A recent report from Cer Live, a cryptocurrency exchange platform, found that 14 of the top 25 decentralized exchanges, or DEXs, scored low in terms of cybersecurity.
The report addresses a number of unique challenges faced by most DEXs, including the introduction of fake codes, slippage rates, delays in transaction confirmation, and lack of data on listed trading pairs. They also checked to see if each exchange passed a security audit, provided files to incentivize general error detection, provided adequate and comprehensive security, and more.
The rating is then assigned a score from 1 to 10 based on the overall security for each room. The CER believes that any score above 8 should be rated “high”. Results from 6 to 8 are considered “good”, and less than 6 is considered “low” and therefore “uncertain”. Of the 25 centers analyzed, only two of the reported DEXs had a “high” safety score: Uniswap and Syntetyx.
CER encouraged low-performing exchanges to practice auditing and reported that many of them were unable to reconsider their proposals following recent code additions. Points have been reduced for any exchange deemed obsolete. Other exchanges did not conduct a public audit at all:
6 exchanges (24%) failed to conduct a security audit or did not publicly announce their audit. It should be noted that an unaudited exchange cannot be considered secure. ”
Some of the 25 exchanges hired individual researchers to conduct audits rather than specialist firms, a practice the report’s authors discourage. When they noted the astounding growth of DeFi in recent months, researchers concluded that DEX users are generally more vulnerable to fraud than hacking:
“While there have been no major hacks on decentralized exchanges compared to centralized platforms, DEX users are actually more vulnerable to false attacks.”
In a CER report, it was decided that 92% of the top 25 DEXs should place more emphasis on security. They encouraged these exchanges to follow industry best practices in the future to provide a secure trading environment for users.