The booming world of decentralized finance (DeFi) has reached new heights in recent weeks as the total value of assets locked in the DeFi ecosystem surpasses $13 billion. Arguably the fastest-growing sector in the crypto industry today, DeFi has witnessed an explosive influx of capital and market participants in just a matter of months. Amid this meteoric rise, Ethereum continues to dominate the DeFi space, holding 96% of the total transaction volume.
While this recent growth has accelerated the pace of innovation and experimentation in the DeFi landscape, it has also brought forward valid concerns around its long-term sustainability, particularly in Ethereum’s scalability challenges and high gas fees. There is no denying that flaws exist in the world of Ethereum-based DeFi, with detractors citing over-complexity and risk as significant roadblocks. From re-entrancy attacks on Uniswap and Lendf.me to Yam Finance’s smart contract coding flaws, the high-profile security incidents in the first half of 2020 alone are indicative that the sector’s explosive growth could be taking place at the expense of its safety and stability.
At the same time, the consolidation of DeFi protocols around the Ethereum platform has raised some lingering existential questions: Beyond technical challenges such as network congestion or security issues, should DeFi – with decentralization at its core – be defined solely by a single network?
It’s a question made more acute by major Ethereum infrastructure provider Infura disrupting the entire network, on Wednesday.
Real-world value, real-world risks
With over 100 projects and applications in the ecosystem ranging from decentralized exchanges to lending and insurance platforms, DeFi holds the potential to unlock a parallel financial system by making money, payments and other financial services universally accessible. However, we, as an industry, would do well to remember that trial and error only extends so far when it comes to digital assets with real-world value.
For DeFi to consider a sustainable future, developers must behave with security at the forefront of all that they do, ensuring that existing infrastructures and security measures will be able to keep pace with the industry’s breakneck rate of growth. On top of that, the industry needs to start communicating the risks for what they are in order to keep new users from finding their life savings disappearing into the digital abyss.
Adapting the approach of traditional financial institutions, DeFi projects should invest ample time to perform rigorous security audits and code reviews. In addition to implementing bug bounty programs to catch vulnerabilities before they result in user losses, projects should also be much more transparent about their network vulnerabilities by publishing open post-mortems to the public so that other applications in the ecosystem can learn from the incidents and prevent them from happening in future. This sort of transparency would be beneficial to building trust among users and charting a more secure path towards mainstream adoption.
The incidents involving Yam Finance, bZx and SushiSwap this summer have highlighted the serious inadequacies in today’s existing smart contract infrastructures, which led to security breaches linked to human error.
Since the infamous 2016 DAO hack, Ethereum’s Solidity has shown a degree of vulnerability. In the case of the DAO hack, malicious actors exploited the “fallback function” in the destination smart contract to create an execution loop that calls the “withdraw” function of the victim’s smart contract until either the balance of the victim’s smart contract is zero or the transaction gas is depleted. Solidity is just one centralized point of failure in smart contract design, developers must reckon with.
As smart contract development is still a relatively new field, security vulnerabilities and compromises are to be expected as part of the growing pains of any emerging technology. For this reason, it is crucial that smart contract developers keep track of new security developments and stay up to date with the industry’s best practices.
Deploying measures such as testnets, bug bounties or a phased rollout plan allows developers to mitigate risks and catch bugs before a full production release. In addition, smart contract developers who are building on Ethereum need to be aware of the EVM’s idiosyncrasies and work around them accordingly.
Developments in diversification
As DeFi looks to cement a sustainable future, the sector also needs to look to a future beyond Ethereum.
After all, the ongoing argument for interoperability should not only apply to blockchain as a whole, but must equally extend to the industry’s most pre-eminent use case – DeFi. Within the traditional financial system, the majority of payments infrastructure is interoperable, meaning that cardholders can make payments anywhere in the world, regardless of what the local currency is.
On the other hand, the blockchains of today exist in silos and are still unable to communicate with each other and exchange value. Without establishing cross-chain interoperability, the DeFi movement will remain in the shadow of traditional finance. To solve this issue, the DeFi development community have devised different ways to provide new forms of interoperability, from atomic swaps and wrapped tokens to cross-chain communication platforms.
While solving these issues are imperative to the advancement of DeFi as a whole, the industry also needs to take a more collaborative approach in building a more diverse ecosystem of DeFi-centric applications on different platforms, rather than sticking to one network.
Outside of Ethereum, other smart contract protocols are also growing their own respective DeFi ecosystems. Such alternative projects are set to play a vital role in the field of DeFi, potentially opening a new chapter in its development. Ethereum may have the first-mover advantage as the pioneering smart contracts platform with the greatest number of token holders, but further experimentation and diversification is needed to encourage innovation and greater technical optimization over time.
Already, we have begun to see significant developments across the DeFi landscape with the growth of new financial products from savings, payments and lending. With the sector’s evident appeal, not just for emerging economies but also companies locked out of traditional finance in developed economies, DeFi holds a great deal of potential in democratizing access to a new financial model in this digital age.
But for the industry to climb out of the shadows of traditional finance, DeFi needs to first overcome its existential challenges and growing pains, in order to flourish and fulfill its promise as a sustainable alternative to traditional finance.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.