A primer on DeFi’s risks

Lucas Outumuro, Mar 2022

A practical guide to risks in crypto, based on $5B+ in losses across hacks, rug pulls and economic incidents

Crypto’s rapid expansion has attracted hundreds of billions. Along with this growth, unfortunately exploits and scams have become widespread. These risks are still widely misunderstood both at the protocol and the individual level. Through this piece we hope to clarify the most relevant technical and economic risks inherent to DeFi protocols, analyzing some of the most prominent exploits and factors users should consider in order to manage their exposure to these risks.

Classifying Risks in DeFi Protocols

DeFi protocols are exposed to a variety of risks — from rug pulls to hacks to economic attacks. These terms are often used interchangeably… but what do they really mean?

Before differentiating these attacks, it helps to first understand the types of risks involved. These can be broadly categorized the following way:

Technical risks — programmatic functions used in an adversarial manner to withdraw funds from protocols

Economic risks — using levers key to protocols in unintended ways to create imbalances which result in losses for depositors (and gains for the attacker)

Meme-ification of DeFi risks

In this context, we would classify hacks as purely technical, external attacks, rug pulls as internal, deliberate misuse of technical factors and economic exploits as those taking advantage of economic protocol imbalances.

For the next part of this piece we examine the underlying factors behind these risks through the lens of the 50 largest incidents in DeFi. For those interested in the raw data used, feel free to check this spreadsheet out.

Breakdown of Largest Risks

In order to understand how susceptible DeFi protocols are to each type of risk, we delve into the 50 largest incidents that have taken place to date. This includes hacks in the hundreds of millions of bridges, economic collapses of algorithmic stablecoins and outright robbery of user funds.

Between these 50 incidents, we estimate users have lost over $5 billion in DeFi applications. As we’ll cover throughout the piece, among the largest exploits have come from bridge hacks, as well as the particularly large collapse of an algorithmic stablecoin.

Here is the distribution of the main risk factors behind the 50 largest DeFi attacks.

Approximately two thirds of the largest incidents have stemmed from a technical risk. Meanwhile just under a quarter have been due to economic imbalances resulting in vulnerabilities and 10% was a mix between the two types of risks.

Technical Risks

We further classify programmatic attacks depending on whether they are due to smart contract bugs, private key management, front-end exploits or rug pulls.

Here we can observe the vast majority of technical attacks are due to unintended bugs present in protocols’ smart contracts. In fact, 46% of the 50 attacks considered originated from such risk. Among these, some of the most common were re-entrancy bugs such as the ones exploited in the infamous hack of The DAO.

Moreover, a significant portion of attacks were due to private key management, as recently seen with the $624 million hack of the Ronin network behind Axie Infinity. These incidents are due to hackers being able to access private keys that have control over the protocols’ smart contracts. In Ronin’s case, there was a multi-sig wallet that required 5 out of 9 addresses to approve transactions, with 4 of these belonging to SKy Mavis, the company behind the network. Ronin’s newsletter points to the attack being socially engineered, suggesting that an impersonator sent a link to Sky Mavis’ team that after being opened granted access to their private keys. The fifth address compromised belonged to the Axie DAO, which seemingly had one of their members fall to the same attack.

While the Ronin bridge did use a multi-sig wallet, many of the other attacks in this subcategory are due to a single address controlling access to protocol funds. Such improper private key management can lead to both hacks and rug pulls. This acts as a central point of failure for hackers to exploit, while also granting developers the ability to deliberately withdraw user funds.

Protecting one’s funds against these risks may seem daunting, but it’s not impossible. Towards the end of this piece we’ll provide actionable steps users can take to mitigate technical risks, but before that let’s dive into economic risks, which have led to even larger losses.

Economic risks

Despite technical factors being behind most attacks in DeFi, a greater dollar value has actually been lost due to economic risks.

Economic risks can be further classified into four subcategories: supply-side, demand-side, stability mechanisms and asset health. These factors are interdependent to certain extent, though typically losses can be traced back to one or two of these subcategories per incident.

Supply-side risks deal mostly with the inflows and outflows of liquidity and its concentration. Here the dynamics are very different in comparison to the ones observed in technical attacks.

For instance, let’s look at a recent economic incident that resulted in at least $80 million in losses for depositors of a Curve pool. The MIM stablecoin was one of DeFi yield farmers’ go-to assets for high returns up until January 26, 2022. That day, it was exposed that the project’s founder Daniel Sesta had been collaborating in another project, Wonderland, with an anonymous co-founder who is an ex-convict associated with millions of funds through the Quadriga centralized exchange in Canada. Additionally, part of the collateral backing MIM was in Wonderland’s TIME token. As the co-founder’s identity was revealed, there were vast economic shocks throughout DeFi.

Michael Patryn, who had been pseudonymously known as Sifu, was CFO in Wonderland, and Abracadabra’s founder admitted to knowing his true identity. This led to significant losses in project’s tied to Daniele Sesta. In the case of the Curve MIM pool, depositors rushed to withdraw liquidity.

Via IntoTheBlock’s Curve protocol indicators

Approximately $2 billion in liquidity was withdrawn from the pool within hours. Since the pool consisted of MIM and 3Crv (another pool with 33.3% of USDT, USDC, DAI), depositors opted to withdraw funds in 3Crv to avoid risks related to MIM. This led to the composition of assets in the pool to become imbalanced.

Via IntoTheBlock’s Curve protocol indicators

As the pool shifted to being primarily MIM, depositors began being charged higher exit fees if they opted to withdraw funds in 3Crv (or any of its components). With liquidity in the pool getting thinner and MIM losing its peg to the dollar, exit fees grew to the point where one address realized an $80 million loss from a withdrawal. Aggregate losses for all depositors likely reached figures due to this incident.

While this is not an exploit per se, the Curve MIM incident highlights how economic risks can result in sizable losses for DeFi users. When it comes to economic attacks, the most frequent variable involved is price manipulation, typically of a relatively low market capitalization or illiquid asset. These take advantage of vulnerabilities in protocol’s stability mechanisms, particularly the oracles they use.

The lending protocols Cream Finance and Compound have fallen victim to this, where attackers use flash loans to manipulate prices of assets, allowing them to artificially inflate the price of their collateral and grow their borrowing power to an unsustainable point. Since Cream and Compound at the time used on-chain oracles, the attacker was able to do this all in one block through a flash loan.

Despite flash loans facilitating many of these attacks, they are not the main reason behind them. These are signs of protocols being susceptible to manufactured imbalances, and sometimes can even be done manually without flash loans as was the case with the $200M exploit of the Venus protocol in BSC. We will further discuss how stability risks involving oracles, liquidators and arbitrageurs can be mitigated by users.

Overall, these economic risks can be very complex, but can be monitored by looking at factors such as the changes in liquidity in these protocols and the oracles that they use. There is more users can do to protect themselves from these risks as well as technical ones.

Mitigating Risk Exposure in DeFi

As previously noted, 66% of the largest 50 incidents in DeFi were due to technical risks, primarily smart contract bugs. Since the vast majority of people are not well-versed when it comes to smart contract code, it begs the question: what can we do to prevent these risks?

The first and most simple step to take is to check if the protocol has been audited. In terms of incidence, a substantial number of the exploits analyzed were unaudited.

It is worth noting that more than one auditor can review these protocols and still be exploited. For instance, the Poly Network hack of $611M was audited by both Certik and NCC group. Given the track records of these auditors, users can assess the value they can provide and potentially assign weights to the likelihood of protocols being exploited based on previous incidents. Here, however, it is worth looking for not only the number of attacks suffered by these auditors, but also the amount of protocols that have been securely audited by them and the value locked they contain.

Aside from smart contract bugs, we also pointed out the risk that private key management can pose. It is recommended that users conduct due diligence on who has access to private keys behind a protocol. Ideally, not only do these protocols have multi-sigs with several (10+) addresses, but also include reputable people outside their organization. This is the equivalent of directors for DeFi protocols, except with greater exposure to vulnerabilities than in the traditional sense. By adhering to this standard, protocols are less likely to have their private keys accessed and to rug pull users since they would not be programmatically able to do so.

From the economic perspective, it is worth users monitoring key metrics that can affect the safety of their deposits. For deposits in AMMs, particularly stableswaps like Curve, it is worth keeping an eye on liquidity and its composition across assets. Furthermore, the concentration of liquidity in whales’ addresses can also be helpful to assess how vulnerable positions can be to slippage or exit fees if these addresses withdraw funds.

When it comes to lending protocols, it is paramount that they use oracles tracking either off-chain data or use time-weighted average prices for assets. These help prevent price manipulations that can result in losses for depositors. Similarly, if there are illiquid, small cap assets listed in shared liquidity pools, these can also be artificially inflated by attackers looking to extract funds.

These cover risks from the protocol side, but there are also best practices users can implement to avoid further downside. The most common of these include using a hardware wallet, having one “burner” wallet for active use of small funds and avoiding clicking on suspicious links or interacting with phishing scams. There is significant information out there on these, so we will not dive into them in further detail.

Conclusions

Risks abound throughout crypto and DeFi is no exception. While DeFi protocols do provide higher yield opportunities than those available in traditional finance, they are susceptible to greater risks, with very different dynamics. Although it is certainly complex to keep track of all these risks, it is worth keeping these in mind, especially if you are depositing large amounts.

Although incidents have become larger as crypto has grown in magnitude, the industry is establishing best practices to better mitigate these risks. Now more protocols opt for audits despite their hefty costs. It is also less common that they do not use multi-sigs for management of deposits. Oracles used for prices are also more resilient as developers learn from previous attacks. Being open-source, crypto can provide transparent insights into these attacks, strengthening the industry as a whole. Ultimately, risks are likely to remain throughout crypto, but there is more and more developers and users alike can do to mitigate them.