DeFi security risks still exist, urgently needing to return to the essence of Blockchain Decentralization.

robot
Abstract generation in progress

Decentralized Finance security issues still need to be taken seriously

The security risks in the DeFi space still exist. Although experts have conducted extensive analyses of the risks in the Decentralized Finance ecosystem, developers seem to still not pay enough attention. In an environment where the market continues to thrive and the scale of locked assets keeps rising, people seem to have forgotten the crises lurking beneath the facade of prosperity.

Well-known Decentralized Finance protocol attacked

At the beginning of 2021, a former DeFi star project suffered a flash loan attack. According to analysis by security agencies, the attacker implemented the attack through the following steps:

  1. Obtain a large amount of ETH flash loans from lending platforms
  2. Use borrowed ETH to lend out DAI and USDC on another platform.
  3. Deposit most of the funds into a certain stablecoin liquidity pool to control the majority of the liquidity in the pool.
  4. By withdrawing part of the USDT, it causes an imbalance in the pool, leading to the depreciation of DAI.
  5. Deposit the remaining DAI into the target strategy pool and trigger the earn function.
  6. Restore the balance of proportions in the pool
  7. Trigger the withdraw function to profit from the proportion difference.
  8. Repeat the above steps multiple times

The attack resulted in losses of up to tens of millions of dollars for the DeFi protocol.

The root of the problem lies in the fragile pricing mechanism

The core issue exposed by this attack is that certain Decentralized Finance protocols have adopted price mechanisms that are susceptible to manipulation. Influencing prices by controlling the shares in the liquidity pool is a typical method of price manipulation.

We can compare various DeFi protocols to different "countries", each with its own rules. Astute "merchants" look for loopholes between the rules to profit. This behavior is essentially difficult to blame, as the mechanisms of the protocols themselves expose weaknesses that can be exploited.

It is very important to return to the essence of blockchain

Currently, many DeFi developers are overly focused on speed and efficiency, neglecting the essence of blockchain. The Bitcoin network ensures security by having all nodes collectively verify transactions, sacrificing some efficiency but providing an excellent solution in terms of trustworthiness.

If the price mechanism relies solely on a few "trusted" nodes or simple liquidity shares, and cannot be effectively verified by all participants, then this price lacks a true consensus basis. This is contrary to the essence of blockchain decentralization and consensus verification.

Decentralization is the foundation of security

A truly secure pricing mechanism should be permissionless and verifiable by anyone. As the number of participants grows, the quality of the price will also improve accordingly. This on-chain price generated from a multi-party non-cooperative game is the security foundation that DeFi protocols should pursue.

Adhering to the decentralized essence of blockchain is key to the healthy development of the industry. Only by returning to its original intention can the DeFi ecosystem build a truly solid security barrier.

DEFI-1.43%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 6
  • Share
Comment
0/400
SmartContractWorkervip
· 07-09 15:25
To be honest, I really don't know how to solve this.
View OriginalReply0
SillyWhalevip
· 07-08 01:47
Isn't anyone going to take care of this?
View OriginalReply0
SatoshiNotNakamotovip
· 07-07 06:56
In this day and age, you can't fully trust what the project party says.
View OriginalReply0
SquidTeachervip
· 07-07 05:24
Is another Rug Pull coming?
View OriginalReply0
NFTRegretfulvip
· 07-07 05:15
What are you talking about? The pits that were dug in the early stage haven't been filled yet.
View OriginalReply0
PumpAnalystvip
· 07-07 05:12
I told you to withdraw your funds earlier. It was right to be bearish.
View OriginalReply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)