Truly Crypto 101
Published in

Truly Crypto 101

How to identify risks in DeFi?

Over the past year, the DeFi sector has been on a rollercoaster ride with a period of explosive growth and has now entered the correction territory. But from a long-term perspective, it is safe to say that the sector has been evolving non-stop since day one, with new products emerging from time to time. Despite the current bear market, the DeFi ecosystem has become a major part of the crypto world, with its total value locked (TVL) exceeding $100 billion.

Indeed, many people have made a fortune in the DeFi industry, but as people often put it, one should never expect to profit from something beyond one’s comprehension. The crypto space is full of opportunities, but they come with various risks, and DeFi is no exception.

DeFi protocols do offer higher returns than traditional financial platforms, but they are riskier. Investors who jump on the crypto bandwagon blindly or get caught up in the market sentiment can easily put their hard-earned money into fraudulent projects and end up losing their shirts.

Next, Truly will walk you through the common risks in DeFi and how to identify them.

Common Risks in DeFi

1. Contract Risk

Statistics show that most hacker attacks happen due to the bugs in smart contracts. With smart contracts, funds are not held in the hands of individuals, and these contracts are more transparent than their centralized counterparts; however, the quality of their codes varies depending on the technical skills of the development teams. The bugs in the open-source code may not be found and fixed by anyone in the team or reputable audit agencies in advance, which may lead to hacking or manipulation and loss of users’ funds.

2. Liquidation Risk

Users can lock assets in smart contracts as collateral for loans, and to avoid bad debts, the lending protocol will liquidate the collateral in a market free-fall. In such cases, if there is a significant drop in the price of the collateralized assets or even a massive sell-off, the borrower may be exposed to the risk of a large-scale liquidation. Truly believes forced selling entails considerable risk and sets the stage for radical price swings.

Normally, it is relatively safe to pledge assets twice the amount of the loan.

3. Operational Risk

Operational risks are caused by the operators, either intentionally or unintentionally.

Let’s first look at malicious manipulation. Many new DeFi projects pair their native tokens with ETH/USDT/DAI to attract investors with high returns. Having seen an increased number of investors, the project teams will make off with the ETH/USDT/DAI already in their protocols. Some other teams may claim to have been hacked, but in reality pocket the money and run away.

A famous example is Thodex, whose executives allegedly fled Turkey with $2 billion of customers’ funds.

There are also risks not deliberately incurred by operators, such as high trading slippage caused by low liquidity in the DEX market. Or it is possible that the relatively low-cap or illiquid assets may be subject to price manipulation. Collateral prices can be artificially inflated, and the borrowing power increased to unsustainable levels by exploiting loopholes in the protocol stability mechanism, thus exposing users to losses.

4. Legal Risk

In January, the U.S. Securities and Exchange Commission (SEC) made a proposal in which the terminology could include DeFi platforms, leading to regulatory uncertainty. In addition to the U.S., Japan, South Korea, India, Brazil, and various European countries have all signaled their intention to regulate the crypto world.

5. Centralization Risk

An article published by China Finance 40 Forum argues that algorithms cannot anticipate all possible scenarios, so DeFi systems are inevitably characterized by a certain degree of centralization. First, all DeFi platforms have a centralized governance framework. Second, the decision-making power under a given institutional arrangement may be concentrated in the hands of a few large stablecoin holders. Finally, the actual arrangements in place may lead to collusion among a few users with large coin holdings. Nevertheless, the article gives equal credit to the important role that DeFi may play in the financial system in the future.

Methods for Risk Detection

Method 1: Gather Data from Multiple Sources

As an investor, you need to use multiple tools to understand the data of the DeFi platform such as trade volume, asset value, profitability, liquidation rate, and even the status of the network memory pool as network congestion can also result in significant price fluctuations.

You may gain such information through various tools including the platform’s official accounts, third-party data platforms, analysis platforms, and news platforms of the industry. The more tools you have, the more accurate evaluation you may produce on the status quo of the platform.

Method 2: Choose Reputable Projects

An important indicator of the strength of a DeFi project is whether its fund pool provides high liquidity and tokens can be swapped stably. Moreover, you are advised to check the asset types of the project and who is backing it.

Having existed for over 2 years, projects such as Uniswap, Aave, and Compound have a relatively good reputation, with sufficient value locked in their ecosystems. As of now, the TVL of TUSD in Compound has reached $88 million, and users can earn high APY by depositing TUSD there.

Method 3: Check the Background Info of the Founder(s)

Misleading and deceptive information in the crypto world is as common as that in the real world. Recent news about a project or the background information of its founding team can be fraudulent. Therefore, you must probe into the sources of any “good news” about a DeFi project, the background of its founding team, and their backers. Is there any public information about the project’s founder(s)? Was there any suspicious report on them or any other dark history?

Many project founders are anonymous these days, which may pose great potential risks.

Method 4: Check the Lock-up Period

Liquidity is widely accepted as the cornerstone for any DeFi project. Lack of liquidity may bring significant negative effects on other market activities such as Token exchange, Automated Market Making (AMM), and Lending/Liquidity Mining/Yield Farming.

Therefore, it is vital to get a clear idea of the lock-up period set by a platform before you invest in its project. Most projects may lock up the liquidity in the pool for a certain period to protect the interest of investors, while projects without a lock-up period present more risks.

Method 5: Keep an Eye on Abnormalities

Pay extra attention to incidents such as a sudden surge in token prices or abnormally high rewards: obviously, these are orchestrated to lure more funds into the project. This is a painful lesson learned by many blind profit-seekers: all that glitters is not gold. A notorious case in recent days is Anchor’s 20% APY on UST, and people believe that the lending protocol’s over-aggressive incentive mechanism is the culprit for UST’s collapse.


Bitcoins were rejected as something “worse than tulip bulbs” by traditional finance giants such as JPMorgan just a few years ago. However, as the representative of the crypto assets, bitcoins are now regarded as the “digital gold”. In comparison, although the DeFi market is relatively flat, most people are optimistic about the next wave of DeFi boom.

On the other hand, DeFi is still a novel concept in the financial world despite its popularity over the last couple of years, with virtually all transactions being conducted over the counter (OTC). The tools for market warning are still in their early stages and have not been fully trialed. Therefore, investors should plan carefully and take prudent risks when investing in DeFi projects.

In short, we need to be flexible, sharp on seizing investment opportunities, and keen to learn and improve constantly. As we evolve together with the market, we will naturally reap huge rewards.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

TUSD is the world’s most trusted stablecoin, fully backed by USD and independently attested live and on-chain, now moving billions of dollars around the world.