Decentralized finance has become the fastest growing sector in the blockchain industry. Today there are more than 200 projects operating with a wide range of decentralized financial products and services. This number continues to grow every day with the launch of new projects linked to DeFi.
The most telling number of this rapid growth is the staggering amount of funds held in DeFi, which recently crossed the $ 7 billion threshold. The problem is that increased growth leads to higher risks. As DeFi continues to grow at a rapid pace, this thriving industry will face significant growth challenges unless proactive is taken, especially when it comes to security.
Instead of focusing on securing the basic infrastructure for these products and protocols, projects are focusing on getting the DeFi product to market as quickly as possible. Instead of launching more DeFi products, we should focus on addressing the security issues that still interfere with current protocols. We’ve already seen examples of what happens when teams crowd out products too quickly that aren’t properly processed.
Over the past year, we’ve seen hackers reveal vulnerabilities in DeFi’s products through price flows, Oracle manipulation, ERC-777 vulnerabilities, and smart contract errors. In February, bZx lost nearly $ 1 million in two separate incidents: instant credit attacks and Oracle attacks.
In April, a hacker lost $ 25 million to DeFi dForce in re-attack with the fake protection. In June, automated market maker DeFi Protocol Balancer lost $ 500,000 in a hack to block smart contract from holding users who took advantage of the programmed burn. In hindsight, there was a year 2020 for all of these hacks, when projects responded to the hack by saying that they would come back and update the code to prevent something like this from happening again in the future.
These hacks will continue to push DeFi away as the loss of user money reduces the credibility of DeFi’s products and the sector as a whole. However, it is clear that DeFi has problems with growth when most projects are built on Ethereum – the blockchain with its own growth issues.
Security is one area that Ethereum developers have focused on with the upcoming upgrade to Ethereum 2.0. This is evidenced by the creation of two Ethereum 2.0 attack networks that provide an automated environment to ensure the potential operation of the Ethereum home network smoothly. Even a blockchain like Ethereum, which has been around for five years, continues to improve protocol fundamentals like security and scalability. If the protocol is weak, the DeFi products built on top of it will have the same vulnerabilities.
To reduce hiccups, DeFi projects can take proactive steps. It is important for the enterprise to constantly check the code and, in fact, to “hack yourself” regularly. Projects must partner with third parties to conduct security code assessments and penetration tests. This process may take time and several code reviews to identify all potential risks. Therefore, the most important way to deal with security flaws is to allow the product to mature before it opens up to the wider range. While it is very important and tempting to try to be the first to market a product, it is extremely important to create a product with a technically sound foundation.