Stop Doing this! Practical measures to keep users safe in DeFi environment

Stop Doing this! Practical measures to keep users safe in DeFi environment

Table of Contents

Read Time: 4 minutes

Powered by blockchain, DeFi has revolutionized the possible applications of money. Termed open finance, DeFi is a vast ground of many amazing protocols that have introduced use cases, not even imaginable some time ago. DeFi has given us all an unparalleled venue to make some money, actively as well as passively.

All well, so where lies the problem? The space has its share of risks as well. Every year, millions of dollars are lost due to hacks, exploits, and liquidations.

So what can a user do? Will it be best for them to keep away from this transformative kind of finance and stick to the traditional financial system where the returns are steadily falling? It is impractical, considering the air of change in the field of finance. Here are a few practical measures users can take on a day-to-day basis to keep themselves safe in a DeFi environment.

Practical measure to keep users safe in DeFi:

Ensure DeFi smart contracts are audited

Carrying out transactions on the DeFi ecosystem requires you to interact with smart contracts. In this context, it becomes important to check if these smart contracts have undergone auditing. The exercise helps pick bugs in the code, subsequently preventing unscrupulous elements from taking advantage. If you are unsure about smart contract auditing, you may just go through this piece of information. Alternatively, you may just wait out a few months when a new platform is launched. If there are bugs in the code, they are likely to reveal themselves in this duration. Though this is not a sure-shot way of revealing the bugs, it certainly lessens the danger.

Prevent liquidation of collateral

Ability to draw loans quickly is a revolutionary use case of DeFi. The process is much more efficient and economical than that of banks and you can put the funds to work almost instantly, thanks to the composability of DeFi.

There is a cliché though. Users need to deposit a collateral with the lending protocol to act as security for the loan. If the funds become undercollateralized, the funds kept as collateralized might get liquidated. To avoid this, borrowers have to add more funds to the security.

For instance, someone might deposit 20 ETH as collateral for a loan. However, the price of ETH may fall later and you might be required to add more ETH to the collateral.

You need to be careful about this aspect when taking DeFi loans.

Go for liquidity mining only if you are an advanced user

Yield farming and liquidity mining have been the buzzwords since the summer of 2020. The former was about depositing capital to a protocol for garnering returns. The latter has users getting paid in another token along with the returns.

While liquidity mining has been a noted tool for making profits, it also has its share of risks. So many times have the attackers used liquidity mining to attack the DeFi ecosystem. They focus on exploiting vulnerabilities in the smart contracts to drain pools, hitting liquidity providers hard. ‘Rug pull’ is another major risk when a user may pull out a big portion of funds to cause a sharp drop in a token’s price.  ‘Impermanent Loss’ is also a threat that has to be taken into account.

These threats make liquidity mining the best fit for advanced users. Moreover, not all pools in DeFi are equally risky; some are riskier than others. Getting apprised of all these factors will help you contain the losses.

Keep tabs on gas costs

Transactions on Ethereum or on EVMs (Ethereum virtual machines) on chains like BSC (Binance Smart Chain) and Matic require gas. However, calculating it is never easy. If the gas price you mentioned is too low, the transaction may not get completed. And if the gas you pay is too high, you may end up spending much more than what was required. In case the balance is too low, you will lose your balance and the transaction will fail as well.

When transacting on Ethereum blockchain, be doubly sure about the gas fee you are paying. If possible, you may avoid peak periods to curtail your gas costs. Even better, you may look for protocols that cover the GAS costs for buying crypto. Tools like are quite useful for curtailing risks associated with gas prices.

Copy and paste wallet addresses

Immutability is a key feature of the smart contracts on Ethereum, making transactions irreversible. It becomes important for anyone to exercise caution while using tokens. Sometimes, users make silly mistakes like typing wrong addresses, which transfers the funds to an unintended person, or worse, dump the funds into a black hole. The best way to avoid this is to copy and paste wallet addresses, rather than typing.

Use a more established stablecoin

Prices of crypto tokens are volatile, so stablecoins have emerged as a key part of the DeFi ecosystem. A stablecoin is pegged to the price of a fiat currency via a mechanism, introducing an element of risk. DeFi players need to make sure the base currency on a platform is one of the more established stablecoins.

Take insurance cover

An effective way in getting protection while using DeFi is opting for a protocol that provides an insurance cover. One such example is Nexus Mutual. It is a decentralized alternative to insurance.

Wrapping up

DeFi can bring in for you the kind of profits unseen in other financial services. Though DeFi has its share of threats and challenges, these can be overcome if you are careful about a few things. Some key steps such as checking for smart contract auditing, taking stock of your own expertise in DeFi trading, and taking insurance cover will help you get over these trades and take home the profits!

Reach out to QuillAudits

QuillAudits is accomplished in delivering efficient smart contract audits. If you need any assistance in the smart contracts audit, feel free to reach out to our experts here!

Follow QuillAudits for more updates

Twitter | LinkedIn Facebook


Related Articles

View All

Leave a Comment

Your email address will not be published. Required fields are marked *


Due to the fact that Web3 technology is still in its infancy, new types of attacks are possible. Some attacks, like ice phishing, are specific to Web3, while others resemble credential phishing attacks.




The $BEVO NFT Art Token (BEVO) on BSC was exploited, resulting in a $45,000 loss.

The root cause of the exploit is that BEVO is a deflationary token. By invoking function deliver(), the value _rTotal will decrease.

QuillAudits 🤝 Gamestarter

@Gamestarter is a complete Web3 ecosystem including an IDO launchpad, game development studio, accelerator, incubator, and soon NFT marketplace, gaming guild and metaverse.

QuillAudits extends its partnership with Gamestarter.


Thoreum Finance on the BNB chain was exploited on January 18, 2023. The exploit resulted in the protocol losing approximately 2261 BNB (~$680K).

✔ Check out our latest article to learn more about how it happens.👇


#web3 #Security #Audit


phyProxy on BSC was attacked, resulting in a loss of 1.2K BUSD.

The root cause is a forced investment due to the delegate calls unverified input in the public delegateCallSwap function.

Load More

Amidst FTX Saga, Hacker Swept More Than $25 Million in 2nd week of November

The contract reinvested (the earn function was not called) before the user pledged (depositAll function) without settling the reward, which means that when the user pledged, the contract did not settle the previous reward and instead conducted a new investment.

Become a Quiffiliate!
Join our mission to safeguard web3

Sounds Interesting, Right? All you have to do is:


Refer QuillAudits to Web3 projects for audits.


Earn rewards as we conclude the audits.


Thereby help us Secure web3 ecosystem.

Total Rewards Shared Out: $190K+