Sad but true.

A framework for assessing DeFi’s risk

There are risks everywhere. Where to start?

Rafaella Baraldo
Mar 31 · 11 min read

Disclaimer: DeFi is a highly experimental technology, and its risks are not to be underestimated. Be aware of it while using DeFi protocols, and never allocate funds that you can’t afford to lose.

If you’re new to DeFi, you may be wondering why or how people even survive under such risky conditions.

As human beings, we’re often fearful of what we don’t know. With risk is no different. Some may even be concerned about interacting with DeFi all together because there are “many risks.”

Indeed, there are different types of risks, each with a type and potential outcome and specific ways of mitigating each type.

This article intends to clarify the “many risks” within the DeFi space and suggest a framework for approaching the risks while interacting with DeFi’s protocols.

Types of risks mapped in conventional markets

Let’s first take a look at how traditional finance typically map different types of risk:

Traditional Markets Risk map.

The risks mapped by traditional markets thus far take into consideration their premisses of how their world works. And for this reason, most of TradiFi and Fintechs in the space share the same risk framework.

That means that traditional finance’s risk framework may not be suitable for this context since we don’t share the same premises. A few of the premises in the DeFi space are:

  • System’s transparency. Having all contract and system rules exposed is fundamentally different than traditional finance.
  • Custody. Doing the custody of the user’s funds is also another crucial different premise and way of operating.
  • Composability. Protocols are profoundly interconnected and may even need each other.
  • Dark Forest. The functioning in how transactions are processed is totally different than traditional markets.

DeFi, therefore, should have its own framework of risks. That doesn’t mean less risk, but rather, having the risk framework adapted to how our world works.

Risks in DeFi

How can an individual approach each of them? Is there something individuals can do to reduce their risk exposure?

Yes, there has to be.

And what to do about it depends on the risk appetite of each user. By risk appetite, I mean the level of comfort each individual has when dealing with the possibility of a loss of funds. After all, not everyone is a degen, and that’s totally fine.

Below I added an image to illustrate what risks we’re mapping and at what level they can be impactful.

For example, risks intrinsic to the entire ecosystem (Ecosystem’s risks) impact both protocols and users.

Distribution of risks according to each instance in the DeFi space.

As a user, the absolute best way to avoid risk at all costs is to stay out of it altogether. But, if you, like me, are comfortable with some risk, there are ways you can reduce your risk exposure.

The first step is learning what they mean, what consequences they have, knowing your risk appetite, and what are things or tools you can use to mitigate potential risks.

Mapping DeFi’s Risks

To better organize the risks mapped in DeFi, I separated the types of risks into subgroups. Each relates to an instance of risk:

- risks users can mitigate,

- risks protocols can mitigate,

- and risks that impact the entire ecosystem.

DeFi’s Risk map.

Below, there is an explanation of what each type of risk actually represents and the potential consequences they bring, followed by a general suggestion of evaluating whether a protocol or a particular situation is more or less risky based on public information.

User’s Risks

Risks that are in the user’s reach and depend on them to mitigate them.

Market Risk

The risk of having a negative result in investment based on the asset or market price volatility is present in DeFi just as they are conventional markets. Crypto is widely known for being a volatile asset class and is significantly more volatile than the US Equity markets.

Likelihood: It is present most of the time within volatile assets.
Consequences: Price volatility may impact the user’s returns positively or negatively.
Ways to mitigate: There is more than one way of reducing the exposure to market risk. The most common ones are the use of derivatives as hedging solutions, limiting one’s portfolio’s total percentage to volatile assets to reduce overall exposure, stay out of the asset class altogether, and diversify the portfolio among uncorrelated assets.

Custody Risk

Most protocols are non-custodial, leaving the custody hurdle for its users to deal with. This may appear as a risk to the users who are not familiar with taking care of their private keys and evaluating if a call to insert your private keys is real.

It is part of DeFi that users custody their funds and interact with apps using a wallet, most of the time using Metamask or another browser wallet. This opens the risk of lost or stolen funds.

Likelihood: If the user is in the custody of their own funds, this risk is present at all times (even for the ones that know what the best practices are, the risk is still there).
Consequences: Users can lose funds.
Ways to mitigate: It is recommended that users learn how to custody their funds before moving large amounts. The consensus orientation for this to always use hardware wallets and store the seed phrase somewhere safe (in case you lose your hardware wallet). If you use contract wallets, like Argent, set up Guardians and daily limits. Never use infinite approval when approving a transaction in a DeFi protocol.

Scams

Beware of scams! Unfortunately, it is widely common to see scams within the DeFi. This Twitter account has been doing a good job reporting scams whenever they find one.

Likelihood: It is more common than you imagine.
Consequences: Loss of funds.
Ways to mitigate: Don’t ever send funds to someone you don’t know. Research the projects before investing, be careful with applications that ask for your private keys.

Things scammers say.
I received so many of these that I should rich by now.

Protocol’s Risks

This section describes the risks at the reach of protocols and a suggestion of how users can evaluate how risky a protocol is based on public information.

Another possibility for interacting with DeFi protocols and reducing each operation’s overall risk is the use of Insurance protocols. Each has its models and covers specific types of risks. It is worth exploring to increase coverage on risks that are beyond the users’ reach.

Operational Risk

All risks are caused by human or technology failure. In the DeFi context, this translates into contract bugs.

Likelihood: Even the most senior engineers are still humans and therefore, can make mistakes. So it is possible.
Consequences: It depends on the bug and the protocol, but users can lose funds in the worst-case scenario and/or may pause trading activities.
Ways to mitigate: Multiple efforts on smart contract security may add up to decrease the chance of finding an extra bug. Code Audits, extensive Test Coverage on the contracts, Formal Verification, Bug Bounties, and guarded launches are some of the activities a protocol team can do to decrease the chances of encountering a bug. In addition to these measures, some protocols have additional resources supplied by their DAOs that may reduce the undesirable consequences.

As users learn about a new protocol, it may help search for more information about how the team approached security.

Exploit Risk

Another significant change in paradigm that we can see in the DeFi context is how transparent the contract rules are and how they are connected. This opens the possibility of gaming the system in many forms. This is one of DeFi’s most unknown risks so far since it’s really tough to foresee an exploit, and it usually involves more than one protocol in one exploit.

Likelihood: Possible and more likely than any of us would like them to be.
Consequences: It depends on the protocols, but most likely, the users lose funds or value locked.
Ways to mitigate: This type of risk is tough to foresee at this point. The ecosystem is still learning how to better prepare against this risk.

Example of a highly sophisticated exploit evolving three different protocols. Source: https://twitter.com/bneiluj/status/1228757175595438080

Credit Risk or “Counterparty” Risk

DeFi credit risk is mainly pooled and represents the solvency of a specific protocol. For instance, the Utilization Rate in lending protocols could be seen as a measure of solvency and counterparty risk.

Right now, most protocols are overcollateralized and have robust liquidation systems in place. This decreases the risk and likelihood of insolvency. However, it is possible that in a significant crash event, liquidation systems trigger a spiral crash in asset prices, and protocols may become insolvent.

Likelihood: Depends on how each protocol works. It could happen in a significant crash for protocols dependent on liquidation systems.
Consequences: Insolvency in overcollateralized protocols — default on borrowed positions and loss of lender’s funds.
Ways to mitigate: As a user of those protocols, one way of mitigating this risk is to split the exposure into different protocols.

Admin Keys Risk

Decentralization is the main reason for the ecosystem to exist. However, most protocols are not decentralized yet. This is natural since we’re just starting, and there are many improvements to take place before complete decentralization.

Teams in DeFi typically hold admin keys with a certain level of power over the contracts. The amount of power the admins’ keys hold depends on each protocol. The existence of admin keys brings a risk of human failure (just funds stolen from the admin holders or the admin made a mistake) or malicious activity (intention of theft).

Likelihood: Depends on the protocol but in most cases it is possible.
Consequences: Loss of funds.
Ways to mitigate: Users that are learning about protocols may find public information about admin keys powers and how the team manages the keys to those powers. It is known that having strong admin powers and only one admin key is riskier than lighter admin powers with admin keys controlled by a multisig with different signers.

Oracle Risk

Some protocols may be largely reliant on oracle feeds. Any problem or error regarding the feed could trigger a liquidation event, for example.

Likelihood: Depends on the protocol and how significant the price feed is in the system but could happen.
Consequences: Loss of funds.
Ways to mitigate: Users that learned about a protocol using a price oracle can check how the protocol uses the price and what impact an incorrect price could have on it. Maybe if protocols have a secondary price source to compare or estimate, an average price could help reduce one source’s reliability.

Liquidity Risk

This risk type is less relevant within the DeFi space since assets are mostly crypto and are on-chain. Some may be more liquid than others, but they are accessible.

This risk represents the questions asked in the case of a liquidation of illiquid assets. How can one be sure of the price of the asset? Suppose Aave could accept real estate as collateral. Consider a user that added their house as collateral to get a loan. If the user ever gets liquidated, how could the protocol “liquidate the collateral,” and how could it be sure of the asset’s market price?

Likelihood: This could happen in a significant crash or in protocols where illiquid collateral types are allowed.
Consequences: Insolvency in overcollateralized protocols — default on borrowed positions and loss of lender’s funds.
Ways to mitigate: The DeFi space is still mostly crypto native, and there is little connection to real-world assets. Most of the assets held as collateral are liquid, and Utilization Rates of lending protocols typically account for how illiquid an asset can be under distress.

Ecosystem Risks

So far, we discussed risks within someone’s reach: either the user or the protocol. However, the Ecosystem risks are not necessarily within reach of anyone alone but either of all or none.

Still, ecosystem risks are highly impactful and impact everyone in the space.

Regulatory Risk

Translates the uncertainty in future policy decisions that may impact the asset or funds that are in question. It is still unclear how impactful this risk type can be when dealing with decentralized technology. However, most protocols are not entirely decentralized yet and may be subjected to jurisdiction-specific rules.

Likelihood: Uncertain.
Consequences: Uncertain. But the biggest fear is a change in the dynamic of current DeFi protocols.
Ways to mitigate: Engage as a community to create best practices into increasing the security of the space as a whole. Follow global regulators as they issue new regulations may avoid surprises in this area but not necessarily reduce the risk associated with its consequences.

Event Risk

Fires, hurricanes, and other events can impact the assets massively. The parallel of this risk for the DeFi space seems to be Black Thursday events.

Likelihood: Possible.
Consequences: Loss of funds.
Ways to mitigate: The use of solutions resistant to crash events or that are “isolated” from other protocols in the space. Diversifying one’s portfolio with other asset classes and hedge the assets at risk is another way of mitigating this risk.

Systemic or Composability Risk

One of DeFi’s most remarkable features, composability, also brings additional risk to the space. As the name suggests, the systemic risk reflects the impact of a situation and its impact on other market areas. In DeFi, most protocols are somehow correlated. While that may make more innovative products compared to traditional markets, it comes at a short-term cost. It makes the entire ecosystem riskier. I believe that this risk will reduce as we find more ways to stress test protocols over time.

Likelihood: Possible.
Consequences: Uncertain.
Ways to mitigate: A user entering DeFi now and worries about systemic risk are recommended to reduce its DeFi exposure to an amount that it would be comfortable losing and diversify between “isolated” protocols or protocols with different dependencies between each other.

Conclusion

Risks are part of our lives and are everywhere in DeFi. It is possible to take action to mitigate them, but they won’t go away.

Be aware of them and of your risk appetite. Don’t ever invest in a DeFi protocol more than what you’re willing to lose.

The good part is the DeFi community is uniquely positioned to learn about getting stronger after every discovery, as is doing so at an incredible pace.

Resources

Risk’s studies in DeFi are still nascent but are evolving fast. Below I linked a few links and resources of interesting studies about risk for further research of interested users.

If you know about a report that should be here, please let me know and I'll include it.

Moving forward

  • What other risk-related questions you have?
  • Or what solutions you found for mitigating certain risks?
  • How can we get better as a community on risk management? Is it even possible?

Looking forward to hearing your thoughts, questions, and ideas!

Thank you for reading!

This study was kindly reviewed and improved (a lot) by Robson Silva, Guilherme Viana, Gabriel Apostu, Gustavo Cunha, Guilherme Zamur, Chris Blec, Stani Kulechov, Adrian Von, Caio Vicentino and Aehry Myoung.

Feedback is always welcome! 🙏🏻

Coinmonks

Coinmonks is a non-profit Crypto educational publication.