DeFi Trends & Hacks of 2021

That’ll Make Your Hair Stand on End

Dilip Kumar Patairya

Published in

Coinmonks

8 min readSep 23, 2021

People are participating in the DeFi saga without knowing the potential risks!

Decentralized Finance colloquially known as “DeFi” aims to disrupt the traditional financial institutions such as banks, exchanges with cryptocurrency, majority of which runs on Ethereum Blockchain.

The recent DeFi upsurge has invited various associated risks along with it. Every DeFi project has different levels of risks involved, the major types of risks involved are: Technological risks, Asset risks, and Product risks.

Anyone as a beginner should be aware of the “red-flags” instigated by any platform. We have seen hundreds & millions of funds being lost from various hacks, thefts, rug pulls, & system failures since DeFi exploded in the recent decade.

Coming down to today: Notable DeFi hacks only in the month of Aug’21:

PolyNetwork — $613M (Infamous biggest Crypto Heist!)
Japan’s Liquid Global Exchange — $94M
Popsicle Finance — $25M
Punk Protocol — $8.9M
Flash Loan Attack on XSURGE DeFi — $5M

Source — Here

These were just a few numbers out of the bucket list of prominent hacks that occurred in the first half of 2021.

In the coming sections, we will introduce you to various DeFi trends, and hacks that have taken the DeFi domain at storm. This will assist you in making decisions related to DeFi more judiciously.

Hey DeFi! How’re you doing in 2021?

The recent decade has witnessed a steep rise in the DeFi economy. According to DeFi Pulse, the total volumes locked (TVL) at the time of writing this article touched $82.95 billion USD. Although the DeFi is growing at a rapid pace, the projects in the DeFi domain have plenty of room for innovation.

Source: https://defipulse.com/

If it’s significantly true, then we must keep us updated with latest DeFi trends that are worth keeping an eye in 2021 :

NFTs (Non-Fungible Tokens)

NFTs (or) Non-Fungible Tokens are digital assets that represent real-world objects such as art, music, game items, or videos. NFTs have many other applications as well other than collectibles & art. The other sectors harnessing the power of NFTs are:

Social Networks
Ecommerce
Gaming, and
Fashion

These are just a few use cases of NFTs, but this sector is yet to witness tremendous change in the coming years.

Liquidity Mining

Liquidity mining (or) Yield Farming leverages cryptocurrencies to provide liquidity to decentralized exchanges (DEXs).

Compound Finance Protocol is one of the recent examples of Liquidity Mining. Last year, a governance token by the name of COMP was launched by Compound, it is since then that liquidity mining has become an unbeatable DeFi trend.

Stablecoins — “Hot Potatoes of 2021”

Stablecoins are digital currencies that are linked to any underlying assets such as a national currency (or) a precious metal such as Gold. This gives Stablecoins liberty in terms of security, transparency, & privacy.

Since its beginning in 2019, stablecoins turnover has boomed. It scaled up the ladder from a number of bn {dollars} a day to a median of US $100 bn in Apr 2021, setting a report of $250 bn in mid-April.

In the near past, we have witnessed a “stablecoin invasion”.

Globally, about 200 stablecoins have either been released or are in development. However, one of the reasons for their sudden growth is their reliable environment for peer-to-peer (P2P) transactions. It eliminates the need to use any volatile cryptocurrency like Bitcoin for transactions to take place.

In its recent report, Messari revealed that Stablecoin’s activity has surged dramatically in Q2 of 2021.

That was a short glimpse of a few DeFi trends taking the economy at storm. 2021 so far has been an exemplary year for decentralized finances, and we can assure that 2022 is going to be no less than this. There are various significant reasons why DeFi enthus are participating at large but at the same time, the clouds of uncertainties keep hovering over various DeFi projects.

Attacks that took the DeFi world at storm!

From the beginning of 2021, we have started to witness hacks and exploits leading various stakeholders to lose millions. Obviously, the platforms that get audited from a trustworthy audit firm have lesser tendencies to get hacked. The total value locked (TVL) in DeFi is at an all time high, and so are the exploits related to DeFi.

Let us look at some of the prominent attacks on various DeFi platforms occurred in past few months:

Yearn Finance Exploit — 4th Feb’21

Exploit Method: Flash Loan

Funds lost: $11 million

The Yearn.Finance fell victim to large scale flash loan attack losing more than $10M in total. The attacker gained 1.7M USDT, 513K DAI, and 506K 3CRV. Below screenshot depicts 3CRV profits attacker made with each transaction.

Yearn.Finance team revealed the events on time and mitigated the future losses: yDAI, the yTUSD, yUSDc and yUSDT vaults were switched off through calling the setMin(0) function.

It clearly outlines that flash loans are the largest yield farming risks that may put DeFi platforms at risk. It is imperative to underline the importance of detecting such exploits on time, and conducting a thorough analysis to prevent other DeFi platforms from potential threats.

Meerkat Finance Exploit — 4th March’21

Exploit Method: Rug Pull

Funds lost: $31 million

DeFi project Meerkat Finance was drained of $31M in crypto assets. It’s a Yield Farming protocol that runs on Binance Smart Chain. The attack was executed just a day after its launch on BSC.

The funds that were drained off were transferred to multiple new blockchain addresses. The project was then drained off to 13M BUSD & about 73,000 BNB that counts to $31M at present.

Soon after the report was publicly available on the BSC community page, many users highlighted their amount at stake and asked for solutions from the crypto exchange.

Well there are clouds of doubt that this attack may not be a simple one. Going through the on-chain data point reports, it says that real Meerkat’s deployer account was taken into practice while altering the smart-contracts.

ForceDAO Attack — 4th Apr’21

Exploit Method: Engineering oversight

Funds lost: $367K

Defined as a quantitative hedge fund, Force is a protocol as well as a Decentralized Autonomous Organization. It is designed to serve its communities with higher-yielding DeFi opportunities.

This hack was made possible by the mismatch of two components within the ForceDAO environment.

In the course of the attack, Force, xForce, and Force/ETH LPs on UniSwap and SushiSwap were at stake. The vulnerabilities in the ForceDAO ecosystem were easily identifiable and could have been fixed through an in-depth smart contract audit.

Provided a smart contract audit from a trustworthy firm, the mismatch would have been identified/detected the lack of error handling code once the transfer was successful.

Anyone to their Rescue?

2020 was a reverberating year for DeFi, but DeFi in 2021 is rising and along with the rising TVL value, it has pulled the attention of attackers as well. The stakes are supposed to grow higher in the coming year.

With the clouds of uncertainty & insecurity, it is becoming a tough pitch to gain trust of users for various platforms.

The auditing firm should also leverage testing tools to deliver an in-depth analysis for the smart contract being audited. Many of the leading DeFi solution providers have partnered with reputed auditing firms to safeguard their vaults.

Final Word!

It’s been a big year for DeFi, various DeFi protocols have shown tremendous innovation and scalability. No doubt DeFi holds the potential to disrupt the financial services in the global economy.

Though it’s a novice industry & various developments are still in their beginning phase. Firms like QuillAudits recommend users to proceed with caution when dealing with DeFi instruments and do a preliminary analysis before making any decision. While a single audit cannot ensure that your audit is foolproof, it is necessary to have your smart contract audited at least two to three times. Not only this, various enterprises have already put a large bet on the bug bounty programs to find the critical flaws.

Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing