Ask CryptoVantage: Why Are There So Many Hacks in DeFi?

What is DeFi?

Decentralized finance (DeFi) services (like borrowing or lending) are ostensibly the same as centralized ones provided through banks or other financial institutions. The difference being that these services can be accessed by anyone as long as they have an internet connection.

They also aren’t controlled by central authorities who can freeze or affect your dealings. Through DeFi services you can earn interest on your crypto holdings, lend, borrow, swap, and more.

Why So Many Hacks?

Cryptocurrency and DeFi are two fast moving sectors, wrought with competition. Because of this, many developer teams rush to release products and be first to market. These products can be anything from a full fledged DEX to a yield farming optimizer. The issue in rushing to release products in order to gain market share is that you often miss something.

In the physical world, this is seen in product defects such as a doll missing a button on its shirt, or something like bacteria in romaine products. The consequences in these physical product situations are often not very large. The product is recalled, consumers can return their product for a refund, and the retail outlet is reimbursed by the manufacturer either with new, non-defective stock, or a refund.

With DeFi services, the consequences are much greater. Rather than a missing button, there is instead an incorrect line of code, or a fault within the code that hackers can take advantage of. They can then steal millions of dollars in crypto, but unlike the example seen with a defective doll, there is rarely any reimbursement for the consumer. Instead, they are left with either a worthless asset, or a loss of assets. The permanent nature of blockchain transactions means there is no way to be compensated unless the hacker decides to return the funds, which happens more often than you might expect.

Even when the code of a DeFi product is audited, it is no guarantee of safety. Auditors aren’t perfect, and hackers are clever in finding little things to take advantage of. For those on the outside looking in, they may wonder why anyone would even risk a hack happening, or if DeFi is even a safe thing to participate in at all.

Is DeFi Safe?

Despite all the hacks in the history of DeFi, it is still fairly safe to participate in it, though the caveat is that you need to both do research and be prepared for something to go wrong. The first part, research, is something you should be doing anyways. Look into a product before putting your money in their protocol, see if they had audits done (as this is still important even if no guarantee of safety), how long it has been in development, and how it works. Researching first can, at a minimum, help you avoid putting money into a protocol that is a rug pull or ponzi scheme.

Being prepared for something to go wrong doesn’t mean to assume it will; many DeFi projects have launched with no hacks and are still going strong. Instead, it is about only putting in as much as you are willing to lose, in the event that something does go wrong. While yearly APRs of 200% or more in yield farming are extremely enticing, you need to manage your expectations. This means understanding that that return is likely to drop over time (often within the first few days), and that you are exposed to impermanent loss if you are providing liquidity to a pool. If the reward you are receiving is a new asset, that asset is likely to decline in value as each user harvests their rewards and swaps for something they feel is a better hold.

In the end, DeFi is something you need to pay attention to once you are involved. It is a fast-moving sector with new DApps entering the space seemingly daily. If you want to take advantage of its opportunities you are welcome to do so, just do your due diligence before throwing your life savings in.