It may sound obvious, but a little self-analysis can go a long way toward protecting DeFi protocols from trouble. Especially when the results are shared with users.
Protocols that skip a publicly published audit are far more likely to experience failure, according to new research from Exponential, a startup developing Moody’s-like risk ratings in DeFi.
“Despite DeFi’s promise of open, composable finance, its rapid pace of innovation often exposes hidden vulnerabilities,” says Exponential.
DeFi audits, which examine the vulnerabilities in a protocol’s platform and blockchain operations, have been pretty spotty for years.
When Exponential tested protocols, it found there was a 68% greater chance of negative events such as hacks in DeFi protocols that chose not to conduct a published audit.
“In our backtest, the majority of protocols that resulted in actual user losses shared one trait: they were unaudited,” lead researcher David Kuang told DL News.
Exponential highlighted a few case studies, including Sonne, a lending protocol that launched without an audit and was later exploited for $20 million.
And, of course, Ronin Bridge was taken for $624 million after launching audit-free.
The firm also highlighted other major factors contributing to the likelihood of an exploit.
They included a lack of multi-signature wallets, which require more than one approval before transactions can be executed, as well as exposure to “reflexive” assets like algorithmic stablecoins, as in the case of Terra.
Exponential pointed out that without a reliable way to assess risk in DeFi, investors are left to fend for themselves in a chaotic and opaque market.
Exponential conducted the research with DL News’ sister company, DL Research.
Andrew Flanagan is a markets correspondent for DL News. Have a tip? Reach out to [email protected].
