Default auditing for DeFi projects is a must for growing the industry

Published at: March 21, 2021

The radical opportunity presented by decentralized finance has garnered significant attention from investors and speculators alike. The total value locked in DeFi protocols grew over 2,500% in 2020, from around $700 million in January 2020 to over $20 billion in December 2020. TVL is a more useful metric than market capitalization when it comes to DeFi, as it accurately represents the equity that investors are willing to commit to these protocols. And their commitment didn’t end in 2020; this year alone, DeFi’s TVL more than doubled, reaching $40 billion in February.

Related: Was 2020 a ‘DeFi year,’ and what is expected from the sector in 2021? Experts answer

While DeFi’s growth over the last year can be largely attributed to retail investment, 2021 is shaping up to be the year institutions start getting in on the action. As yields from fixed-income assets continue to drop to historically low levels and unprecedented stimulus packages ratchet up inflation expectations, a massive amount of money is now seeking higher returns.

Forward-thinking asset managers are turning to DeFi. Circle — the issuer of popular stablecoin USD Coin (USDC) — is set to launch the first high-yield digital dollar account to be aimed at institutions. By lending out to the capital-hungry crypto markets rather than oversaturated traditional markets, the account can offer up to 10.75% annual percentage yield. While it will initially serve only businesses, there are plenty of options that cater to individual investors.

How to bring institutional investors into DeFi

During DeFi’s explosive growth in 2020, dozens of separate attacks drained investor funds, with half of all crypto attacks in crypto were of DeFi protocols. Many of these exploits made use of tactics as new and creative as the protocols themselves. Others were repeats of previous exploits that remain frustratingly easy to prevent. While any loss of funds is unfortunate, the security of DeFi has improved greatly over the last few years.

Getting listed on any major exchange now requires a project to have passed auditing, as it’s simply too risky for exchanges to compromise on the safety of their customers’ money. But meaningful security doesn’t end there.

Related: The code is key: Solutions for overcoming DeFi security breaches

Worryingly, in 2020, there were attacks that resulted in money stolen from protocols that had passed a security audit. While auditing focuses on a snapshot of code prior to its deployment, the process cannot take into consideration the interactions of a contract once it’s released into the wild. The dynamic rate of change in DeFi means that new tools and programs can pose new risks.

Related: As faith in audits falter, the DeFi community ponders security alternatives

The possible solution

Automatic security tools can continuously monitor smart contracts against a wide range of known vulnerabilities, even after they’re deployed onto a public blockchain. Users can protect individual transactions, too, by requiring the contract with which they’re interacting to meet a certain security threshold before the transaction can be confirmed and funds are committed.

It’s important to be protected while your contract is running, even if everything seems to be going smoothly.

In addition to real-time security tools, there are a few options for decentralized insurance alternatives on the market today. There are solutions that can provide protection for user funds locked in many DeFi protocols, which give DeFi users peace of mind, knowing that their capital is secure in the face of unforeseen events.

We envision a world of decentralized finance where protecting your assets is as simple as checking a box before placing a transaction, where on-chain technology protects transactions before they happen, and where security is a foundational pillar of every platform.

In combination with its unparalleled yields, a reputation for this kind of comprehensive security will help take DeFi from its current share of around 8% of cryptocurrency’s total market capitalization to a level rivaling the legacy financial system.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Daryl Hok is the chief operating officer of CertiK. Previously, he spearheaded corporate development at FiscalNote, a global machine-learning GovTech unicorn. He obtained a dual B.A. in economics and psychology from Yale University, concentrating in behavioral economics.
Tags
Related Posts
The development of blockchain industry and how to defend against attacks on DeFi
Nowadays, the blockchain market as a whole is in its infancy, and the decentralized finance (DeFi) market is its most promising part. According to DefiLlama data, in 2021, the DeFi market had around $200 billion of liquidity locked in smart contracts. If we view this capital as an initial investment, this market looks like a highly promising venture. Not too many global companies can boast of such a capitalization. But any young market has its teething problems. With DeFi, the main issue is a lack of qualified blockchain developers. This industry is very young and has a relatively small user …
Technology / July 3, 2022
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
Report: GALA token exploit resulted from public leak of private key on GitHub
According to a new post by blockchain security firm SlowMist on Nov. 7, it appears that the last week’s token exploit affecting GameFi project Gala Games resulted from a public leak of applicable security keys on GitHub. As told by SlowMist, pNetwork, the cross-chain interoperability bridge used by Gala Games on the BNB Smart Chain, had three privileged roles in its smart contract pGALA. “The Admin role is used to manage upgrades and changes to the Admin address of the proxy contract. The DEFAULT_ADMIN_ROLE role is used to manage various privileged roles in the logic (eg: MINTER_ROLE ), and the …
Technology / Nov. 7, 2022