Open in app

Sign in

Write

Sign in

The Ultimate Beginner Checklist to Avoid Scammy DeFi Applications

Adam Bertram
KogeCoin
Published in
11 min readAug 19, 2021
Photo by Towfiqu barbhuiya on Unsplash

We currently live in a Decentralized Finance (DeFi) world full of ground-breaking applications set to change the future of finance. But, unfortunately, DeFi is also full of get-rich-quick schemes, rug pulls, and generally shady characters.

For a beginner in the DeFi space, even if you can get over the learning curve, you must still try to avoid sharks in the water out to consume your crypto wallet. How do you protect yourself in this DeFi sea of sharks?

You arm yourself with knowledge!

You learn the behaviors and characteristics that previous platforms have historically exhibited and the warning signs the crypto community has learned over time. You have a KogeFarm DeFi checklist!

Based on our years of experience in the DeFi space, we’ve put together a checklist to spot shady DeFi applications mainly around the yield farm space. But, this checklist could equally apply to just about any DeFi application.

Disclaimer: It’s impossible to be positive a DeFi application is a scam. A developer could go rogue, or the entire team may be orchestrating some advanced, long-tail scheme. You can only do your due diligence but know no platform can be trusted with 100% certainty regardless of who they are.

Also, we are not auditors. The risk factors you see below are, by no means, meant to be taken as gospel. These risk factors are based on the Koge team and the Koge community’s personal experience only.

This guide is broken down into various areas in order of importance to watch out for before depositing funds into any DeFi application. Each section will end with a few questions you should have in the back of your mind before depositing your hard-earned funds.

Lack of or Low-Grade Professional Audits

Photo by Glenn Carstens-Peters on Unsplash

You’re probably not a crack smart contract developer. Even though most blockchain code is available to the public, you probably don’t know what you’re looking at. Rather than inspecting the code yourself, you should rely on trusted, professional auditors.

If a platform has no audits at all, that’s an immediate red flag. Every reputable platform has at least one audit by a trusted, independent auditor. Never send funds to a platform that a trusted third-party auditor has never audited.

Also, just because a platform says they’re “audited” doesn’t mean anything. An audit means a lot of things to a lot of people, and smart contracts are complex. Has the specific farm or vault that you’re currently contributing your hard-earned cash been audited? Maybe not.

If you’re technical enough, dig deep into any audit report the platform provides to learn more about what exactly was audited. Ask questions about the audit and monitor the response. Do you get banned when questioning the audit, or does the team politely answer any questions and seem receptive to your feedback?

  • What kind of audits were performed, if any?
  • Is the auditor a well-known and trusted organization?
  • Did the audit cover the feature you intend to deposit funds into?

A Non-Owner’s Ability to Withdraw Funds

When building smart contracts, some platforms include the ability to withdraw funds from non-owners (not you). In the smart contract code, platforms can create a scenario that allows them (not you) to divert your funds somewhere else.

Platforms can use various ways to craft the smart contract code to divert funds. Many projects simply forked from popular services like the original SushiSwap and PancakeSwap contracts had this code. If the developers did not take the time to remove this code, it may still be present.

KogeFarm specifically does not include code that allows us to transfer your funds.

Although you can give the platform the benefit of the doubt that they never would use this power for malicious intent, just because the power exists in the first place is a red flag. Why do they need that kind of authority anyway? Is it essential?

If you’re unsure, be sure to ask the team what abilities they have to withdraw your funds under what circumstances.

  • Can anyone but you withdraw your funds under any circumstances?
  • If a DeFi app does have the ability to withdraw your funds, does it seem like a legitimate reason?

Low Developmental Effort

Scammers are lazy. They want to steal your funds in the easiest way possible. Why spend thousands of dollars and hundreds of hours of developmental time when they can take your money much easier?

Look out for sites that look similar to each other. Scammers can easily create their own token or platform by forking another to find/replace in the code, inserting their own token and services.

If the website looks unlike any other yield farm platform you’ve seen in the past and looks like it was professionally developed, that’s a good sign. A professional-looking website shows that the team behind it put in a lot of their own effort or money to hire professional developers.

The team behind a project probably cares enough about long-term growth and building a great user experience to spend a lot of time on the website. On the other hand, a scammer doesn’t expect to be around for long, so that he could care less about user experience.

  • Is the website a simple fork of an existing project?
  • How different is the website from other websites?

Unfavorable Word of Mouth

If the platform has been out for a while, chances are you’re going to hear people talking about it. You’ll always find courageous guinea pigs willing to test out the newest yield farms in hopes of APY riches. Listen to these people on social media!

Listen to those with the technical knowledge to understand the code behind the platform. Listen to people that have already invested in the platform that decides to talk about it on social media. Keep your ear to the ground to get the sentiment from the crypto community.

Take the general public’s word-of-mouth testimonies with a grain of salt. Like all communities, crypto has many people that cry scam for any project they disagree with. You’re looking for the overall sentiment of the community as a whole, not just one or two people with a grudge against the project.

  • What’s the general sentiment about the project?
  • What are other developers saying about the project? Can they vouch for it?

“Get Rich Quick” Marketing

Photo by serjan midili on Unsplash

“Make a million % APY in our farm!”, “The BEST yield farm around launching soon with…”. You’ve seen all of those hyped-up tweets and Reddit threads. As they say, if it’s too good to be true, it probably is.

If a yield farm is promising you the kinds of returns far and beyond what other yield farms offer, you should be skeptical.

Also, notice how a platform markets itself. Do you notice it’s always just about giving you a high APY % on your deposit? Or are they telling you about other aspects of their platform like a roadmap, the ways they’re protecting users, and other advancements?

If the only “feature” they can talk about is getting you rich with their high yield, they probably don’t have anything else to offer. Respectable yield farms have a team to build their product continually. They are like “real” businesses responsible for improving the user experience.

Shady yield farms don’t plan to be around long and prey upon our desire to make money fast.

  • Does the DeFi application only tell you how much money you can make?
  • Do they promote “boring” concepts like user security?
  • Do they take as much time telling you about features to help use the product easier as they do on how much money you can make?

Lack of Social Media Interaction

Pay attention to the project’s social media presence. Again, shady projects don’t intend to be around that long and will typically never spend a lot of time on social media. If they do, you’ll only see more “HIGH APY % NOW!” exclamations.

Are they using social media to not only use as a bullhorn but also to interact with the community? Are they taking the time to address user concerns over social media? If not, they’re either a tiny team with no resources, or they simply don’t care about you as a user.

  • Does the platform’s team interact with the community on social media or just stick to Telegram/Discord?
  • Do they use social media to share other information about how you can get rich?

Economic Incentives for Yield Farms

Any good skeptic worth their weight should always look into what the other party is getting out of the situation. Do they gain when you gain or is their benefit not connected to yours or even to your demise?

Upfront Fees

Some farms charge upfront fees. Granted, this alone doesn’t mean it’s a scam, but you can immediately see where the economic incentive is. You must pay something to them before you make anything. Their economic incentives are not aligned with yours.

By mandating upfront fees before allowing you to earn any yield is a common tactic for shady farms that generate revenue similar to a Ponzi scheme.

Reward Tokens

Although common in the DeFi yield farming community, reward tokens are another spot where a platform’s incentives don’t align with yours. To incentive investors, many yield farms provide their own token as a reward for providing liquidity.

The farm benefits when you receive these tokens as it puts more of their tokens on the market and typically costs them nothing.

Referrals

Affiliates and referrals are a legitimate way to spread the word about a project. Affiliates typically receive some compensation from the project for attracting more users. Although this practice is not necessarily “scammy,” you must realize the economic incentive behind it.

What’s the referrer getting out of it when you contribute to the project through a referral link? Do they immediately get rewarded when you deposit funds into a farm or vault on the platform? Or, perhaps, do they only get rewarded after a period of time or, even better, receive benefits only when you do?

Although referrals are a legitimate way to attract new users, they should never be weighed as highly as a user simply telling you about a platform with nothing to gain from it.

  • Are the yield farm’s economic incentives aligned with yours or do they make money regardless if you do or not?
  • Does the yield farm charge deposit fees?
  • Does the yield farm “reward” you with their own token or do they offer rewards based on your LP token?
  • Does the yield farm heavily depend on referrals and pay a lot to affiliates?

Low or No Community Participation

If a project truly cares about longevity and is making a conscious effort at growing, it must have a community presence. Legitimate yield farms will always have some form of a community either through a Telegram/Discord presence or some other kind of chat application.

If the platform does have a Telegram presence, for example, how active is it? Do you only see announcements from the team themselves with no one else in sight? With no community participation, you won’t have the crowd effect and the chance that someone has raised concerns about the platform.

Low community participation does not always indicate a scam or shady yield farm. It’s completely possible that the platform is in its infancy and just get started. But, the more people involved in a community means the higher likelihood that someone’s found a chink in a scam platform’s armor and will report it at some point.

Not Responsive to Criticism

Photo by Obie Fernandez on Unsplash

Legitimate organizations will never:

  • Ignore negative feedback
  • Ban those speaking negatively (but legitimately) about the platform
  • Consistently deny problems with the platform
  • Flat out lie

Legitimate platforms are built for their users. Their users are their bosses. If they consistently ignore any claims of a problem, deny legitimate problems, or even ban those speaking negatively of the product, that’s a big problem.

Try bringing up a concern in a Telegram channel and see how the team replies (if at all). If they treat your request as a legitimate concern and feel like they actually listen to your feedback, that’s a great sign.

No Community Governance

Photo by Europeana on Unsplash

How are decisions made? Do they take their community’s input, or do they make all platform decisions on their own? Many community-first organizations provide a Decentralized Autonomous Organization (DAO). A DAO is essentially a way for the community to vote on changes to the platform and how the team conducts business.

By opening up major decisions to the community, a platform shows they care about what their users want. They take user input seriously and only implement major changes if their user base agrees to it.

If they do have a DAO, do they actually stick to it? When a team has technical control over an entire platform, they don’t technically have to adhere to a DAO vote they don’t like. If a DAO vote passes and the team routinely doesn’t implement the changes, that’s a red flag.

  • When someone publicly calls them out on a bug, a mistake, or some other potentially bad publicity event, how does the team respond?
  • Does the platform have a DAO? If so, does the team have a track record of following through on all DAO-voted changes even if it seems the team does not like it?

Anonymity

Photo by Chris Yang on Unsplash

Being anonymous in the crypto world is common. Many people have many legitimate reasons for being anonymous, from government restrictions in their country of origin, personal privacy concerns or professional reputation. But, regardless of the reason, lack of transparency and personal responsibility for a platform can be a warning sign.

If the team behind a platform doesn’t reveal their identity, they suffer no repercussions if the platform is a scam. They have no “skin in the game” and have chosen that their own privacy is more important than being publicly behind their work.

  • Do you know who the team is behind the project?
  • Does the project publicly display the team on its website?

Short Length of Operation

Typically, the platform risk is highest when it’s first released. The public has not gotten a chance to use the platform yet, interact with the team, or inspect the code. A brand new platform is untested by public opinion.

Scams typically aren’t around for long. At some point, the team slips up, an intelligent developer notices an anomaly in the code, or the public will just get bad vibes about a platform. All of these actions come over time.

The longer a platform is around and the larger it grows typically indicates that many different people have vetted the project and found little risk involved. History has shown us that age alone doesn’t indicate a legitimate platform, but the longevity of a project does prove some merit.

  • How long has the project been around?
  • How big is the project?

Conclusion

Keep your guard up in the DeFi world! DeFi is in its infancy and currently has a lot of shady characters lurking around. Think about the risk factors outlined in this article and ask yourself the questions outlined. By doing so, you’ll greatly reduce your risk to fraudulent DeFi applications.

Now that you’re a crack investigator, we invite you to investigate kogecoin.io and kogefarm.io. Give us your best shot!

Cryptocurrency
Crypto
Kogefarm
Defi
Yield Farming

--

--

Adam Bertram
KogeCoin

Written by Adam Bertram

809 Followers
Writer for

A 20-year veteran of IT, crypto geek, content creator, consultant and overall problem solver.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams