DE-FI Becoming A Hackers Dream
The world of DE-FI has been let out on the world, and it’s not going anywhere, the idea has taken hold in the crypto space, and every chain is looking to get a piece of the action. It’s been the biggest boom in capital flooding into crypto since the ICO days of 2017 and for a good reason.
There are very few ways you can get a return in today’s market, the banks aren’t paying you anything, only a few institutions have access to credit markets, bonds aren’t yielding much and while there are divident paying stocks DE-FI’s returns are attracting a lot of speculators to come in with the promise of high returns over a short period of time.
We all know these are honey pot returns aimed to sucker in liquidity providers in the beginning and get the project going, and as more people come in the returns are arbitraged down. So I get the reason why people want to get in as soon as possible, but not at the risk of losing all your crypto.
If you’re risking Bitcoin or ETH in DE-FI, I feel its a bit silly both these tokens have the possibility of hitting a 1 Trillion Dollar market cap so HODL’ing them alone would bring you quite a pretty profit.
I get trying out some of these projects but not risking your precious crypto in them, I am happy to test out a DEX or DE-FI app with the money I am willing to lose, but never a large part of my bag.
DE-FI Getting DEfunded
In the last year, we’ve seen plenty of hacks happening in the DE-Fi space, such as:
- Harvest Finance 25 million Dollar Hack
- Pickle Finance 20 million Dollar Hack
- 6 million dollar Value DE-FI Hack
- Balancer hack of $500 000
To name a few, in 2020 at least a reported $100 million has been hacked and stolen from DE-FI platforms which is absolutely insane and yet people are still dumping their money into the next food named platform, it’s mind-blowing the number of risk people are willing to take to earn a few % points in yield these days.
Security audits are a meme
When you put your money into a DE-FI platform you are trusting the code, and guess what PEOPLE write code, so you’re still trusting people and with this rush to DE-FI people are taking short cuts to boot up these platforms as soon as possible.
They try to cover their arses by paying for 3rd party audits of the code and sign off, but with any decentralised project, there are going to be bugs, some small and some big. Some silly and some dangerous, and if you’re not constantly patching your system and looking for the vulnerabilities you’re leaving your investors open to attack.
As the amount of capital keeps increasing, it only makes it more attractive for a hacker to send a few weeks on your platform to break it and run away with a few million dollars. Meaning each time your liquidity pool increases, so does the chance of attack and motivation to attack you.
At this point, I feel as if DE-FI apps have no choice but to assume they will be attacked at some point and security audits aren’t going to help, but actually creating on-chain or off-chain insurance to secure fund and provide a safety net is one option.
As well as bug bounties to pay people for their time looking at your code instead of encouraging them to hack your platform.