Systematic Fragility in Decentralized Finance

Systematic Fragility

Table of Contents

Read Time: 3 minutes

With the start of a new decade, a new wave is affecting the global financial system, the wave is of decentralized finance protocols. The ecosystem has already packed a value of $1.2 billion in 2020.

Though the platform has a huge and revolutionary potential yet it is in it’s developing phase and is immature and thus there are several common vulnerabilities which do not make the platform unsafe for users but a cautious place for them to be and so here are few risks from which the users should be aware to make an informed decision.


The name pronounce os Defi is Decentralized Finance but according to a source, most of the Defi apps depend on the centralized entities for their operation in one way or the other, in that source there was a part mentioned where it stated that anyone having the access of Compound admin key can drain all the platform’s lending pools.

In the case of lending protocols, there is a different concern. A metric named “utilization rate” is used in a  Compound in which the percentage of the staked funds that have been lent out in a moment is described. The higher the percentage the greater the risk of a liquidity crisis getting triggered. This risk is minuted by the compound through its interest rate model which adjusts according to the utilization rate.

Market Manipulation

The market of Defi is still vulnerable to manipulation tactics as Defi is currently unregulated. The tactics are.


In blockchain when there several transactions waiting to enter a block and become confirmed, they are queued in a mempool which is visible to any trader, The trader can enter in with their own trade and can get a higher gas fee, by this the miners will more likely select them for inclusion in next block rather than first transaction.

Oracle Manipulation:

 When a Defi dApp uses only a single or double exchange as an oracle the price information provided by an oracle can be manipulated by traders by trading large transactions since the liquidity on that exchange is very less it is easier to manipulate the price, the traders make leveraged trade on the manipulated price and reap maximum profit.

Account Security:

When any user is using or investing in a Defi dApp, their funds are being transferred into another user wallet and the transaction is governed by a Smart contract but this all happens through a dApp and it can also be a possibility that someone, somewhere, has private keys to the wallet

The measures which are used to prevent funds from hackers are such as multi-signature security and time locks, however, it is impossible for any user to be assured totally that these methods are being applied as the Defi teams are very secretive about their practices. Multi-signature is a measure visible to the user but again there is no proof that not even a single individual has access to all the signature which is required for transactions. 

It is being assumed that as the Defi area matures the developers may advance their security modules.

Ethereum Dependency:

Scalability is the biggest weakness of Ethereum and still, most of the Defi is still dependent on Ethereum. The transaction speed in Ethereum is around 15 TPS, and Ethereum is able to keep up with the transactions of stablecoin 

Ethereum 2.0 upgrade which is promised still may take a few years and that too it is not sure that the current issue will be alleviated or not. So, for now, the dependence of Defi on Ethereum can be considered a fragility.


All these fragilities and drawbacks are not necessarily the reason for the users to run scared away from Defi, the crucial part for the users is “do your own research” before getting involved with Defi. The users should understand the risks involved when investing in crypto and related applications and then take the calculated and measured approach to minimize the risks.

At QuillHash, we understand the Potential of Blockchain and have a good team of developers who can develop any blockchain applications like Smart Contracts, dApps, DeFi, DEX on the any Blockchain Platform like EthereumEOS , Stellar and Hyperledger.

For further discussion and queries on the same topic, join the discussion on Telegram group of QuillHash —


Related Articles

View All

Leave a Comment

Your email address will not be published. Required fields are marked *



Description: This type of security vulnerability can occur when untrusted data is used in a smart contract without proper validation or sanitization, allowing an attacker to execute unauthorized functions or modify the state of the contract.


QuillAudits 🤝 Lovely Launchpad

We are pleased to extend our #partnership with Lovely Launchpad and await great possibilities to secure the #Web3 ecosystem & beyond.

More About Lovely Launchpad:

#web3community #collaboration

As Web3 developers, it's critical to prioritize smart contract security to protect users' funds and maintain the integrity of the blockchain.

Threat modelling and Risk assessment are two key processes that can help identify potential risks and…


@safemoon has been exploited due to a public burn issue with around ~$8.9 M loss.

With the exploited public burn bug, the upgrade was initiated by the official SafeMoon: Deployer.

Load More

Amidst FTX Saga, Hacker Swept More Than $25 Million in 2nd week of November

The contract reinvested (the earn function was not called) before the user pledged (depositAll function) without settling the reward, which means that when the user pledged, the contract did not settle the previous reward and instead conducted a new investment.

Become a Quiffiliate!
Join our mission to safeguard web3

Sounds Interesting, Right? All you have to do is:


Refer QuillAudits to Web3 projects for audits.


Earn rewards as we conclude the audits.


Thereby help us Secure web3 ecosystem.

Total Rewards Shared Out: $190K+