DeFi has been driving a lot of the news, social media and market activity in 2020, with a number of Ethereum-based decentralized exchange and lending protocols gaining significant traction. One of the top memes here was yield farming, finding ways to deploy capital assets in a way which would generate attractive yields - often involving stringing a number of different protocol transactions together (composability).
The Defi Pulse site is good for getting a quick sense of what’s hot in the DeFi space, with “total value locked”, the capital deployed with a platform, taken as a key measure of success. DeFi markets are driven by people “locking” an asset that has value in a way that allows them to derive a yield from it. The key assets being locked are ETH (as Maker DAI stablecoin), Bitcoin (as WBTC, renBTC) and other Ethereum-based tokens. The tokens issued on the basis of this collateral are the fuel which powers the DeFi ecosystem.
The process of locking a crypto-asset to obtain something is not risk-free, and each of these services presents a different kind of risk. These warrant a mention, because the stablecoins and wrapped assets are also foundational for the rest of DeFi. Most of the methods involve relying on some centralized custodian to perform minting/burning functions and track the balances, like Tether (backed by a company), WBTC (backed by a consortium of companies), renBTC (backed by a multi-sig). In these cases the assets are as secure or robust as the backing entity, and most of them have ways in which transactions and balances can be selectively censored/nullified.
MakerDAO and the DAI asset take a different approach which aims to be more decentralized by removing the centralized custody of assets from the equation. Instead, collateral (initially ETH, now any of a basket of Ethereum-based tokens) is locked up in an on chain transaction, allowing a certain amount of DAI to be minted. The rate at which the DAI is backed, and associated fees, can be controlled by Maker token holders through executive votes to approve changes to the protocol. Rate changes offer certain levers that can be pulled to try and encourage the DAI price to behave as desired (stability at 1 DAI = 1 USD), but this cannot be forced by the system. There have also been issues where the system behaved in unexpected and problematic ways while under strain, such as the “Black Thursday“1 event in March 2020 when $8.3 million of collateralized ETH was “sold” for nothing in auctions that didn’t have any bids, leading to losses for some users which are still being litigated 2 after MKR holders voted 3 to not compensate these users.
Maker’s DAI has a very different risk profile to the centralized stable-assets, it lacks some of the failure modes of older assets like Tether, but as with any system that derives strength from decentralization, it’s important to ask how decentralized Maker’s governance is. Key factors here are relatively concentrated MKR balances, such that relatively few people are needed to form a majority of voting power, and votes typically have around 40 participants total. There are also major roles for the Maker Foundation and a risk team, who prepare the proposals that MKR holders will approve. Originally Maker Foundation members had an executive shutdown key which could be used to halt the system and liquidate collateral, should something go catastrophically wrong. This has been disabled, and triggering the emergency shutdown now requires 50,000 MKR to be deposited to a contract address.
Although the absolute number of participants is not large, the Maker DAO members are making extensive use of the polling and executive votes - 355 polls have been completed and many executive votes (mostly adjusting fees) in the ~15 months since it was adopted in August 2019. The executive votes run continuously, and are constructed by the risk team, which itself has polling proposals to establish support for its actions. This is at least an impressively comprehensive record of the actions taken in the governance of DAI.
MakerDAO is taking on challenges which are non-trivial to address, the system has exhibited some undesired behavior but it is probably the most or only decentralized stablecoin and has been widely adopted within the Ethereum ecosystem. This is a great success for Maker, and establishes it as important within the ecosystem, which should give it some clout in Ethereum’s governance.
Yield Farming Mania
The point at which I personally realized I could no longer ignore DeFi was when YAM appeared 4 on the scene and became wildly popular (and profitable) for a brief few days, before turning into the subject of a successful last-ditch community mobilization effort, which then failed because of a second unforeseen critical issue. I found it funny, and also intriguing, that something which was billed as a “governance token” could acquire so much (notional) value so quickly, despite being so bad at what it was aiming to do - the system was set up so that all the funding would become un-spendable within days, the dev fund turning into a black hole that swallowed the whole project.5 All of this happened within the space of about 3 days. Yam was pitched as a monetary experiment, it mashed up aspects of some popular DeFi protocols to produce an “elastic supply cryptocurrency, which expands and contracts supply in response to market conditions, initially targeting 1 USD per YAM”, and additionally buying yCRV tokens with the supply expansion and placing these in the Yam treasury.
YAM was a monetary experiment, composed of several other monetary experiments wrapped together in a package that didn’t quite work.
But the YAMs were just an appetiser for a more substantial meal with several courses, featuring food tokens from up and down the pyramid and most notably SUSHI. I have written an overview of Sushiswap and Uniswap, focusing on their governance and recounting a version of the story so far. Some highlights for this post are:
- Automated Market Makers are a novel way of creating markets that don’t rely on the conventional order books but instead have participants add and withdraw tokens from pools to make trades, with smart contract logic determining prices.
- Bancor pioneered AMM pools, but Uniswap popularised the idea with a method that didn’t involve buying special tokens to participate.
- SushiSwap copied Uniswap’s smart contracts, dropped the idea that a fee would be added to compensate VC investors and added in a SUSHI token instead, which would be distributed to all of the liquidity providers (effectively the people who run the AMM service). This also incorporated a “vampire attack”, where SUSHI tokens were being offered specifically to Uniswap liquidity providers at an attractive rate, so as to lure them and their liquidity into the competing SushiSwap pools.
- The story had drama, when Chef Nomi made an abrupt transition from being the hero who founded SushiSwap to liquidating the entire SushiSwap dev fund and pocketing the ETH. The Chef would later return the ETH, and it would be converted back to SUSHI, but his reputation in the community had been irreparably damaged.
- Uniswap subsequently added a UNI governance token which works in a very similar way to SUSHI, and made a retroactive initial distribution of these tokens to people who had used the Uniswap decentralized exchange. The UNI token started trading at around $2-4, and 150 million tokens were distributed initially, so this amounted to an almost instantaneous creation of about ~$500 million in value. In UNI’s case the token was capturing value that had been developed in the protocol with a claim on its future governance and some fee revenue - but SUSHI performed similar alchemy with largely borrowed tools.
- Uniswap won most of its liquidity providers back from SushiSwap when UNI launched, but as initial bonus incentives expired and SushiSwap responded with more of its own bonus schemes the liquidity has started to tilt back in SushiSwap’s direction. In either case it seems there will be ongoing competition between these protocols, and one of the only differentiators will be their governance.
- The overview covers the governance of the respective projects in some depth. While similar in outline the use of the proposal systems is very different in the production environment, due largely to the different thresholds for creating and approving proposals. Just before the end of 2020, Uniswap had its first governance proposal approved, to fund a grants program with up to $750K quarterly. The program will be administered by a committee of 6 members with 1 lead (all named in the proposal).
Yearning for Decentralized Finance
Yearn Finance, with governance token YFI, is a set of smart contracts created by Andre Cronje which aims to provide access to yield-farming and other profitable opportunities to people who put their assets in vaults that manage allocated funds according to a specified strategy. Brady Dale of Coindesk has written extensively about what Yearn is about6 and the manner in which it has expanded through a series of mergers to position itself as the “Amazon of DeFi”. 7
Yearn, and a similarly purposed Harvest finance, serve as an easy on-ramp to engaging in DeFi yield maximizing, their aim is to do this for the user within defined parameters. This allows more capital to be engaged in these markets and pools than would otherwise be the case.
In terms of Yearn’s governance, it is worth noting that it had a “fair launch”, with no premine of the YFI token. Early in the project’s history it was decided to issue 30K YFI tokens to people who were providing liquidity over a one week period. This is how all of the YFI tokens were issued, and the YFI holders have subsequently voted to reject proposals to issue more YFI.
Governance takes place primarily in the forum and snapshot is used for voting. Snapshot signal voting is popular among Ethereum projects which use voting in their governance, as it allows for votes to be cast without incurring gas costs. Snapshot was developed by Balancer labs, another DeFi project.
Control of the YFI minting contract was put in the hands of a 6 of 9 multi-sig Gnosis Safe, and Andre Cronje removed himself as one of the controllers. This was seemingly done because Andre had the exclusive rights to mint YFI before and this became a bigger key man risk with the rise in value of YFI. The forum post refers to another forum post with details of the on chain voting system for approving changes to smart contracts, but at the time this appeared to be largely aspirational and still at the “Andre does it manually” stage.
As Yearn has embraced a strategy of partnership and mergers in recent months, the prize vegetables from the year’s bumper food token crop which didn’t rot in the heat of DeFi summer are now being combined, and the table is set for a soup-er 2021 (puns intended, sorry).
It’s on fire!
When it comes to the DeFi space as a whole, hacks and failures (sometimes spectacular) have been a regular occurrence in 2020.
There have been a great variety of these, including some novel types previously unseen, such as the flash-loan attack pioneered 8 on the bZx Ethereum dapp. A flash loan is a novel type of credit offering where large sums can be borrowed with no collateral but must be paid back within the same block. In other words, a flash loan only works as part of a chain of transactions, all executed within the same block, starting with the loan being taken out and ending with its repayment in full. If anything goes wrong with the series of transactions and the amount is not repaid, the flash loan simply fails to make it into the blockchain, and leaves no trace.
The atomic resolution virtually eliminates risk to the lender’s capital, and this means they can lend to anyone with good assurance of being repaid, plus one assumes a fee to make it worth the lender’s trouble. This has a levelling effect, because previously the amount of money one could make from exploiting bugs in DeFi smart contracts was limited by the amount of capital one could deploy.
This paper by Qin, Zhou, Livshits & Gervais 9 dissects the first two flash loan attacks in detail, and offers notes on how to increase the profitability of the technique. The technique for these hacks involved using some of the loan to manipulate a price oracle while using the rest to make transactions which would profit from the manipulation. The first two flash loan attacks netted less than $1 million, whereas as the year went by the sums being gained by people using flash loans to exploit smart contracts increased considerably. Someone flash harvested $24M from Harvest Finance in October, flash spoils of $7M, $6M, $2M in November - and those are just the recent examples.
The fault here lies primarily with the DeFi protocols which have such weaknesses, the flash loans just open up the possibility of making money from these exploits to people who don’t have their own capital to deploy. This seems to be the emerging consensus.10
As an outside observer, the impression that the more vocal “DeFi degens” make on twitter is that they’re in solid profit and can take these losses on the chin.
Seeing the Ethereum community pile hundreds of millions of USD worth of crypto assets into novel smart contracts is an interesting spectacle. The speed of development and deployment, and the gusto with which pools are filled with assets, echo the “move fast and break things” style of development - for the community it could be extended as “move fast and tolerate risk”. This feels to me like one of the characteristics of blockchains which align with personality traits, such that people will be drawn to different projects based on how comfortable they are with risk and complexity. If we consider the range of “potentially hazardous unknown events” that could befall users of Bitcoin as compared to dForce, for example, it’s a totally different ball game.
Dark Forests in Ethereum Land
Flash loan attacks are an example of a profitable transaction which could be executed by anyone, and so they are in theory susceptible to poaching or front-running by miners and other nodes which will relay the transaction to miners. This kind of front-running has been observed previously by Daian et al. (2019)12 and given the label “miner extractable value” (MEV).
In 2020 I enjoyed two articles about dealing with this “dark forest” (referencing the “Three Body Problem” science fiction series) from the perspective of developers who were aiming to “rescue” some vulnerable funds. In the first one 13, by Dan Robinson and Georgios Konstantopoulos, the protagonists try to sneak a burn transaction past the mempool bots which they suspect are lurking, but it gets picked off in a few seconds and the miner pocketed $12,000. The second 14story on this subject, from samczsun, had higher stakes, benefitted from lessons learned in the earlier attempt, called in expert help, and was ultimately successful in the rescue of $9.6 million which had been sitting in a vulnerable smart contract by enlisting the help of a miner who could mine the transaction directly. I thought both of these were well written and interesting accounts of the true nature of the Ethereum mempool and one of the ways in which miners exert control over the network.
Doxxed hackers and donations
There have been a few DeFi-related incidents in 2020 that ended with the attackers giving some or all of the ill-gotten tokens back. Perhaps most notably, whoever hacked the dForce smart contracts for $25 million of deposited crypto went on to return almost all of it, $23.8 million (they lost money on some trades before returning everything). In this case it seems clear that the hacker’s identity was exposed and they opted to return funds to avoid possible repercussions.
Doxxing, or having one’s identity exposed, is also a possible explanation for Chef Nomi’s return of the Sushi development funds.
One of the larger hacks of the year had a more conventional and centralised target, the Kucoin exchange, which was hit for $275 million. A report 15 by Chainalysis gives details of how the hacked funds were processed and make a point about the growing use of DeFi decentralized exchanges to swap the tokens into something less obviously stolen, making it more difficult for exchanges to block transactions which use these stolen funds. The trace is easy for an outfit like Chainalysis to follow however, and they seem to have been involved in providing information which led to the freezing or burning 16 of a significant proportion (~65%) of the stolen tokens.
This relates back to the point above about the foundations of DeFi (and dapp tokens generally). The following projects were able to move swiftly to censor the hacker’s funds: Orion Protocol, Covesting, Kardiachain, Velo, VIDT, SilentNotary, Ocean Protocol and Tether.
I have been spending some time analysing the Decred blockchain in 2020, and I have seen for myself the unreasonable effectiveness of address clustering17. UTXO chains like Bitcoin and Decred afford more options for tactical use of addresses, as a wallet can generate many addresses and these are not linked unless used at the same time (as common inputs to a transaction). Without careful UTXO selection, addresses are likely to be combined in such ways as to allow someone who knows about one of a user’s transactions to know about many more of their transactions and balances.
Ethereum is account-based, and this presents further challenges, it is perhaps a more difficult environment to protect one’s privacy in. It is noteworthy however when even people with presumably a high degree of proficiency with this technology (enough to exploit a bug in a smart contract) have to give their loot back because they revealed their identity by mistake.
Cryptocurrency is a double-edged sword when it comes to illicit uses. Censorship resistance (where this is actually provided by the cryptocurrency) means nobody can stop its use for a criminal purpose, but the price is sharing details of one’s transactions with thousands of nodes around the world to be included in a permanent public record.
This is not just a problem for criminals, but anyone who could become a target if details of their cryptocurrency transactions or holdings became known to nefarious actors. In my view this is a significant obstacle to a future where self-custodied cryptocurrency is common among the general population. Privacy is a major component of practical security when it comes to cryptocurrency.
There have also been some crypto donations by hackers who weren’t necessarily exposed but maybe just felt like indulging in some Robin Hood type behaviour.
One such instance concerned DeFi legend Andre Cronje, who was testing a new protocol/token (EMN) in prod and tweeting about it when overnight people deposited $15 million worth of assets into the new unaudited contracts and it all got taken by someone who spotted a flaw in the contracts. Half of the funds were returned to the contract which Cronje controls, and he tweeted that they would be distributed to EMN holders based on a snapshot of addresses.
- whiterabbit. (2020, October 2). Black Thursday for MakerDAO: $8.32 million was liquidated for 0 DAI. Medium. https://medium.com/@whiterabbit_hq/black-thursday-for-makerdao-8-32-million-was-liquidated-for-0-dai-36b83cac56b6 [return]
- $28M MakerDAO ‘Black Thursday’ Lawsuit Moves to Arbitration. (2020, September 29). CoinDesk. https://www.coindesk.com/28m-makerdao-class-action-lawsuit-arbitration [return]
- Makerdao Vote to Not Compensate Black Thursday Victims Receives Harsh Criticism. (2020, September 24). Bitcoin News. https://news.bitcoin.com/makerdao-vote-to-not-compensate-black-thursday-victims-receives-harsh-criticism/ [return]
- Yam Finance. (2020, August 17). YAM: An Experiment in Fair Farming, Governance, and Elasticity. Medium. https://medium.com/yam-finance/yam-finance-d0ad577250c7 [return]
- DeFi strikes again: YAM protocol bug leads to $750,000 loss. (2020, August 14). CoinGeek. https://coingeek.com/defi-strikes-again-yam-protocol-bug-leads-to-750000-loss/ [return]
- What is Yearn Finance? The DeFi Gateway Everyone Is Talking About. (2020, September 8). CoinDesk. https://www.coindesk.com/what-is-yearn-finance-yfi-defi-ethereum [return]
- Mergers Position Yearn Finance as the Amazon of DeFi. (2020, December 14). CoinDesk. https://www.coindesk.com/mergers-position-yearn-finance-as-the-amazon-of-defi [return]
- Qureshi, H. (2020, February 27). The DeFi ‘Flash Loan’ Attack That Changed Everything. CoinDesk. https://www.coindesk.com/the-defi-flash-loan-attack-that-changed-everything [return]
- Qin, K., Zhou, L., Livshits, B., & Gervais, A. (2020). Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit. ArXiv:2003.03810 [Cs]. http://arxiv.org/abs/2003.03810 [return]
- DeFi Exploits Can’t Be Pinned on Flash Loans, Industry Leaders Say. (2020, November 18). CoinDesk. https://www.coindesk.com/defi-exploits-flash-loans-industry-leaders [return]
- Jevans, D. (2020). Half of 2020 Crypto Hacks are from DeFi Protocols and Exchanges—CipherTrace. https://ciphertrace.com/half-of-2020-crypto-hacks-are-from-defi-protocols-and-exchanges/ [return]
- Daian, P., Goldfeder, S., Kell, T., Li, Y., Zhao, X., Bentov, I., Breidenbach, L., & Juels, A. (2019). Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges. ArXiv:1904.05234 [Cs]. http://arxiv.org/abs/1904.05234 [return]
- Robinson, D. (2020, September 21). Ethereum Is a Dark Forest. Medium. https://medium.com/@danrobinson/ethereum-is-a-dark-forest-ecc5f0505dff [return]
- Samczsun. (2020, September 24). Escaping the Dark Forest. Samczsun. https://samczsun.com/escaping-the-dark-forest/ [return]
- Chainalysis Blog | The KuCoin Hack: What We Know So Far and How the Hackers are Using DeFi Protocols to Launder Stolen Funds. (2020). https://blog.chainalysis.com/reports/kucoin-hack-2020-defi-uniswap [return]
- Stevens, D. / R. (2020, September 27). $130 Million of KuCoin Hacker’s Haul To Be Frozen by Crypto Projects. Decrypt. https://decrypt.co/43066/130-million-of-kucoin-hackers-haul-to-be-frozen-by-crypto-projects [return]
- Harrigan, M., & Fretter, C. (2016). The Unreasonable Effectiveness of Address Clustering. 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), 368–373. https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.0071 [return]
- Mysterious ‘Robin Hood’ hackers donating stolen money. (2020, October 19). BBC News. https://www.bbc.com/news/technology-54591761 [return]