Research

DeFi DemystiFied

The past, present and future of Decentralised Finance

By   Christopher Bendiksen & Matthew Kimmell 11th August 2021
Key Takeaways
  • Decentralised finance strives to replicate financial services that are traditionally offered by institutions and intermediaries, but within cryptocurrency platforms using open protocols and sets of collaborators.
  • While DeFi has shown the opportunity of building a more efficient, composable, and accessible financial ecosystem, it has also introduced new forms of risks less understood by the financial industry.
  • These risks, such as technology, centralisation and third-party dependencies originate from the design choices of developers when tooling their applications within certain blockchain systems.
  • At CoinShares Research we believe that the possibility of cohesive operations across modular financial applications is a promising development capable of disrupting traditionally siloed financial infrastructure; however, it is unclear both whether DeFi as it is currently structured will be this solution, and also how these developments may progress beyond their current infant stages.

Overview

If you’ve followed cryptocurrency over the last 6-12 months, it’s likely you’ve come across the term “DeFi” in relation to various cryptoassets and online applications. DeFi is short for decentralised finance, a newer term in the cryptocurrency industry (approx. 2018). The term doesn’t have a strict definition and more so describes what a class of projects is vying to achieve more so than what they currently may be.

Decentralised finance strives to replicate financial services that are traditionally offered by institutions and intermediaries, but within cryptocurrency platforms using open protocols and sets of collaborators. The overarching goal, in alignment with the origins of cryptocurrency, is to provide an alternative to legacy financial infrastructure that is more accessible, transparent and reduces trust in centralised parties.

Source: Dune Analytics (August 2021)

Over the last couple of years, DeFi usage has been explosive with millions of users now accessing various products across several different platforms. The rapid development and adoption of DeFi products has therefore unsurprisingly caught the attention of users, investors and regulators alike.


Background

Before diving in, it may be helpful to understand how the cryptocurrency ecosystem arrived at decentralised finance. As you probably know, Bitcoin was created to enable individuals to transact digital value directly with each other, without relying on any third party. And as promised, users can effectively hold, send, or receive bitcoin without the added friction of financial institutions and intermediaries (commercial banks, payment processors, etc).

While the Bitcoin protocol is suitable to perform the functions of money, its base layer doesn’t offer the flexibility to perform more elaborate financial transactions that are commonplace in the real world. This is a conscious design choice made to keep Bitcoin as simple and free of attack vectors as possible. Financial services can certainly be built using bitcoin as its unit of account, and Bitcoin as its settlement system, but they are not natively possible inside of the monetary settlement system itself.

Among others, the traditional system enables investors to access credit, fixed-income, and derivatives markets to manage their capital in more complex ways. This has raised a debate around how to best replicate such services while retaining the robust, decentralised, and trust minimised properties offered by Bitcoin.

Several solutions have been proposed: companies with bitcoin-native financial services such as Casa or Unchained Capital; supporting second-layer and side-chain technology such as Lightning or Liquid; and lastly alternative blockchains that make certain trade-offs against robustness, trust and decentralisation to enable increased functionalities, known broadly as ‘smart contracts’. These systems are therefore often referred to as smart contract platforms, prominent examples being Ethereum and Binance Smart Chain.

Today, DeFi predominantly relies on these smart contract platforms. Financial applications replicating traditional financial products are built upon alternative blockchains that offer more complex transaction scripting on their base layers, often enabling code of any complexity level to be executed directly on-chain. In this way, DeFi projects are designed to perform any financial transaction that can be translated into computer code (or the smart contracts) without the added friction of institutions and intermediaries, and without the innovation-hampering limitations of regulation.

In the next section, we’ll look into examples of how different applications are recreating spot exchange, lending/borrowing, derivatives, insurance, and more. However, as you explore DeFi, it’s important to consider that we’re dissecting projects that represent an entire sector of a broader crypto landscape. In this way, we see DeFi as a sector that may not be appropriately compared to Bitcoin (and many other classes of crypto protocols) as Bitcoin’s aim isn’t to decentralise financial services, but rather money itself.

DeFi can technically be built utilising any crypto asset, but innovation has tended to flow towards platforms with the lowest technical barriers to entry for developers, not necessarily those with the strongest or most robust underlying assets. The quintessential example of this is Ethereum, where protocol developers have prioritised ease of use in the scripting languages, causing a huge inflow of smart contract developers and bootstrapping the largest and most vibrant developer ecosystem of all smart contract platforms.


Examples of DeFi Products

As the DeFi ecosystem has grown, it’s become more and more of an umbrella term for projects that are attempting to solve different classes of problems. The remainder of this section will be spent unpacking what these applications aim to do, how they do it, and how they are aiming to disrupt different categories of finance.

Due to the impossibility of covering in detail each application, its underlying protocol, and any accompanying tokens within the scope of this paper, we will offer high-level overviews of functionality and purpose.

Source: Dune Analytics (August 2021)


Spot Exchange

Commonly referred to as Decentralised Exchanges (DEXs), these applications serve as automated marketplaces where peers can directly exchange between different assets. Their intended benefit is to mitigate the censorship, custody, accessibility, and trading pair issues that can arise from centralised exchanges.

Some of these issues are inherently resolved with infrastructural techniques common to cryptocurrencies. For example, DEXs integrate self-hosted wallets that enable exchange without storing funds with a separate entity, removing the possibility of censorship or access denial. And as they typically only require credentials in the form of a connected wallet, DEXs are available regardless of location. Lastly, these services often provide markets for longer-tail trading pairs as they are more community-driven, nimble, and don’t have the listing requirements or overhead of centralised institutions.


Automated Market Makers (AMMs)

A core concept of the DEX landscape is a practice called automated market-making (AMM). Rather than the traditional order book style trading experience, where users’ ‘bid’ and ‘ask’ orders are matched for execution, the most prevalent DEXs offer pools of assets through which users can directly trade.

In practice, anybody can provide liquidity by depositing assets to a pool—effectively the order book—and in return, depositors receive a tokenised claim that represents their redeemable share of the pool’s assets. The asset prices are dynamically calculated based on the ratio of the assets in the pool[1], and suitably, users can exchange between the assets as trading pairs, extracting one and depositing another.

Through exchange, trading fees will commonly accrue to the pool depositors providing liquidity. This generates a yield and an incentive to provide liquidity. However, the fees will often also be shared with a project treasury that subsidises the project’s various initiatives and development through a protocol-specific governance mechanism.

Examples: Uniswap, Balancer, Curve, SushiSwap, PancakeSwap, Bancor

Source: Dune Analytics (August 2021)


Order Book Exchanges

Order book exchanges have the most common look-and-feel to traditional trading venues, however, their infrastructure and mechanics vary considerably. Among one another, these DEXs are oftentimes distinguishable based on where they are hosted and how transactions are settled.

Order book exchanges established on-chain have proven to be challenging given the scalability conundrums of blockchain networks. Since these DEXs have the additional step of matching requested trades in an orderbook, users are oftentimes burdened with an additional settlement transaction of which may be costly, require waiting time, and lack the ability to be reversed (canceled).

Order books are also difficult to bootstrap. If a market is illiquid, users may find it difficult to find an order match or escape unfavorable spreads. As a result, much of the trading volume conducted in DeFi is concentrated in AMM systems, which do not require the complexities of order matching or order types beyond ‘market buy’, ‘market sell’.

For these reasons, order-book exchanges are either hosted on blockchains that are specifically designed to support high-frequency activities, or they operate off-chain through third-party intermediaries that incrementally settle to an underlying blockchain. Notably, both of these tactics introduce forms of centralisation as a trade-off to scalability.

Examples: 0x, Serum


Lending and Borrowing

Mostly driven by speculative traders, DeFi credit markets allow users to lend or borrow crypto assets through automated processes that do not require personal information.

In contrast to centralised institutions that determine creditworthiness through credit history, debt-to-income, job status, etc., these applications do not require identifying information. They are meant to democratise loan access and remove the need for third parties by relying solely on measures verifiable in written code. Thus, to provide protective assurances to a lender and create verifiable measures, two approaches have emerged:

  1. Credit can be secured with collateral, and oftentimes, projects require over-collateralisation, meaning users must post assets in excess of the value they seek to borrow. This is designed to protect lenders in the event of considerable price volatility or borrowers skipping interest payments. We’ll briefly cover the types of collateralised loan platforms below.
  2. Credit can also be lent under the condition that it will be repaid immediately, meaning the borrower receives a loan, uses and repays it within the same on-chain transaction. These transactions are engineered to encompass the strategy of a borrower within their execution logic, yet, crucially, the transaction will not complete (be considered valid) unless the borrower effectively returns the lender their entitled funds (including interest). This is called a flash loan[2], it’s undoubtedly novel, however, highly experimental and has led to several exploits in practice.[3]

Given their structure, today’s DeFi loans may be better compared to financial instruments like swaps than to traditional commercial, consumer or mortgage loans. Through their over-collateralisation requirements, these protocols can not fulfill the needs of those seeking to simply borrow money, yet they’re effective in making productive use of otherwise stagnant balance sheet assets. In other words, their main benefit is enabling investors to make use of and reap the returns of borrowed assets while maintaining market exposure to escrowed collateral, in exchange for a fee.


Collateralised Debt Positions

Collateralised debt positions (CDPs) are created when users lock assets and receive newly minted credit tokens in return. Essentially, these tokens represent secured loans that don’t require counterparty risk and enable users to receive a liquid asset while maintaining exposure to their pledged collateral. The process is carried out by a dedicated protocol and set of programs that escrow collateral until a debt is fully repaid or the value of collateral falls below a certain threshold.

While it may seem underwhelming, this system laid the foundation for cryptocurrencies as productive assets. Much of the DeFi system is underpinned by DAI, a dollar stablecoin issued as a result of CDPs. It’s commonly used across Ethereum applications to denominate trade and serve as collateral.

Examples: MakerDao

Source: Dune Analytics (August 2021)


Collateralised Debt Markets

Just as in decentralised exchanges, lending applications can be two-sided marketplaces where users are either depositing funds [to be lent] or applying to borrow [community-deposited funds].

Rather than CDPs where a new credit asset is created, collateralised debt markets loan existing crypto assets. While still facilitated by a protocol that requires full collateralisation, these loans originate from liquidity providers aiming to capture yield.

Lenders and borrowers are typically matched peer-to-peer or peer-to-pool.

Peer-to-peer matching operates similarly to OTC type arrangements where two parties can easily customise their terms, enabling fixed interest rates or specific durations. However, as these markets are relatively small, this approach may inconvenience those with higher time preferences seeking immediate processing.

Alternatively, peer-to-pool loans operate similarly to an AMM. Under this approach, lenders deposit credit assets into a common pool where borrowers can pledge collateral and directly borrow. While the approach is advantageous in that each party can immediately earn interest or receive funds, their terms are subject to variable interest rates that adjust based on supply and demand.

Out of the two, peer-to-pool applications have seen much greater volume compared to peer to peer loans in DeFi’s short history.

Peer-to-Peer examples: Dharma

Peer-to-Pool examples: Compound, Aave, Cream


Derivatives

In DeFi, several applications fall under the traditional definition of a derivative—a financial instrument whose value is derived from the value of an underlying asset or benchmark.


Synthetic Assets

Synthetic assets are designed to mimic the performance of an underlying reference price, tied either to a single asset, basket, or index. Some traditional examples of references include stocks, bonds, real estate, precious metals, or crypto assets. However, given the flexibility to reference virtually any measurable feed of data, some less familiar methods include pegging assets to the total value escrowed in a project or the number of downloads for a given app. Synthetic DeFi assets benefit users who want exposure to financial instruments that may be restricted to certain geographies, categories of investor, etc.

To track the performance of its underlying, the applications creating the synthetic assets require special data feeds called oracles, that provide the price, performance or index information from sources outside of the blockchain itself. This means that a predefined entity (or set of entities) is utilised to report data concerning the underlying asset to which a synthetic asset is pegged. Further discussed later on, these external data sources introduce dependencies and degrees of trust in third parties to maintain and properly report the requested data feed(s).

Furthermore, these projects typically require some form of collateral to mint each synthetic token. Which assets are approved as collateral, the collateralisation ratio, and the liquidation levels typically vary between each application.

Examples of synthetic asset platforms include Synthetix, UMA


Stablecoins

Stablecoins are a type of synthetic asset that aim to closely mimic the price of an underlying asset or basket. These tokens are worth mentioning separately as they’re typically pegged to fiat currencies (i.e. government currencies) and accumulate high volumes as a familiar medium of exchange and unit of account.

Source: CoinMetrics (August 2021)

A main benefit of stablecoins is mitigating the price volatility present in cryptocurrency markets. As you may expect, the majority of stablecoins are tied to USD, and the most popular DeFi spot and derivative markets utilise these “crypto-dollars” to denominate trading pairs or settle contracts.

Effectively a hybrid between cryptocurrencies and fiat currencies, stablecoins enable traders to gain or retain exposure to traditional currencies without needing to exit the crypto ecosystem. Riding on crypto rails, stablecoins can be transferred in a matter of hours, without the need for KYC and without needing to involve the banking system. This has made them highly popular among cross-exchange arbitrage traders and among citizens suffering under capital controls.

It’s worth mentioning that the topic of stablecoins has immense depth as there are many different types and issuing entities. For example, China (among other countries) has been keen to launch a central bank digital currency[4] (known as a CBDC), the original proposal for Facebook’s Libra project aimed to create an SDR-type basket[5], and Tether has been releasing crypto dollars since 2014[6]. Further, the previously mentioned stablecoins are all centrally issued by a central bank or private company, however, many DeFi projects aim to create algorithmic stablecoins that maintain a peg through protocol functions rather than centralised means. These assets are growing in volume and their future is a hotly debated topic.

Source: CoinMetrics (August 2021)

Examples of stablecoins include: USDT, DAI, USDC, TUSD


Futures/Options Contracts

Futures, forwards, options, and swaps are all familiar derivatives in traditional markets. While this area of DeFi is relatively underutilised compared to others, crypto exchanges have started offering the ability to hedge and speculate with these instruments.

The most notable of these trading products is a special type of futures contract called a perpetual contract. Pioneered by the BitMEX exchange, perpetual contracts operate differently than traditional contracts. Rather than a traditional futures or swap contract where two parties agree to buy, sell or swap an underlying asset upon or until a predetermined date, perpetual contracts do not come with an expiry. Instead, the contract is permanent where the underlying is never delivered and traders pay fees to maintain their position.

However, in order to aspire to the ‘DeFi’ moniker, many of today’s perpetual contracts are hosted outside of centralised exchanges. These exchanges tend to operate using a mixture of techniques deployed in DeFi’s spot and synthetic asset markets.

Examples of non-custodial futures/options exchanges include Hegic, Perpetual Protocol, dYdX, and OPYN.


Event-Based Assets

Event-based tokens are generally issued in prediction markets where observable events have unique tokens that correspond to a range of potential outcomes. Each token is tied to a specific outcome, and the proper result is conferred according to an agreed-upon arbitration source at a predetermined time. As speculators allocate capital to a potential outcome, they are effectively betting on an identifiable result at some point in the future. The ratio of long and short interest determines the payout of the contract, effectively generating a crowd-sourced implied outcome probability.

Once the event has occurred, the agreed-upon source will signal which outcome was correct. At this time, all the crypto assets dedicated to this event will be distributed proportionally to the speculators that invested in the correct outcome.

For example, an event may be the result of a football game between Manchester United and Manchester City after 90 minutes of standard time. In this event, there are three possible outcomes: ManU wins, ManCity wins, or a tie. With this, a reasonable arbitrator may be the English Premier League (EPL) website and a reasonable observation time may be midnight on game day. Once midnight strikes and there’s a check on the EPL website, the allocated capital will be split among those who own the unique tokens that represent the winning outcome.

Example of prediction market: Augur, Gnosis


Insurance

Insurance in DeFi is a way for traders to hedge against technology risk. It’s a way to reduce dependency on audits from a community of developers or firms that may lack credibility.

The most prevalent insurance protocol, Nexus Mutual, is established as a mutual in the UK and enables users to take out coverage on specific Ethereum applications. Essentially, insurance claims are paid at the discretion of certain members who choose to serve as claims assessors. These members serve to look at on-chain transactions and review events through the blockchain as a verifiable data source.

While this isn’t necessarily a popular part of the DeFi ecosystem, it may become increasingly important as the risks of these projects come to fruition. To date, many exploits[7] have already occurred in DeFi applications, most notably bZk (~ $90k) and Yearn Finance (~ $2mm).

Examples: NXM, Armor


Asset Management

Asset management is a way for investors to gain exposure to baskets of assets and various active strategies without having to individually manage their exposure. Within crypto platforms, this practice is typically automated with preset rules rather than controlled by custodians and asset managers.

These tokenised funds enable users to conveniently target different sectors or employ simple strategies such as auto rebalancing, arbitrage trading, or yield capture. Strategies maintained by these funds execute as written in code, and may be sourced by a widespread community, select manager(s), or casual laymen.

By automating their operations, these funds may reduce regulatory and fiduciary pressures as anyone can transparently identify fund activities in code. Further, some may reduce participating investors’ fees as they have limited audit, setup, and overhead costs.

When investors allocate capital to an on-chain fund, they receive newly issued tokens in return, each representing an entitlement claim to a portion of the value of the assets owned by the fund. Based on the application, the redemption of each claim token may be represented by the weighted constituents of a fund’s assets or the cash-equivalent (likely in ETH).

Examples of on-chain asset management: Set Protocol, Yearn Finance, Enzyme Finance



Major DeFi Opportunities


Efficiency

While much of the traditional financial services industry has evolved from analog to digital processes, creating major efficiency gains in the process, DeFi has the potential to increase efficiency even further through full automation.

DeFi transactions are typically triggered without much, if any, manual participation, where software programs take on the role of intermediaries (custodians, advisors, trustees, etc.) and approve each step along a transaction's execution process. This removes friction, and provides clear and verifiable guidelines to whether a transaction will be valid. As a byproduct of this automation, transactions are executed without traditional forms of counterparty risk, where party A and party B require little trust in each other but rather disproportionately more in the code that enforces their financial agreement—code which they can both transparently and independently audit.

Automating financial agreements grants the opportunity to not just increase the speed in which transactions are processed, but also reduce their cost. While cryptocurrency networks require fees to settle these agreements, the cost of such fees may be less than paying multiple intermediaries for their services.

Native cryptocurrency advancements (such as second-layer and sidechain networks[8]) have the ability to further increase speed and decrease cost at the expense of final settlement. Adding to that, the reduced amount of regulatory and compliance pressures surrounding the DeFi space—while potentially short-lived—shields developer teams from the time consuming and costly requirements bestowed on traditional mediums, the result of which during the last few years has been an explosion of product innovation.


Composability[9]

As mentioned earlier, most DeFi projects are protocols that strive to replicate financial services inside of blockchain platforms. Since many of these projects are built upon the same platforms, and therefore share the same underlying settlement system, it allows coordination and engineering of automated financial services involving multiple levels of execution.

This dynamic is core to many advocates' theory that DeFi applications are ‘monetary lego blocks’ that can be freely and creatively combined with others, serving as building blocks for a new online economy. To better understand this concept, consider the previously mentioned ‘flash loan’, a single transaction that borrows and pays back cryptocurrency through several conditional steps of execution.

These flash loan transactions engrain a strategy that involves several DeFi platforms. For example, a simple strategy may be to arbitrage between multiple Ethereum DEXs. Say there’s a token “A” that has a lower price on Uniswap than on competing platform Sushiswap. You could receive a loan from one application, buy up token A on Uniswap, sell it on Sushiswap, pay back the loan, and profit the remaining margin -- all in a single transaction. Critically, your access to capital and the validity of this transaction is dependent on the ability to pay back the loan.

Flash loans are only possible because different DeFi applications can communicate among each other inside of the same blockchain platform, and transactions carry the fundamental ability to be programmed and verified.


Accessibility

Generally, DeFi applications are open to anyone with access to a connectable wallet. In many cases, this is as simple as having a mobile phone and internet connection.

The lack of identifying information traceable through a wallet greatly reduces the risk of discrimination or censorship. This aspect effectively safeguards equal opportunity across income classes, religion, birthplace, gender, race, etc. In a best case scenario, DeFi applications could deliver financial services to much of the unbanked population. The World Bank, in a 2017 report, estimated that two-thirds of unbanked adults have mobile phones[10], a popular and useful device to host a wallet.


Transparency

Typically, DeFi protocols are written as open-source software, meaning the programmed rulesets by which applications operate are open to public scrutiny. Each participating member along with any interested outside parties can transparently audit how each service works ‘under the hood’. Further, these applications typically settle transactions to public blockchain systems (Ethereum, Binance Smart Chain, Solana, etc.), where users can verify which transactions are processed and finalised. Where much of the digital world is built on ‘black box’ algorithms of major tech companies, DeFi aspires to be a segment where innovation is more transparent and tractable.


Major DeFi Risks


Technology

Built upon blockchain systems designed for flexibility, much of the DeFi sector is the result of creative engineering with relatively new technologies. As a result, users should expect that these applications are unlikely to be bullet proof.

The ability to create such applications is the result of more programmatic freedoms provided to developers within a crypto protocol. While this has enabled many of the complex financial transactions available in conventional systems, more freedom to developers also introduces greater risk for coding error or otherwise unexpected application behaviour. The effect of errors range from simply reducing functionality to completely dissolving a project, meaning that a DeFi project is only as secure as the code that operates it.

While composability (mentioned formerly as an opportunity) benefits transactions that require multiple levels of execution across many applications, it also introduces greater dependencies. Throughout each step of execution, there exists a program(s) that is required to function and be maintained securely. As the number of executional steps increases, so does the potential for vulnerabilities, increasing the risk of unintended or undesirable outcomes.

Just as the dependencies across applications introduces technology risk, so does the dependency upon an underlying blockchain system. Given these DeFi services are built within cryptocurrency platforms (such as Ethereum, Binance Smart Chain, Solana, etc.), each transaction submitted to these platforms must undergo a settlement process before being finalised into a blockchain. As a result, any issues that relate to an underlying settlement system will have a negative impact on the DeFi services that typically benefit from such settlement systems. In other words, if the underlying blockchain breaks, so do all the applications riding on it.

This means that users participating in DeFi applications are not just introduced to the technology risk of a particular application, but also to the risk of each application their transaction touches, and to the blockchain platform on which it settles.


Centralisation

While it may seem counterintuitive, applications in the ‘decentralised finance’ sector oftentimes suffer from centralisation risk. Rather than a binary measure, decentralisation is better understood on a spectrum, whereby some applications are more or less decentralised than others. Those applications labeled in the DeFi sector span a wide range of that spectrum, and the risks reveal themselves on operational as well as governance levels.[11]

Most blockchain systems designed for the type of complex financial transactions necessary for DeFi applications do so with persistent and automated contracts. These contracts are programmed by developers and called upon by users to perform certain functions and output transactions. While each underlying blockchain system is different, many are designed such that the contracts within an application may be modified by developers to achieve evolving functionality and/or project goals.

To enable this, DeFi applications often endow admin keys that enable a group of individuals (likely the founding members/developers) to alter parts of the operating code or perform emergency shutoffs.[12] The existence of such keys create a bit of a double-edged sword, where they may simultaneously be used to fix outstanding vulnerabilities, but also to drain users’ funds. It’s worth noting that many projects have one (or several) keys shared among many stakeholders, where a threshold of participants must cooperate to enact change.

While precautionary techniques such as these may mitigate technology risk, if these keys are identified by malicious actors or aren’t properly stored, there could be catastrophic consequences. If the stakeholders are publicly known, one can also envision scenarios whereby authorities locate and then proceed to pressure or threaten these individuals to comply with whatever actions they would like to be effected.

Another common method to enact change in DeFi is via community voting systems called Decentralised Autonomous Organisations (DAOs). These automated governance mechanisms enable users to cast votes based on the amount of tokens they hold. While this approach generally aims to provide users with a means to advocate for certain project initiatives, it may also introduce plutocratic risk by concentrating voting power to the most wealthy within each community.


Dependencies

While the dependencies described above are agnostic across all DeFi projects, other dependencies may arise due to specific mechanics of each protocol. This may simply be the use of external data sources (oracles) that determine exchange rates, but also more unsettling methods such as rehypothecated collateral. Nonetheless, the methodology of DeFi projects may introduce unparalleled idiosyncratic risk.

In the example of external data sources, it’s worth understanding the counterparty risk of the reporting entity. The data provided to a certain application may be ushered in by a malicious actor with misleading or incomplete information. In these scenarios, what is the proper recourse or resolution? While these mechanics are typically outlined in mainstay DeFi projects, each approach may introduce different categories of risk.


Scams

The majority of projects within the DeFi sector are open-source, meaning they are infinitely and trivially copyable. In some cases, this has led dishonest actors, and specifically dishonest developers, to deceive investors into unstable or insecure investments.[13]

While the cryptocurrency industry as a whole has greatly minimised illicit activity over recent years (representing just 2.1% of transaction volume in 2019), scams account for 54% of illicit activity at a total annual figure of $2.6 bn.[14] Illicit activity had been falling since the 2017 ICO craze where journalists estimated 80%[15] of projects were scams. Unfortunately, these scam numbers may be on the rise again: crypto thefts, hacks, and frauds at the time of writing (August 2021) have totaled $1.29 bn, of which 85% were DeFi-related crimes.[16]

Of this total, $972 mm (88%) are reported as performed by outside hackers and the remaining $133 mm (12%) as “rug pulls”, a destructive maneuver where mostly anonymous founders of a DeFi project abandon it and exit with investors’ deposits.

In August 2021, the largest DeFi exploit to date occurred draining $611 mm from cross-chain protocol Poly Network. The protocol was designed to act as a bridge between multiple blockchain networks, and as a result, assets on Ethereum ($273mm), Binance Smart Chain ($253 mm) and Polygon Network ($85 mm) were all affected.[17]


Regulation

The guidelines by which DeFi applications may operate are largely ambiguous in many jurisdictions, meaning that unfavorable laws and compliance mandates may emerge, potentially weakening or permanently shutting down certain projects within the DeFi sector.

While increasing levels of decentralisation within each individual project imparts increasing levels of protection from undesired and unfavorable intervention by authorities, the structures of many DeFi projects (as discussed above) are such that they are realistically quite vulnerable to regulation by a motivated authority.[18]


--

Sources

[1] For more on this: https://medium.com/bollinger-investment-group/constant-function-market-makers-defis-zero-to-one-innovation-968f77022159

[2] For an example of a flash loan transaction, visit the ‘Major DeFi Opportunities’ section, under the ‘Composability’ subheading

[3] https://www.coindesk.com/everything-you-ever-wanted-to-know-about-the-defi-flash-loan-attack

[4] https://www.reuters.com/article/us-cenbanks-digital-china-rules/china-proposes-global-rules-for-central-bank-digital-currencies-idUSKBN2BH1TA

[5] https://www.coindesk.com/facebook-reveals-libra-cryptos-currency-basket-breakdown-report

[6] https://en.wikipedia.org/wiki/Tether_(cryptocurrency)

[7] https://www.rekt.news/

[8] https://knowledgebytes.coinshares.com/types-of-scaling-solutions

[9] It’s worth mentioning that composability has enabled services built on top of DeFi protocols that perform aggregation functions. An example is an asset management strategy where a protocol designed to aggregate yield will automatically and dynamically deploy investor-deposited assets to varying DeFi applications, earning tokens and fees. Another notable example is price aggregation, which searches and combines pricing info across DEXs to optimise users’ trade.

[10] https://globalfindex.worldbank.org/sites/globalfindex/files/chapters/2017%20Findex%20full%20report_chapter2.pdf

[11] https://survivingdefi.substack.com/p/the-trustlessness-of-defis-top-10

[12] https://cointelegraph.com/news/how-many-defi-projects-still-have-god-mode-admin-keys-more-than-you-think

[13] https://www.politico.com/news/2021/07/24/shadow-financial-market-spooks-regulators-500696

[14] https://go.chainalysis.com/2021-Crypto-Crime-Report.html

[15] https://cointelegraph.com/news/new-study-says-80-percent-of-icos-conducted-in-2017-were-scams

[16] https://ciphertrace.com/?resources=cryptocurrency-crime-and-anti-money-laundering-report-august-2021

[17] https://www.theblockcrypto.com/post/114045/at-least-611-million-stolen-in-massive-cross-chain-hack

[18] SEC Chair Gensler’s remarks before the Aspen Security Forum, August 3, 2021, https://www.sec.gov/news/public-statement/gensler-aspen-security-forum-2021-08-03


Additional sources


Disclosure

The information contained in this document is for general information only. Nothing in this document should be interpreted as constituting an offer of (or any solicitation in connection with) any investment products or services by any member of the CoinShares Group where it may be illegal to do so. Access to any investment products or services of the CoinShares Group is in all cases subject to the applicable laws and regulations relating thereto.

This document is directed at professional and institutional investors. Investments may go up or down in value and you may lose some or all of the amount invested. Past performance is not necessarily a guide to future performance. This document contains historical data. Historical performance is not an indication of future performance and investments may go up and down in value. You cannot invest directly in an index. Fees and expenses have not been included.

Although produced with reasonable care and skill, no representation should be taken as having been given that this document is an exhaustive analysis of all of the considerations which its subject-matter may give rise to.This document fairly represents the opinions and sentiments of CoinShares, as at the date of its issuance but it should be noted that such opinions and sentiments may be revised from time to time, for example in light of experience and further developments, and this document may not necessarily be updated to reflect the same.

The information presented in this document has been developed internally and / or obtained from sources believed to be reliable; however, CoinShares does not guarantee the accuracy, adequacy or completeness of such information. Predictions, opinions and other information contained in this document are subject to change continually and without notice of any kind and may no longer be true after the date indicated. Third party data providers make no warranties or representation of any kind in relation to the use of any of their data in this document. CoinShares does not accept any liability whatsoever for any direct, indirect or consequential loss arising from any use of this document or its contents.

Any forward-looking statements speak only as of the date they are made, and CoinShares assumes no duty to, and does not undertake, to update forward-looking statements. Forward-looking statements are subject to numerous assumptions, risks and uncertainties, which change over time. Nothing within this document constitutes (or should be construed as being) investment, legal, tax or other advice. This document should not be used as the basis for any investment decision(s) which a reader thereof may be considering. Any potential investor in digital assets, even if experienced and affluent, is strongly recommended to seek independent financial advice upon the merits of the same in the context of their own unique circumstances.

CoinShares Capital Markets (UK) Limited is an appointed representative of Strata Global Ltd. which is authorised and regulated by the Financial Conduct Authority (FRN 563834).The address of CoinShares Capital Markets (UK) Limited is Octagon Point, 5 Cheapside, St. Paul’s, London, EC2V 6AA.

The CoinShares Astronaut is a trademark and service mark of CoinShares (Holdings) Limited.

Newsletter

Sign up for our monthly newsletter

Subscribe

Our latest insights & research. Never spam.