If you landed on this page, chances are you already know what Decentralized Finance (DeFi) is or have even used some protocols to trade or try yield farming.
While DeFi remains an exciting area to explore, it has attracted both crypto enthusiasts and cybercriminals.
The state of DeFi security remains a topic of discussion in 2022, as hackers have stolen over $3 billion this year alone.
Tough year
At the time of writing, the total value stolen from DeFi protocols increased in October — over $700 million from different protocols. The most notable exploits include the BNB bridge ($586 million), $115 million stolen in Mango Markets exploit, and nearly $28 million in total stolen from Moola Markets, Sovryn, Team Finance, and TempleDAO.
According to Chainalysis, cross-chain bridges remain the most tempting target for hackers with their high TVL numbers. Value-vice bridge hacks account for over half of the funds stolen in the DeFi space, but the sheer number of DeFi protocols exploited daily is concerning.
The State of DeFi Security
Despite the endless emergence of security incidents in the DeFi field, the industry is still optimistic about the development of DeFi. As new financial primitives or protocol upgrades are released to the world, the security space also evolves with new solutions to protect users and protocols.
Security audit companies continue to dominate the space – protocols require security clearance before release, and users and investors begin their due diligence with security audit reports. However, as the number of exploits has grown and it has become clear that security audits alone are not enough to ensure the security of DeFi applications, new solutions are emerging:
- Gauntlet – a financial modelling platform leveraging agent-based simulation to adjust protocol parameters for higher performance and improve capital efficiency. This allows faster market change response from the protocols and higher protection against default.
- Apostro is a risk management protocol helping DeFi protocols guard against various security threats, including code bugs, oracle or market manipulation. Apostro can do it by preventing or complicating the exploit for the hacker by making it unprofitable.
- Chaos Labs – same as Gauntlet, they use the agent and scenario-based simulations to improve capital efficiency and test the protocol against different market conditions.
The security solutions space is booming with various protocols and primitives under development – bug bounties, risk management platforms, real-time monitoring, and surely even more work happening behind the scenes. We’re still in the early stages – and the security sector of DeFi space indeed has a lot more to show us on the road.
