If you are here, you presumably know what Decentralised Finance( DeFi) is or have used some protocols to trade tokens or try to earn interest on them.
DeFi continues to be one fascinating field to look into, but as its market size rises – so does the number of malicious actors and hackers trying to get a part of value locked in the protocols for themselves.
The state of DeFi security is one of the significant topics of discussion in 2022, given that hackers grossed over $3 billion this year alone.
Table of Contents
Rough times
Currently, October takes the palm in terms of overall value stolen from various protocols, standing at over $700 million. The most prominent exploits include the BNB bridge ($586 million), $115M was lost in Mango Markets exploit, and nearly $28M from other smaller protocols.
According to Chainalysis, cross-chain bridges remain the most tempting target for hackers due to the liquidity locked there. Although bridge exploits account for more than half of the value stolen in the DeFi sector, the sheer number of DeFi protocols being exploited regularly is concerning.
The state of DeFi security
Even though DeFi protocols suffer from exploits quite regularly, the community and industry as a whole is optimistic about DeFi space and its development. Developers and product teams do not stop working on what they do best – hackathons, launching new financial primitives, important upgrades to protocols and chains and so on. The security space also does not stand still.
One of the first things investors and users are looking for during due diligence is a security audit, so audit firms continue to dominate the space as a way to check up the protocol before launch. Still, with the number of exploits, it’s getting more apparent that audits alone aren’t enough to guarantee the safety of the application, and new solutions come to life:
- Gauntlet and Chaos Labs – they use the agent and scenario-based simulations to tune protocol parameters, improve capital efficiency and test the protocol against simulated market conditions.
- Apostro is a risk management & security threat prevention platform guarding against various vulnerabilities, including market and oracle manipulation, poor code or bugs, and so on. It aschieves it by preventing or complicating the exploit for the hacker & giving team time to react with adjustments to protocol parameters.
DeFi Security space has various protection solutions – bug bounty platforms, audits, risk management tools, real-time monitoring, and even more are being developed behind the scenes. We are still in the early stages of the relatively complicated space, and there are vast development possibilities for DeFi security.
