreover, as we wrote above, the boom in decentralized finance can be compared to the ICO bubble of 2017. The American regulator SEC got to the initial application of coins two years later. We think that soon he will take a closer look at DeFi protocols. Plus, the market is overheated and is growing rapidly based on the hype. If this bubble bursts, few will be surprised.
Until the main technical problems and the risks listed above are eliminated, decentralized finance will not be ready for mass use. The current early phase of DeFi development is for researchers, professionals, or very sophisticated speculators. If you cannot afford to lose your money, do not invest in DeFi. This is trivial but timeless advice.
When investing in DeFi, remember that beyond the question of how much the investment will bring, investors must also consider the technical and systemic risks. The universal formula “ the higher the yield, the higher the risk ” clearly shows how much you risk when investing in DeFi.