Impressive growth in the DeFi (decentralized finance) market since the start of the year has shown us that there is a high demand for yield-generating protocols, despite the risky nature of these new financial products.
DeFi’s value proposition is easily apparent: borderless access to a host of financial services provides the user with a significant upside while simultaneously increasing their financial sovereignty. Financial inclusion, cost efficiency, composability, and readily available liquidity are among the opportunities created by various DeFi projects. Even if – for now – it’s mostly about yield generation and high risks.
These risks are typically grouped into four major categories:
- Coding risk
- Oracle/centralization risk
- Financial risk
- Regulatory risk
Coding risks refer to the attack vectors that can be exploited due to the underlying code that supports the protocol or platform. DeFi is simply a suite of software, created by lines of code, that supports a host of financial services.
Given the complex nature of DeFi protocols, it is not uncommon for there to be errors in the code that can provide malicious parties with an attack vector through which they can steal funds (and they do).
However, outside of the obvious risk of losing funds through a hack, coding risks also pose a significant risk to the greater DeFi ecosystem. Due to the composability in DeFi, if one protocol is unstable, there may very well be a risk for the entire connected ecosystem.
In its most recent report, The 3rd Global Cryptoasset Benchmarking Study, the Cambridge Centre for Alternative Finance explained this risk stating: “Stacking and composability of smart-contracts also pose a risk. Should an underlying smart-contract break then the stack may fall like a house of cards.”
Many of the protocols within the DeFi space are dependent or make use of a centralized tool. Due to the very nascent nature of the DeFi sector, the developing teams have systems in place that confer certain power to a centralized party to reduce inefficiencies or reduce attack vectors.
Ironically, while these centralized systems provide the developing platform with some advantages, they are also a significant risk for the functioning of the ecosystem. (Learn more: Why DeFi Isn’t Always As Decentralized As You Might Think)
Take, for instance, Oracles, which are leveraged by a number of Automated Market Makers (AMMs) and decentralized exchanges (DEXs), typically receive data from a single source. This can pose a risk as it is trivial for a malicious party to take control of the singular source of data and manipulate the market to their profit.
While it is important to note that most developer teams are focused on phasing out the centralized aspects of their ecosystems over time, these tools still pose risks while they are in place. According to the Cryptoasset Benchmarking Study, “Oracles, either hardware or software, funnel real-world data to the smart contract. As several attacks targeted at decentralized protocols have shown, oracles are a possible source of systemic risk and their data feeding role is prone to manipulation.”
DeFi protocols are based on public blockchains. These blockchains typically have a native digital asset. The price performance of the asset of the supporting blockchain is likely to affect the value of the holdings locked in a DeFi protocol. While this may lead to profit, it is also possible that there are losses.
Additionally, there is a risk of Impermanent loss (IL). Impermanent loss refers to the phenomenon where tokens held in an AMM are seen to have a different value than they would if they were being held in a wallet. Due to the synergistic events that occur in an AMM to keep the ecosystem functioning, one may find that his holdings are of less value in the AMM than if they had just kept the holdings in a wallet.
The Balancer Protocol defines IL as “the percentage by which a pool is worth less than what one would have if they had instead just held the tokens outside of the pool.” It is important to note that IL is seen to balance itself out the longer a user participates in an AMM. However, it still remains a risk.
Just like the greater cryptoasset sector, the DeFi industry is subject to an uncertain regulatory environment. Due to its nascence, the blockchain industry is under intense scrutiny from regulators who are tasked with protecting the greater public.
Unfortunately, due to a combination of factors, such as a lack of understanding and the complexities in technology, some regulators and jurisdictions are not in favor of the DeFi space. Fortunately, this issue is likely to be alleviated with time.
“As the space grows, the response of regulators to decentralized financial applications is a regulatory risk that needs greater study and understanding,” the researchers the Cambridge Centre for Alternative Finance concluded.
BitMEX Crackdown Will Fuel DeFi, Industry Insiders Hope
‘If DeFi Collapsed, Bitcoin Would Still Be Bitcoin’
DeFi’s ‘Total Value Locked In’ Metric Is A Crooked Mirror