Blockchain Bites: FATF Considers DeFi, Binance Sues and One Step to a BTC ETF

A Deutsche Bank analyst said customers increasingly prefer bitcoin over gold as their hedge of choice. A markets surveillance tool could meet the SEC's standards to allow a bitcoin ETF. A policy expert thinks existing financial precautions may be unfit for the rising world of DeFi.

Bitcoin ETF
Solidus Labs has developed a market surveillance tool it says could become a cornerstone to a bitcoin ETF ... one day. For years, the SEC has rejected every bitcoin exchange-traded fund proposal it has seen due to concerns the market is too small to properly monitor, locking out a class of investors that primarily use traditional investment platforms. Solidus’ new tool hopes to solve this issue, by collecting data from a number of crypto service providers and acting as a sort of intermediary for the information, thereby presenting a more complete view of the bitcoin market.

Bitcoin > gold
A Deutsche Bank analyst said customers increasingly prefer bitcoin over gold as a store-of-value investment. “There seems to be an increasing demand to use bitcoin where gold used to be used to hedge dollar risk, inflation, and other things,” said Jim Reid, managing director, head of global fundamental credit strategy, as quoted by ZeroHedge. Bitcoin is up 144% on the year, and gold 22%.

Cash adjacent
A group of Japanese companies has said it will develop and test a private digital currency that would work alongside cash. Reuters reported Thursday that about 30 firms from sectors such as telecoms, utilities and retail will carry out the trials in 2021. The digital yen would be built on a common settlement platform and issued by banks during the trials, later possibly being issued by other entities. “We don’t want to create another silo-type platform. What we want to do is to create a framework that can make various platforms mutually compatible,” Hiromi Yamaoka, chair of the group and formerly an executive at the Bank of Japan, told Reuters.

FATF chance?
The Financial Action Task Force (FATF) needs an entirely new approach when it comes to policing crypto, especially related to watchdog’s “Travel Rule” mandates, according to Senior Partner at XReg Consulting Sian Jones. Speaking at the second annual V20 Virtual Asset Service Providers Summit, Jones said, “The tried and tested methods work, after a fashion, in the traditional world of money. Arguably, they can be made to sort of fit the intermediated crypto world. They do not necessarily fit a DeFi world where they are not fit for purpose.” For FATF's side, a spokesperson said via email, " the FATF is closely monitoring the sector to see the impact of the Standards and identify new and emerging risks and trends... releasing updated guidance on issues such as peer-to-peer transactions and unhosted wallets and will conduct a second review of the revised Standards by June 2021. As we have done throughout 2020, this will include consultation with a range of representatives from the virtual asset sector.”

Binance sues
Binance has taken aim at Forbes Media, and two of its reporters, in court related to a story that claimed the crypto exchange giant is engaged in regulatory arbitrage. The suit, filed in the U.S. District Court in New Jersey Wednesday, alleges harm against Binance by publishing a story last month that “contains numerous false, misleading and defamatory statements.” Notably, Binance refuted the veracity of a third-party document that served the basis of many of the article’s claims. Binance, no stranger to media spats, is seeking punitive damages and for the article to be taken down.

DeFi or bust
With the meteoric rise of decentralized finance (DeFi) came a similar bump in the number of programmatic exploits. Year to date, the DeFi subsector has ballooned from under $1 billion in total value locked (TVL) to $13.7 billion, according to DeFi Pulse.

Much of this capital flowed into a handful of premier smart contracts, MakerDAO, Compound and Uniswap among the top. But it also went into smaller programs, with smaller teams.

Earlier this month, blockchain analytics firm CipherTrace found that nearly $100 million worth of crypto has been looted from a range of DeFi apps. In fact, these thefts account for nearly 40% of all crypto attacks across the entire industry.

In November alone, malicious attackers drained $2 million from Akropolis, $3.3 million from Cheese Bank, $6 million from Value Finance and $7 million from Origin Protocol.

Many of these attacks utilized a new financial technique called a flash loan, which allows users to take out uncollateralized loans from a decentralized program to leverage trades on another platform.

The frequency of flash loans in DeFi exploits have led some to believe this poorly understood tool to be the root of the issue, but now, industry experts are saying they are hardly to blame, CoinDesk’s Will Foxley reports.

“While many are trying to frame this trend as the result of flash loans, most of these exploits could have been committed by any well-capitalized actor. All a flash loan does is temporarily make anyone a well-capitalized actor,” Chainlink co-founder Sergery Nazarov said.

The real issue lies with poorly constructed smart contracts. In particular, many smaller projects rely on “in-house pricing oracles” that can lead to a discrepancy between asset prices within a dapp and the greater market, opening the opportunity to arbitrage opportunities.

In the worst cases, attackers can engineer this arbitrage opportunity by using flash loans, but the issue still lies with how a program deals with real-world, time-sensitive information.

This is important, especially as U.S., European and international watchdogs begin to notice DeFi. Including the amount of attacks, fraud and manipulation.

“When you are running [Defi] things on code and you are putting it out in the wild you are missing a step and you may want to test the code, audit the code, you may want to have some peer review of the code; to send it out live right away without those protections is risky those, the SEC’s Crypto Czar Valerie Szczepanik said at the Sept. 18 Parallel Summit.

As several instances have shown, audits are not enough to prevent these attacks, Quantstamp CEO Richard Ma told Foxley. “Understanding the products and the business logic is much more time-consuming and important than a straight-up code review,” Ma said.

Insurance is one potential fail-safe. But it will come down to teams building redundancies, checking and rechecking code, anticipating loopholes and securing their platforms.

Or else, as CipherTrace said in its report, “it is likely that DeFi will only continue to suffer from the consequences resulting from inadequate [anti money laundering protections] and security.”

UPDATE: (20 November 13:52 UTC): An earlier version of this article erroneously referred to XReg Consulting's Sian Jones as speaking on behalf of FATF. We have corrected the error and. added additional comment from FATF.