The DeFi (Decentralized Finance) market’s exceptional growth since the start of the year has shown us a considerable demand for yield-generating protocols, despite the dangerous nature of these new financial products.
DeFi’s deserving proposition is immediately obvious: borderless access to a host of financial services provides the user with a significant upside while concurrently increasing their economic sovereignty. The financial formation, cost efficiency, composability, and readily available liquidity are among the possibilities generated by numerous DeFi projects. Even if – for now – it’s primarily about yield generation and high risks.
These risks are typically classified into four principal categories:
- Coding risk
- Oracle/centralization risk
- Financial risk
- Regulatory risk
1 – Coding risk
Coding risks pertain to the attack vectors that can be exploited due to the underlying code that supports the protocol or platform. DeFi is simply a suite of software, created by lines of code, that helps a host of financial services.
Given the complicated nature of DeFi protocols, it is not uncommon for errors in the code that can provide malicious parties with an attack vector to steal funds (and they do).
Nevertheless, outside of the apparent risk of losing funds through a hack, coding risks also pose a significant threat to the greater DeFi ecosystem. Due to the composability in DeFi, if one protocol is unstable, there may very well be a risk for the entire connected ecosystem.
In its most recent report, The 3rd Global Cryptoasset Benchmarking Study, the Cambridge Centre for Alternative Finance explained this risk affirming: “Stacking and composability of smart-contracts also pose a risk. Should an underlying smart-contract break then the stack may fall like a house of cards.”
2 – Oracle/Centralization Risk
Several of the protocols within the DeFi space are dependent or make use of a centralized tool. Due to the very nascent nature of the DeFi sector, the developing teams have systems in place that confer specific strength to a centralized party to reduce inefficiencies or reduce attack vectors.
Ironically, while these centralized systems provide the developing platform with some advantages, they are also a significant risk for the ecosystem’s functioning.
Take, for instance, Oracles, which are leveraged by several Automated Market Makers (AMMs) and decentralized exchanges (DEXs), typically receive data from a single source. This can pose a risk as it is trivial for a malicious party to control the singular source of data and manipulate the market to their profit.
While it is noteworthy to note that most developer teams are focused on phasing out the centralized aspects of their ecosystems over time, these tools still pose risks while they are in place. According to the Cryptoasset Benchmarking Study, “Oracles, either hardware or software, funnel real-world data to the smart contract. As several attacks targeted at decentralized protocols have shown, oracles are a possible source of systemic risk and their data feeding role is prone to manipulation.”
3 – Financial Risk
DeFi protocols are based on public blockchains. These blockchains typically have a native digital asset. The price-performance of the supporting blockchain asset is likely to affect the value of the holdings locked in a DeFi protocol. While this may lead to profit, it is also possible that there are losses.
Additionally, there is a chance of Impermanent loss (IL). Impermanent loss refers to the phenomenon where tokens held in an AMM are seen to have a different value than they would if they were being stored in a wallet. Due to the synergistic events in an AMM to keep the ecosystem functioning, one may find that his holdings are of less value in the AMM than if they had just kept the assets in a wallet.
The Balancer Protocol defines IL as “the percentage by which a pool is worth less than what one would have if they had instead just held the tokens outside of the pool.” It is important to note that IL is seen to balance itself out the longer a user participates in an AMM. However, it remains a risk.
4 – Regulatory Risk
Just like the more critical cryptoasset sector, the DeFi industry is subject to an uncertain regulatory environment. Due to its nascence, the blockchain industry is under intense scrutiny from regulators tasked with protecting the greater public.
Regrettably, due to a mixture of factors, such as a lack of understanding and the complexities in technology, some regulators and jurisdictions are not in favor of the DeFi space. Fortunately, this issue is likely to be mitigated with time.
“As space grows, the response of regulators to decentralized financial applications is a regulatory risk that needs greater study and understanding,” the researchers the Cambridge Centre for Alternative Finance concluded.