Venture Firm Proposes 'DeRisking as a Service' for Safe DeFi Launches

Published at: May 27, 2020

Ken Deeter, a partner at crypto venture firm, Electric Capital, proposed a pragmatic approach to ensure decentralized finance, or DeFi, projects are not exploited due to bugs in the system.

In an article published on May 27 through the Electric Capital blog, Deeter calls for DeFi projects to introduce “better risk management.” This largely comes as a response to the many hacks and protocol failures that occurred in recent months, like the temporary theft of $25 million from the dForce protocol.

Deeter believes that DeFi should adopt some of the established techniques in the tech industry, which makes heavy use of “canary deployment” — the practice of gradually rolling out new features to portions of the user base. He conceded that this approach cannot be directly applied to blockchain, but the principle holds: 

“The core underlying idea remains applicable: start small in a low stakes environment and then increase exposure and risk in a controlled manner.”

Guarded launches

Deeter proposed a gradual launch process for DeFi projects, using rules and thresholds that limit the functionality of the system. As the developers gain confidence in the reliability of the system, governance processes can be used to relax the restrictions.

The restrictions can be of a varied nature, and include hard limits on the capacity of the system in terms of asset amounts, types and number of users. Restricting composability is also an important part of this concept, as several of the previous hacks were eased by complex interactions between different protocols.

Finally, traditional risk management like escrow, insurance ratio and conservative loan-to-value ratios can also be helpful. Emergency shutdown capability was also cited.

Deeter noted that several DeFi projects, like Maker, Compound, and Uniswap, already include some of these mechanisms.

Deeter argued for the creation of standardized smart contract libraries and services as part of a “DeRisking as a Service” concept. These would create a plug and play option for projects to implement these controls. Deeter compared this approach to OpenSSL and gnutls, which already perform a similar function in some crypto projects, he argued.

Generic libraries could be thoroughly tested and audited and thus make smart contract deployment safer. 

Freedom or pragmatism?

The DeFi community remains fractured in deciding if additional security at launch is worth the compromise of restricting freedom of use. A poll run by Defi Prime asking if DApps should be limited to a $100 maximum transaction size saw the “no limit” camp win by a small margin.

Deeter told Cointelegraph that “we have had very positive feedback to the idea of Guarded Launches.” He noted that some projects see more liquidity “than they are comfortable within a short time,” and a progressively decentralizing launch is a “better fit for different types of projects.”

Commenting on the launch of tBTC, which has often been praised for quick and decisive action to prevent losses, he said:

“The transaction size restriction that was included in the tBTC web UI is definitely an example of a technique that we would consider as part of the Guarded Launch approach. I'm sure it had some effect at limiting the consequences of the eventual problem that was discovered.”

Toeing the line between decentralization and pragmatism can be a difficult task, as MakerDAO’s co-founder, Rune Christensen, told Cointelegraph.

Tags
Technology
Defi
Hackers
Security
Related Posts
​​Cream Finance DeFi platform loses $19M in a flash loan hack
Cream Finance, a major decentralized finance (DeFi) protocol focused on lending, has suffered a severe exploit, with a hacker stealing nearly $19 million from its platform. An unknown hacker has managed to gain $18.8 million in the latest flash loan exploit of the Cream Finance protocol through a reentrancy bug introduced by the Amp token, according to an investigation by blockchain security firm PeckShield. Announcing the news Monday, Cream Finance said that the protocol has stopped the exploit by pausing supply and borrow contracts on the Amp token. “No other markets were affected,” Cream Finance stated. C.R.E.A.M. v1 market on …
Decentralization / Aug. 30, 2021
The perfect storm: DeFi hacks will advance the crypto sector moving forward
The rise of decentralized finance, or DeFi, could be paving the way toward a fully decentralized financial ecosystem. Yet, given the innovative nature of DeFi, the sector remains in constant development and is therefore prone to a number of vulnerabilities. Unsurprisingly, one of the biggest challenges currently facing the DeFi sector is security threats. This has become apparent as more DeFi hacks continue to wreak havoc across the crypto community. Most recently, the largest DeFi hack within the crypto industry took place. The Poly Network hack resulted in over $600 million dollars removed, and then returned, from Binance Chain, Ethereum …
Decentralization / Aug. 17, 2021
Poly Network hacker appears ready to return stolen funds
Following a massive $600-million exploit of cross-chain protocol Poly Network, the Poly Network hacker has claimed his willingness to return the stolen cryptocurrency funds. At about 4:00 am UTC on Wednesday, the hacker sent an Ethereum transaction to themselves, stating that they were “ready to return the fund” in an embedded transaction message. In a subsequent message, the hacker asked for a multisig wallet address to return the funds to Poly Network. “Failed to contact the poly. I need a secured multisig wallet from you,” the hacker noted. Poly Network’s Twitter account posted an update on Wednesday, providing three separate …
Decentralization / Aug. 11, 2021
The radical need for updating blockchain security protocols
Decentralized finance (DeFi) is here to stay with over $100 billion in total value locked (TVL), highlighting the evidence of faith in these new financial tools. This investment will continue to increase, but it appears that with each new record in TVL, there is another network attack being reported with astronomical losses. Crypto crime dropped 57% in 2020, but DeFi hacks surged, costing companies and investors billions of U.S. dollars. In March alone, there were several attacks within just a five-day period, with Paid Network losing $180 million. Later in May, PancakeBunny lost more than $200 million in a flash …
Decentralization / June 25, 2021
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023