The Brave New Coin (BNC) report explored non-financial risks associated with decentralised finance (DeFi) including centralisation, over-reliability on Infura, re-entrancy and flash loans
Data and research company BraveNewCoin published a report explaining several serious non-financial risks associated with decentralised finance. While financial concerns over DeFi are well-documented, the new report is being considered crucial for its focus on the technical issues that come with Ethereum-based smart contract finance protocols.
The November report, authored by BNC analyst Xavier Meegan, begins by explaining the scalability issues faced by DeFi, pointing out that high transaction fee and failed transactions caused by network congestion can cause DeFi protocols to malfunction.
It further added that similar concerns were reported by various DeFi users in September. Ethereum transaction fees reached record figures of around $15 during the yield farming frenzy.
The report also highlighted the Black Thursday event as an example by saying “We saw this happen on Black Thursday in March 2020, when actors in MakerDAO (liquidators) could not access auctions to bid on collateral, resulting in collateral being sold for free”.
Re-entrancy risk, which occurs when a contract sends ETH before updating its internal state, was spoken of in detail as a major vulnerability in the report. The possibility of exploiting flash loans, where assets can be borrowed and repaid within the same transactions, was also discussed citing the examples of Harvest Finance, bZx and Pickle Finance.
Oracles can pose a risk as manipulation of information from a provider or a malicious actor can lead to smart contracts receiving inaccurate input regarding off-chain values, the report noted. Further, cyber-criminals can manipulate the protocol design to their benefit, especially in the light of the interconnectivity concept of the ecosystem, it cautioned.
“The current inter-connectedness of DeFi is extremely similar to how traditional finance was before the Global Financial Crisis (GFC) in 2007–08”, the report noted.
The centralisation risk was yet another issue that was touched upon by the report. It argued that if protocols are controlled by a few whales or a central intermediary, outcomes can be significantly altered. The report further stated that such risk was a cause of concern in light of the bulk of stablecoins used in DeFi being centralised and controlled by corporations.
Finally, the report comprehensively explained the risks associated with DeFi’s reliance on Infura as a node infrastructure operator by saying “An estimated 63% of the Ethereum community use Infura as their preferred method of interacting with the blockchain. What are the consequences if Infura does not function as expected one day”?
Several other risks associated with economic incentives, financial illiteracy and regulations were explored in the report. It concluded that the most significant risk was the risk of more risks being discovered, making the entire DeFi ecosystem sound like a financial nightmare.