Opinion: Security should be the number one focus of DeFi projects
2022 is shaping up to be a rough year for participants of the decentralized finance (DeFi) economy.
As if the weeks-long bear run in the crypto markets wasn’t enough to shake investor confidence, a new report from CertiK has presented shocking details about the losses suffered by DeFi investors thanks to an unprecedented number of attacks and scams.
According to DeFi Pulse, the DeFi economy has registered a meteoric rise in the recent past, with the total value locked (TVL) catapulting from $23.5 billion in December 2020 to over $101 billion in December 2021.
What’s more shocking however is that in the first quarter of this year (Q1 2022), investors have lost a total of $1.3 billion across 82 attacks!
This amount is eight times greater than the amount lost to attacks in Q1 2021. In fact, scams and attacks robbed investors of a total of $1.55 billion over the course of 2021. We are already tantalizingly close to that figure in Q1 alone, setting 2022 on the path to being the most disastrous year for the DeFi economy in terms of security incidents.
Safety is paramount
This leads me to believe that all DeFi projects should make platform and investor security their number one priority. Thorough, robust, end-to-end security can no longer be an optional add-on, but rather a mandatory feature.
This should start with attuning investors and platform operators to the tricks employed by attackers to scam participants. While I’ll concede that not all DeFi investors have healthy cybersecurity hygiene, exchanges and networks have been compromised as well, and not always using sophisticated attacks. For instance, the blitz on the Ronin Network which cost upwards of $600 million was traced back to a spear-phishing campaign, one of the oldest tricks in the cybercriminals’ book that’s well understood, and easily avoided.
One of the most effective mechanisms to force security is adherence to strict compliance procedures, which is why I welcomed calls for increased oversight of the DeFi industry. And now I have the data to rationalize my support.
According to CertiK, rugpull scams ($32,100,638) and flash loan attacks ($6,754,170) account for 75% of all attacks in Q1 2022. Both of these attacks, along with several other ones that take advantage of the anonymous nature of the DeFi economy, can be tackled by a regulatory framework backed by damaging penalties.
All DeFi platforms should be made to adhere to the procedures subject to the platforms in the traditional financial sector to create greater accountability. The industry should come together and ensure that 2022 is looked back, not for the financial upheaval in the crypto market, but for the conscious steps towards making the DeFi industry safe for individual investors.