DeFi refers to the decentralized financial agreement realized by smart contract, including asset trading, lending, insurance, various derivatives, etc.; except for credit service, financial service in reality can be realized through DeFi protocol. These agreements are decentralized and automatic, and there is no third-party organization in the management and maintenance. Therefore, the risk control of contracts has become a difficult problem in the industry.
DeFi has dual attributes of Finance and technology, mainly including the following risks:
- Code risk. Including Ethereum underlying code risk, smart contract code risk, wallet code risk, etc. For example, the famous DAO incident in those years, the recent Uniswap vulnerability attack, and all kinds of wallet theft incidents are caused by code risk.
- Business risk. The main reason is that there are loopholes in the process of business design, which are reasonably attacked or manipulated. For example, FOMO3D was blocked in those years, and bZx mistakenly used the Uniswap Oracle, which was not resistant to attacks, and was reasonably suppressed to steal assets. These people are called arbitragers. Arbitrage has both disadvantages and advantages for a DeFi project.
- Market fluctuation risk. The lack of some response variables in the design of DeFi leads to the occurrence of market extreme situation. For example, MakerDao’s performance in 312 is mainly caused by the extreme volatility risk of the market.
- Oracle risk. The Oracle provides global variables and is the basis of most of the DeFi. If the Oracle encounters an attack or stops, the downstream DeFi will collapse. We believe that the Oracle will become the most important infrastructure of the future DeFi, and the Oracle with any centralized risk will eventually die out.
- “Technology Agency” risk. It mainly refers to that ordinary users who are not familiar with smart contracts and blockchain use the “convenient” interactive tool developed by the centralized team, which may have risks.
The above risks should be taken into account in the design of any DeFi project. The complete process is not only to make prompt in the document, but also need some risk management means. Most of these measures are carried out in a decentralized way, and a small amount are completed in the form of community governance (mainly refers to chain governance). Here we propose a risk management framework for DeFi, which is divided into pre event, in-process and post event
In advance: it is mainly to formally verify the contract code, including clarifying the boundary of methods, resources and even instructions used in the contract, as well as the correlation and influence of these methods, instructions and resources in the combination process, and resolutely use the method without demonstration or combination without finding boundary. This is not the thinking of traditional software development testing, it is a concept close to mathematical demonstration. Good contract development should be based on a proven combination of methods.
In the event: the main design is downtime design and exception trigger design, that is, the contract can identify and intervene the attack behavior, including automatic shutdown design and governance outage design. The abnormal triggering is a kind of control and management of the unexpected phenomenon in the process of contract operation; the abnormal trigger is generally automatic, and some risk management variables are corrected through the abnormal trigger. Please refer to the beta coefficient and anti blocking attack settings in nest Oracle system, which is the first practice in the industry to consider shutdown and abnormal triggering.
After the event: risk management after the event includes several parts. First, code vulnerabilities need to be corrected. Generally, it is managed through chain governance, that is, DAO governance. Secondly, the governance asset itself is attacked, and contract bifurcation is needed at this time! This is a blind spot ignored by the industry. Secondly, through the insurance mechanism, the possible risks of the contract are insured to reduce the loss. Finally, the community can track losses through tracking data on the chain and cooperate with various institutions. For on Chain Governance and contract bifurcation, please refer to nest’s design, which is an innovation.
The above is a system framework for the security of DeFi for your reference only. At present, the understanding of safety in the industry is too early and too traditional. If we can’t change our thinking and introduce new ideas such as boundary, completeness, consistency, formal verification, shutdown, abnormal triggering, governance and bifurcation, we can’t adapt to the future development.