DE-FI Becoming A Hackers Dream

in LeoFinance3 months ago (edited)

Hey Jesspeculators

The world of DE-FI has been let out on the world, and it's not going anywhere, the idea has taken hold in the crypto space, and every chain is looking to get a piece of the action. It's been the biggest boom in capital flooding into crypto since the ICO days of 2017 and for a good reason.

There are very few ways you can get a return in today's market, the banks aren't paying you anything, only a few institutions have access to credit markets, bonds aren't yielding much and while there are divident paying stocks DE-FI's returns are attracting a lot of speculators to come in with the promise of high returns over a short period of time.

We all know these are honey pot returns aimed to sucker in liquidity providers in the beginning and get the project going, and as more people come in the returns are arbitraged down. So I get the reason why people want to get in as soon as possible, but not at the risk of losing all your crypto.

If you're risking Bitcoin or ETH in DE-FI, I feel its a bit silly both these tokens have the possibility of hitting a 1 Trillion Dollar market cap so HODL'ing them alone would bring you quite a pretty profit.

I get trying out some of these projects but not risking your precious crypto in them, I am happy to test out a DEX or DE-FI app with the money I am willing to lose, but never a large part of my bag.

Defihacked.png

DE-FI Getting DEfunded

In the last year, we've seen plenty of hacks happening in the DE-Fi space, such as:

To name a few, in 2020 at least a reported $100 million has been hacked and stolen from DE-FI platforms which is absolutely insane and yet people are still dumping their money into the next food named platform, it's mind-blowing the number of risk people are willing to take to earn a few % points in yield these days.

Security audits are a meme

When you put your money into a DE-FI platform you are trusting the code, and guess what PEOPLE write code, so you're still trusting people and with this rush to DE-FI people are taking short cuts to boot up these platforms as soon as possible.

They try to cover their arses by paying for 3rd party audits of the code and sign off, but with any decentralised project, there are going to be bugs, some small and some big. Some silly and some dangerous, and if you're not constantly patching your system and looking for the vulnerabilities you're leaving your investors open to attack.

As the amount of capital keeps increasing, it only makes it more attractive for a hacker to send a few weeks on your platform to break it and run away with a few million dollars. Meaning each time your liquidity pool increases, so does the chance of attack and motivation to attack you.

At this point, I feel as if DE-FI apps have no choice but to assume they will be attacked at some point and security audits aren't going to help, but actually creating on-chain or off-chain insurance to secure fund and provide a safety net is one option.

As well as bug bounties to pay people for their time looking at your code instead of encouraging them to hack your platform.

Have your say

What do you good people of HIVE think?

So have at it my Jessies! If you don't have something to comment, comment "I am a Jessie."

Let's connect

If you liked this post, sprinkle it with an upvote or esteem and if you don't already, consider following me @chekohler and subscribe to my fanbase

Safely Store Your CryptoDeposit $100 & Earn $10Earn Interest On Crypto
ledger.jpgBlockfi.jpgcryptocom.jpg

celciusnetwork.jpg

Posted Using LeoFinance Beta

Sort:  

I can say that, "I got a tiny bit of Harvest 0.00135 and Pickle 0.0177 token as a souvenir."

Posted Using LeoFinance Beta

LOL you're way braver than I am, I wouldn't touch those apps, I did get into farming Sun on TRON but it was so low risk it didn't really bother me, didn't put much capital in and the fees are so low so I just wanted to mess about made like 2 SUN

never used any defi dapps but if i wake up one day and see my coins vanished i don't know how i would react!

Posted Using LeoFinance Beta

LOL it’s happened to me before and I tracked it down to Bittrex and then to another exchange in the Ukraine and then I jusy gave up and moved on and I’m still here 3 years later going strong

and then maybe in china and from there to africa :P

Posted Using LeoFinance Beta

I really haven't jumped on any of the Defi apps. I have been more into a few swing trades and loaning EOS to the resource exchange, and some staking, and then searching out airdrops....etc.

I've added some Liquidity to UNiswap and farmed on TRON but nothing major, just out of curiosity, I am far more vested in staking coins and a bit of the CE-FI apps that are kicking off a little bit of interest, most of my shit is just HODL though, 50k here we come!

Some of the pools have 100's of millions in them and go through extensive code audits. But you are correct, they can still be vulnerable.

To be fair, not all of those were hacks. Not that the difference between a hack and an exit or flash loan scheme matters when you're on the losing end.

You could really be onto something with the insurance idea. I'll bet companies roll that out sooner or later. Keep an eye out for Insurance Tokens.

Posted Using LeoFinance Beta

Yes I understand, it's just easier to group them under hacks instead of breaking down each one but yeah fact remains no ones getting that money back. Audits to me are more of a marketing statement than a security feature and having no roll back or fall back possibilities like centralised exchanges means you need to come up with new ideas.

I think insurance tokens are coming as well as grouped insurance tokens where a few platforms collateral is bundled into a fund. It's really taking Fintech 1 ideas and bringing them to fintech 2

I was ignoring for a long time all De-Fi "movement" leaving my ETH "safely" in my hardware wallet, but seeing it there, doing nothing hurts... :) So, I decided to go into this menace by joining the LEO liquidity pool...

Of course, all this is always led but "don't spend more than you can afford to lose", so no crazy things, like in everything else in life :)

And hacking is a possibility and being hacked 15 years ago on my personal computer, open your mind to all the possibilities and threats that you can get... Led by that experience, I am aware that not only De-Fi platforms can be hacked, but also our computers, email accounts, bank accounts, etc...

And I agree that knowing that some platform has a lot of money, motivates hackers to try to break the code...

Cheers!

Posted Using LeoFinance Beta

LOL I know the feeling but I wasn't gong to part with my ETH that easily I've been HODL'ing for ages and it's staying with me. I am in the DEC/ETH pool but nothing major, with these fees it's either you go big or you wait a long time to make any kind of profit.

I was hacked back in 2017 one of my exchange accounts and lost around $3 000 worth of crypto so I've been on the other side, and I am still here. Learned how to better secure my stuff and spread my risk, an expensive lesson to learn but a good one

I agree, you security on anything phones, computers, email accounts, you need to have different layers of security for different amounts you keep stored.

Insurance for the crypt that can be a new sector to explore for companies... may be soon we will see some projects working on it...
Thanka for sharing the thoughts..

Oh I am sure, once someone figures out the first draft of it and we can take the other side of the bet you best believe insurance tokens are going to be the next boom. I mean if you look at the insurance market on home loans I think it was 20x the size of the home loan market in 2009, which is nuts, that was a bit crazy but you can see how big that sector can become

And fir sure the firt cone will take the lead ofcourse the proposal and works done by the team will also effect...
I guess the main hurdle will be the amount that to be insured...
For example un case of home load... their are a little cases of froud that happened in home loan (in India it is very less) and another thing is that can not happened in mass (no of acoounts)...
But in case of the crypto insurance the hackers can takea the very big amount even they can takes maximum available in anybody's wallet even from exchanges (if they are successfuly abke to hack) ... the amount is huge...
What is your opinion...

I think in the beginning it will be mostly underinsured since people don't think it can happen so they don't often fund it and the returns may be low when holding the insurance contract, but the payout is HUGE if they are hacked of course.

I'm not exactly sure about how each attack vector works or how they abuse De-FI with flash loans so I can't speak to how much of the total liquidity floating through a system can be grabbed at any one time. I think that would need a security risk audit and then they can decide how much insurance capital they need and what premium they'll be willing to pay monthly to insurance holders for backstopping them

De-fi has open path to future and I think de-fi is future of investment for great return

I think its only the proof of concept, soon you'll have fintech companies of all kinds building on-chain or via API's bringing DE-FI into a more formal approach and you'll see those crazy yields go down and you'll get low-risk de-fi and all sorts of other projects

That's very true, the moment your coins left from your wallet ,it is not safe. It is not about De-fi but it about Exchanges too where people left their coins and just wake one day to find that exchange is hacked.

I lost little when cryptopia hacked and another little when other exchange shut down.

Posted Using LeoFinance Beta

Even in your wallet, it's not TOTALLY safe, I've seen electrum wallet and even ledger wallets hacked, either someone bought a pre-used one or they clicked on a phishing email with ledger branding, sigh. You can never be too careful with your crypto. I was also hacked on an exchange called coindirect and I refused to use them now, they didn't even care even though it was their 2FA that wasn't working at the time.

As for DE-FI, trusting a smart contract isn't all that it's cracked up to be, we've seen this with LEO too

Very true, the moment you open your wallet you are inviting the risk. Even sending coins by copy pasting requires due diligence.

https://techcrunch.com/2018/07/03/new-malware-highjacks-your-windows-clipboard-to-change-crypto-addresses/

Posted Using LeoFinance Beta

I do not yet have the strength to invest in things like DE-FI. So, I have to earn hard small amounts of token.

Thank for sharing.

Posted Using LeoFinance Beta

DE-FI isn't for those who don't like risk and with all the fees you pay you need to at least dump in a decent amount if you want to take advantage of the risk which suckers in big paydays and then we see things like hacks becoming a regular occurrence