What we’ve noticed: The decentralized finance (DeFi) sector of the crypto ecosystem offers exciting opportunities for early adopters. But the newness of the space and relative inexperience of the investors has provided bad actors with a new playground for widespread scamming and theft, according to a report on 2021 crypto crime trends by Chainalysis. And regulators are taking notice of DeFi’s inherent problems.
What’s DeFi? A thriving segment of the crypto sector, DeFi seeks to revolutionize financial services using blockchain-based software instead of centralized intermediaries. This enables crypto-denominated lending outside of traditional banks.
Investors facing historically low or sub-zero interest rates have been drawn to DeFi by the promise of high returns on savings and the hype over successful decentralized tokens like Shiba Inu. Consequently, DeFi transaction volume grew 912% in 2021, per Chainalysis.
Today, the DeFi market has more than $96 billion in total value locked, DeFi pulse data showed—expanding more than 600% since October 2020.
Data dive: As DeFi grows, so too does its issues with stolen funds, according to Chainalysis and the blockchain forensics company CipherTrace (now owned by Mastercard)—which both hold some of the largest datasets on crypto-crime and blockchain metadata in the world.
- Since 2020, users have lost over $12 billion through crime within DeFi apps, lending platforms, and exchanges, with the vast majority, $10.5 billion, lost coming in 2021 alone, according to a report from London-based blockchain analytics firm Elliptic.
- In 2020, just under $162 million worth of crypto was stolen from DeFi platforms, which was 31% of the year’s total amount stolen. That was a 335% increase from DeFi theft in 2019. In 2021, that figure rose another 1,330%, per Chainanalysis.
- DeFi scams are increasing in number and they have shorter lives. The average scam ran for 70 days in 2021, Chainalysis found, versus 192 days in 2020.
- Acting US Comptroller of the Currency Michael Hsu told The Blockchain Association in late September that the crypto and DeFi “fool’s gold rush” reminded him of the prelude to the 2008 financial crisis. Hsu warned: “Crypto and DeFi today are on a path that looks similar to [credit default swaps] in the early 2000s.”
What are the risks? DeFi’s greatest strength is also its greatest weakness: The ethos of decentralization that makes it so dynamic also allows for scamming and theft. As David Carlisle, director of policy and regulatory affairs at Elliptic, told CNBC: “How do you apply regulatory standards designed for centralized intermediaries to marketplaces where there’s no clear centralization?”
Major DeFi platforms say they bolster security by doing things like hiring external firms to audit code for vulnerabilities and maintaining keys and passwords needed to access user wallets in secure environments. But critics’ main concern is that the DeFi market eliminates third-party control of users’ assets—the same third parties that, in traditional finance, help spot and stop scams.
- Instead of a service provider taking custody of your funds to provide financial services, they’re held by a smart contract.
- Cryptocurrency transactions and DeFi platforms are “trustless”—meaning the two parties in a trade don’t have to know or trust each other or rely on a trusted third party like a bank or broker. Insead, they rely on the “immutable, permanent, and unchangeable” blockchain.
- Many DeFi exchanges are governed by protocols that require a majority vote by unknown token holders—which means it can take a week or more to update the protocol. This is a problem when an exploit is letting hackers drain funds and nobody can fix the bug fix until it’s over. It also means there’s no personal accountability—and often no way to block even known scammers, per PYMNTS.
%20scale(0.100000,-0.100000)%22%0A%20%20fill=%22%23000000%22%20stroke=%22none%22%3E%0A%20%20%3C/g%3E%0A%3C/svg%3E%0A)
