Open in app

Sign in

Write

Sign in

The Importance of Security: How Deepr Finance Ensures Trustworthiness

Deepr Finance
6 min readSep 5, 2023

--

In recent years, the world of finance has witnessed a significant shift with the emergence of decentralized finance (DeFi) lending platforms, challenging the traditional financial (TradFi) systems. While these platforms offer exciting opportunities for borrowers and lenders alike, they also present distinct security dangers that users must be aware of. In this blog post, we will dive into the security risks associated with both DeFi and TradFi lending platforms and explain how Deepr Finance mitigates them.

Security Concerns in TradFi Lending Platforms

Data breaches and hacks: Traditional lending platforms handle vast amounts of user data, making them attractive targets for cybercriminals seeking personal information or valuable financial data. Data breaches can lead to identity theft, fraud, and other financial crimes.

Centralized control: Unlike DeFi, where users retain control over their private keys, TradFi platforms require users to trust a central authority. This centralization creates a single point of failure, where a security breach or internal misconduct can have severe consequences.

Regulatory compliance: Traditional finance operates within established regulatory frameworks, which can vary by jurisdiction. Non-compliance with these regulations can lead to legal penalties, putting users’ funds and personal information at risk.

Counterparty risks: In traditional lending, borrowers and lenders rely on intermediaries to facilitate transactions. If these intermediaries become insolvent or default, users may face substantial losses.

Lack of transparency: TradFi platforms may not provide the same level of transparency as DeFi platforms due to proprietary algorithms, complex financial products, and limited accessibility to underlying data. This can make it challenging for users to assess the true risks involved.

Fractional reserve banking risk: Most banks only hold a fraction of deposits as reserves and lend out the rest at many multiples, which can create money and stimulate growth. However, this system carries the risk of bank runs due to insufficient reserves, potentially triggering a wider crisis. Excessive lending can also lead to financial instability.

Security Concerns in DeFi Lending Platforms

Smart contract vulnerabilities: DeFi platforms operate on distributed ledger technology and utilize smart contracts to facilitate lending transactions. While these contracts automate processes and eliminate intermediaries, they are not immune to bugs or vulnerabilities. Flaws in smart contract code can be exploited by malicious actors, leading to the loss of user funds.

Centralization risks: Despite the decentralized nature of DeFi, some platforms exhibit elements of centralization, such as control over admin keys or governance decisions. These central points of control can be targeted by attackers or misused, compromising the security and integrity of the platform.

Rug pulls and exit scams: The anonymous nature of DeFi can enable developers to create seemingly promising lending platforms, only to disappear with user funds in what is known as a rug pull or exit scam. Users must exercise caution when choosing DeFi platforms and thoroughly research the teams behind them as well as the applied security mechanisms.

Liquidation risk: A notable risk arises when the value of collateral assets sharply declines, potentially leading to automatic asset liquidation to cover outstanding debts. This situation can result in borrowers incurring substantial losses, while lenders might face challenges in recuperating their investments due to forced sales at unfavorable prices.

Bad debt risk: When borrowers are unable to promptly repay their loans, and the collateral they put up cannot be swiftly sold off through liquidation, the protocol ends up accumulating non-performing debt. In situations of heightened severity, this problematic debt could potentially be shifted onto liquidity providers, placing them at risk of bearing the losses stemming from borrowers’ inability to fulfill their obligations.

Pricing risk: The vulnerability of asset prices to manipulation poses a significant risk. Malicious actors can exploit this dynamic by artificially inflating or deflating the value of assets, leading to skewed market conditions, potential losses for unsuspecting traders, and eroded trust in the DeFi ecosystem.

Deepr Finance’s Robust Defenses

At Deepr Finance, our unwavering commitment to maintaining the highest standards of trust and security forms the cornerstone of our platform. Guided by an unrelenting dedication, our team has meticulously crafted and implemented critical security measures to provide users with an environment that prioritizes safety and mitigates risk above all else.

We have selected several vital security-related topics that we want to provide comprehensive details on.

Mitigations of smart contract risks

Fork of Compound

Our commitment to ensuring airtight protection has led us to meticulously analyze various protocols for forking. After an exhaustive evaluation, we arrived at a resolute decision to align with one of the most secure and battle-tested options available and decided to fork Compound. The Compound protocol has been reviewed and audited by OpenZeppelin and ChainSecurity.

Audits

To ensure the secure use and trustworthiness of Deepr Finance, HashEx performed a thorough security audit of the smart contracts code bases to identify potential security issues and to formally check the logic behind the platform.

The published results of this audit including the recommended changes and modifications implemented can be viewed here.

The audit report found 11 issues of which all pending modification suggestions one has yet to be fully resolved, as reflected in the linked report above. The pending issue related to “Exaggerated owner’s rights’’ is marked as “Partially fixed”, and will be fully resolved once the contracts are deployed on mainnet and Hashex verifies that the audited contracts are deployed without modifications and ownership is transferred to a multisig address controlled by KYC’ed signers.

Mitigation of centralization risks

Multisig wallets with time locks

In order to manage the emissions of our token to ensure value and utility is maintained, we will implement two risk-mitigation mechanisms:

  • Multisig wallets: These wallets mandate the involvement of multiple trusted parties for any wallet operations. Consequently, even if one or two users make improper decisions, we will maintain protection and retain the capability to revoke their access.
  • Time locks: In the rare event of a breach in the multisig wallet’s security, a time lock will be in place to grant users ample time to initiate preventive measures.

Mitigation of pricing and bad debt risks

Risk modeling exercise, including collateralization monitoring

It’s crucial to consider certain characteristics when accepting assets:

High liquidity: Assets should be highly liquid to ensure there’s a readily available market for trading and selling when needed.

Low volatility: Low volatility is important because it gives users ample time to manage their debt positions without sudden and drastic price swings.

Strong teams: Collaborating with teams that have a solid track record is essential for reliability and trustworthiness.

When a significant amount of an asset is used as collateral, it’s vital to ensure that liquidators have the necessary liquidity to sell the debt position and repay lenders on the platform. Continuous monitoring of collateral amounts and debt positions is essential for risk mitigation. Additionally, it’s worth noting that the mechanism for liquidating debt during unforeseen events, such as Compound forks, has proven to be highly efficient, even in comparison to centralized finance platforms like Celsius that have faced challenges in similar situations.

Oracles

Oracles play a pivotal role in decentralized finance by providing accurate and real-time price data from external sources, enabling smart contracts to execute actions based on reliable market information. Deepr Finance recognizes this importance and leverages the robust oracle solution provided by Pyth Network to ensure secure and up-to-date pricing data, enhancing the trustworthiness of its DeFi protocols.

Risk monitoring dashboard

The Nakama team has created an internal risk monitoring dashboard that we will continuously oversee. Automated alerts will notify us of substantial shifts in risk metrics, enabling us to take mitigating actions. After the mainnet launch and UI enhancements, we might consider making this dashboard accessible to the public for the benefit of everyone.

Mitigation of liquidation risks

User and team training

Internally, we conduct regular security training sessions to continually enhance the expertise of our staff, while externally, we actively contribute to the community’s security awareness by publishing educational materials. It’s important to emphasize that liquidation risks can only be effectively mitigated when users have been thoroughly trained in the platform’s mechanics and risk management strategies.

Conclusion

With robust security measures, meticulous smart contract evaluations, multisig wallets, real-time risk monitoring, and a commitment to user education, Deepr Finance demonstrates an unwavering dedication to providing a safe and secure environment for borrowers and lenders, setting new standards for trust and protection in the DeFi industry.

--

--

Deepr Finance

Written by Deepr Finance

1K Followers

Deep liquidity on the most secure and efficient lending and borrowing platform on Shimmer EVM. Get started: deepr.finance

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams