To Bring Greater Trust To DeFi, We Need To Be More Transparent With Auditing And Security
Source: Pixabay
By Hisham Khan, CEO and Founder of Aldrin, written for Visionary Financial

Hisham Khan comes from a decade-long background in managing and building robust and innovative financial and enterprise technology. With an extensive career at Bloomberg, Hisham has worked as a project manager with some of the world’s top engineers. It was here where he discovered the transformative impact of cryptocurrencies and has since left Bloomberg to build comprehensive trading tools through Aldrin. Built to be a trader’s all-inclusive digital trading companion, his mission is to make advanced crypto trading and strategy development accessible for all. 


As decentralized finance (DeFi) TVL hits $212 billion, the new realm of finance is garnering attention from regulators and the SEC, not for good reason. Leaders from renowned DeFi exchanges, from Uniswap and dYdX, recently jumped on video calls to inform and educate global financial regulators on the fast emerging world of this corner of finance. Regulators from the Commodity Futures Trading Commission and the Securities and Exchange Commission attended the calls which was hosted by the International Organization of Securities Commissions. 

The booming space has caught regulators by surprise, who are scrambling to identify appropriate ways to lay some ground rules and control the emerging space that has transformed the way we view finance. 

While some regulators are more open to the embracing of DeFi, which aims to reduce intermediaries and make the trading of modern finance more profitable and lucrative for all market participants, others are wary. 

DeFi Is Not Just About Lambos and Apes

DeFi hacks have continued to plague the space, and regulators have asked users to pay great attention to ensuring they protect their funds. But it’s not always possible. Decentralized finance relies on no third party, such as a bank or an authority. So it’s important that smart contracts and infrastructure mitigate risks for bugs and vulnerabilities.

There is an attitude that exists in the realm of DeFi, even by DeFi startup leaders, that this industry is “play at your own risk.” Just like regulators see crypto or stablecoins as “casino chips,” as do a lot of the traders choosing to participate in these platforms. 

But the core mission of decentralized finance is to help include more individuals in the world of wealth generation. DeFi holds immense potential for financial growth — there are tens of thousands of young millennials who are finally able to participate in more lucrative asset markets, like real estate, who have been given the option to participate because they were able to simply purchase cryptocurrencies over the internet rather than be blocked by gatekeepers through traditional stocks in an attempt to generate wealth.

Smart contracts in DeFi don’t discriminate. All traders are treated as fairly as each other, regardless of age, income level, or community. And for a lot of people in DeFi, there’s a lot at stake. Investing in finance for them is not about taking quick profits with the intention of buying a Lamborghini or a Bored Ape. For them, it’s about finding new opportunities to pay off their crippling student loan debt, or ensuring that their parents don’t lose their home as a consequence of bottomed interest rates and increased mortgages. 

For these DeFi traders, we owe it as leaders of companies to build better infrastructure and be more accountable to ensure we can mitigate the risks of financial losses. 

The Crux of DeFi: Hacks

Hacks are a pretty normalised event in the DeFi space, and we believe this is limiting the potential for greater DeFi adoption. For example, pNetwork just lost $12.7M in the latest Binance Smart Chain hack, as well as Uranium Finance – an AMM Uniswap clone losing $50 Million in an exploit, and Meerkat rug-pulled for $31 Million

Just in September, more than $12M of wrapped Bitcoin was stolen from DeFi protocol pNetwork due to a codebase vulnerability. The network, which supports Ethereum, XDAI, EOS, Polygon, Binance Smart Chain, Telos and Ultra, increased interoperability between different blockchains by making it possible for currency created on one blockchain to cross another through “wrapping”. 

$1,500,000 in bounty funds were offered to the black hat hacker. But what do we hope to achieve by offering a culprit nearly multi-millions of dollars for deciding to steal use funds? 

The issue with this mindset around “standard DeFi vulnerabilities” is that this could provide a greater incentive for hackers to exploit DeFi, because it’s essentially a win-win scenario. Hack the funds? Make cash and run away. Hack the funds and don’t run away? Make more than one million dollars for giving it back. 

According to CoinDesk, DeFi has accounted for over 75% of crypto hacks in 2021. This equates to $361 million, which is 2.7 times more than 2020 and makes up three-quarters of crypto hacks within just DeFi alone. 

After one of the biggest crypto hacks in history, the massive $600 million Poly Network hack, experts stated that the experts were able to exploit and issue in the cryptography, or coding, of the network. 

They also stated following the hack that “investors must be vigilant and cautious”. But whose responsibility is it to ensure that hacking can be better mitigated? 

In traditional finance, you are expected to never give your financial details or private information to anyone. Providing you ensure you protect that, if there is an unlikely chance that funds are hacked from your account, protected with robust infrastructure, you can easily file a report with your bank in most countries, and you are reimbursed. Banks are usually insured to ensure this. 

DeFi Auditing Should Be a Standard: It’s Time To Step Up

Hacks are not entirely preventable. And there may not be the most perfect solution to ensuring there’s no possible chance that users of either traditional finance or decentralized finance can prevent their money from being stolen. 

But the DeFi space currently has a bad reputation and lack of responsibility for doing our best to mitigate these risks and implement proper systems in place to prevent this. We need better systems put in place to ensure these scenarios don’t happen. It is the DeFi hacks that leave the SEC and other national regulators hesitant to integrate powerful decentralized financial technology. 

How can we prevent hacking? By implementing more audits. They are an essential part of a DeFi security stack. Projects that don’t have an audit often receive more skepticism — so there’s incentives for both traders and leaders to do them. 

We delayed our AMM launch by a few months so that we could get an audit complete. Did this mean we would have missed an opportunity to attract the liquidity which has been moving to Solana? Probably, yes. But we have a long-term view on the growth of DeFi, especially on Solana. 

We see teams launching projects before us, without audits. This simply puts the whole ecosystem at risk. If there is a vulnerability somewhere this can impact the whole Solana ecosystem and damage the growth we’re seeing and expect in the coming months. 

As DeFi infrastructure innovates, as should the auditing infrastructure that grows along with it. Developers and leaders must ensure that platforms can be safer for users and auditing processes are clear. 

We need to ensure that everyone within that ecosystem is confident that they are protecting all players at the party. This attitude will help improve the sophistication of DeFi, and allow us to see a faster rate of adoption as DeFi moves towards becoming integrated within international mainstream finance. It’s time we step up to the plate.

Notice: Information contained herein is not and should not be construed as an offer, solicitation, or recommendation to buy or sell securities. The information has been obtained from sources we believe to be reliable; however, no guarantee is made or implied with respect to its accuracy, timeliness, or completeness. Authors may own the cryptocurrency they discuss. The information and content are subject to change without notice. Visionary Financial and its affiliates do not provide investment, tax, legal, or accounting advice.

This material has been prepared for informational purposes only and is the opinion of the author, and is not intended to provide, and should not be relied on for, investment, tax, legal, accounting advice. You should consult your own investment, tax, legal, and accounting advisors before engaging in any transaction. All content published by Visionary Financial is not an endorsement whatsoever. Visionary Financial was not compensated to submit this opinion piece. Please also visit our Privacy policy; disclaimer; and terms and conditions page for further information.