In the last 10 months, we have seen an explosion of decentralized financial protocols introduced on the Ethereum blockchain. DeFi proposes an entirely new financial system that is independent of the traditional financial infrastructure or instruments. DeFi products do not need any intermediaries. The smart contract specifies the settlement conditions between individuals, avoiding any single point of failure.
Users of DeFi products earn an interest rate 100 times higher than traditional saving accounts. However, these high-interest rates are not risk-free. There’s a reason the interest rates are so high – DeFi is a far riskier place to park your money. There are no Federal laws protecting these funds. If any DeFi product gets compromised, users could find themselves unable to withdraw their funds or completely lose their money.
In July, Ethereum co-founder Vitalik Buterin warned of the dangers of DeFi protocols. He said, “I think one big one is that a lot of people are underestimating smart contract risk”. He added, even if protocols undergo rigorous audits, its smart contract security cannot be guaranteed.
Each DeFi product has very different risks and so varying reward profiles. A better understanding of risk in these DeFi products is an important step towards minimizing user’s risk exposure. This article introduces how users should assess risk levels in various decentralized finance protocols.
DeFi Risk factors
1) Smart Contract risk
The security of smart contracts is extremely important. An error in smart contracts can result in significant financial damage. Recently, Decentralized finance (DeFi) lending protocol bZx was hacked and lost over $8 million due to a faulty code in its smart contracts.
A thorough code audit from a reputable security firm helps to assure the DeFi developer’s commitment towards developing a bug-free platform. Bug bounty programs are another positive indicator that the development team takes security seriously. By incentivizing independent security auditors to discover protocol bugs, it allows for a more widespread security review.
Additionally, users can look at the longevity of the protocol’s smart contract – how long have the smart contracts been active since mainnet launch.
2) Financial risk
DeFi products have no method to recover from losses caused by volatile assets. For example, when looking at DeFi lending protocols, one method is to use over-collateralization i.e. borrowers lock ETH as collateral and receive 50% of the ETH value as the loan amount.
While most lending platforms use the non-collateral model i.e. over collateralize by a ratio of more than 50%, however, this strategy may still be risky given the volatile nature of crypto assets. One recent example is MakerDAO ‘Black Thursday’. Since the MakerDAO project leverages ETH for collateralization, the significant ETH price drop on 12 Mar 2020, lead to 100% liquidation of collateral value.
When it comes to DEX AMM pools, the platforms attempt to incentive liquidity by using dynamic transaction fee models. Meaning depending on supply and demand, the liquidity providers get a portion of the trade fee from the protocol. However, profits are not guaranteed in these liquidity pools. For example, let’s consider you are participating in a liquidity pool that offers 1000% APY for a trading pair ABC/USDT. As a user, you take on this opportunity, however, within a few minutes of you joining the pool, there was a massive sell-off of the ABC asset. Now your pool is left with all 100% ABC assets which apparently dropped by 95% in price.
3) Liquidity risk
Liquidity risk refers to the risk associated with the uncertainty of exiting an investment on-time at the right price point. When looking at DEX like UniSwap, liquidity may not be a problem these days, but it may not always be the case.
The fragmentation of the asset liquidity among different trade pairs (USDT, ETH, USDC) results to lower liquidity in individual pools. That might result in large slippages. Slippage is the difference between the expected price of a trade and the executed price of that trade. This condition makes it extremely unlikely to execute a trade at the expected price.
4) Centralization risk
Centralization risk is an important risk to consider when using DeFi products. One of the biggest contributors to centralization risk in DeFi products is the use of admin keys. Admin keys allow DeFi developers to change the parameters of their system like interest rate, fees, incentives, etc.
The ability to freely alter these contract parameters could cause financial loss to users. To remove this centralized element, developers can provide confidence to users by implementing timelocks and using multi-signature wallets. Timelocks put a delay before any change in the smart contracts take place. This allows users to exit their positions and mitigate the risk of unknown protocol changes.
Multi-signature wallets distribute control to a larger number of developers, thereby not allowing control with one person. Also, in situations where one developer loses the private keys, the entire system is not compromised.
Closing remarks:
DeFi developers are attempting to build a new world of opportunities for users to participate in a trustless and permissionless financial system. It has gathered a lot of steam in 2020, however, investors need to remember that the DeFi space is still nascent and the practices are still evolving with each passing month.
Investors can reduce their risk exposures by evaluating DeFi products based on the above-described parameters and accordingly should allocate their funds.