With the start of a new decade, a new wave is affecting the global financial system, the wave is of decentralized finance protocols. The ecosystem has already packed a value of $1.2 billion in 2020.
Though the platform has a huge and revolutionary potential yet it is in it’s developing phase and is immature and thus there are several common vulnerabilities which do not make the platform unsafe for users but a cautious place for them to be and so here are few risks from which the users should be aware to make an informed decision.
The name pronounce os Defi is Decentralized Finance but according to a source, most of the Defi apps depend on the centralized entities for their operation in one way or the other, in that source there was a part mentioned where it stated that anyone having the access of Compound admin key can drain all the platform’s lending pools.
In the case of lending protocols, there is a different concern. A metric named “utilization rate” is used in a Compound in which the percentage of the staked funds that have been lent out in a moment is described. The higher the percentage the greater the risk of a liquidity crisis getting triggered. This risk is minuted by the compound through its interest rate model which adjusts according to the utilization rate.
The market of Defi is still vulnerable to manipulation tactics as Defi is currently unregulated. The tactics are.
In blockchain when there several transactions waiting to enter a block and become confirmed, they are queued in a mempool which is visible to any trader, The trader can enter in with their own trade and can get a higher gas fee, by this the miners will more likely select them for inclusion in next block rather than first transaction.
When a Defi dApp uses only a single or double exchange as an oracle the price information provided by an oracle can be manipulated by traders by trading large transactions since the liquidity on that exchange is very less it is easier to manipulate the price, the traders make leveraged trade on the manipulated price and reap maximum profit.
When any user is using or investing in a Defi dApp, their funds are being transferred into another user wallet and the transaction is governed by a Smart contract but this all happens through a dApp and it can also be a possibility that someone, somewhere, has private keys to the wallet
The measures which are used to prevent funds from hackers are such as multi-signature security and time locks, however, it is impossible for any user to be assured totally that these methods are being applied as the Defi teams are very secretive about their practices. Multi-signature is a measure visible to the user but again there is no proof that not even a single individual has access to all the signature which is required for transactions.
It is being assumed that as the Defi area matures the developers may advance their security modules.
Scalability is the biggest weakness of Ethereum and still, most of the Defi is still dependent on Ethereum. The transaction speed in Ethereum is around 15 TPS, and Ethereum is able to keep up with the transactions of stablecoin
Ethereum 2.0 upgrade which is promised still may take a few years and that too it is not sure that the current issue will be alleviated or not. So, for now, the dependence of Defi on Ethereum can be considered a fragility.
All these fragilities and drawbacks are not necessarily the reason for the users to run scared away from Defi, the crucial part for the users is “do your own research” before getting involved with Defi. The users should understand the risks involved when investing in crypto and related applications and then take the calculated and measured approach to minimize the risks.
At QuillHash, we understand the Potential of Blockchain and have a good team of developers who can develop any blockchain applications like Smart Contracts, dApps, DeFi, DEX on the any Blockchain Platform like Ethereum, EOS , Stellar and Hyperledger.
For further discussion and queries on the same topic, join the discussion on Telegram group of QuillHash — https://t.me/quillhash.