Decentralized Finance is one of the more prominently utopian ideals promulgated by diehard crypto revolutionaries. At its heart is the promise of frictionless exchange, where intermediaries like banks and brokers would not be necessary for the facilitation of deals between two parties. Logic-based digital code would be the only mechanism required to ensure transactional integrity.
The promise is rosy, but the practice can be perilous. As a floating entity devoid of central leadership, quality control within DeFi code is sometimes lacking. Like grizzlies to upstreaming salmon, hackers are drawn to easy pickings. About six weeks ago, state-sponsored hackers from North Korea pilfered over 173,000 ether and over $25M USD coin tokens through a vulnerability in the Ronin sidechain that supports the madly lucrative Axie Infinity NFT game. At the time of theft, the haul was estimated to be USD $540M.
Earth’s most tyrannical regime just got a little richer, and if that’s not troubling enough, there’s also this: each hack within the DeFi space undermines its viability, perhaps even at a theoretical level. If your server brings you spoiled food, you can ask to speak with the manager. What to do when there are no managers? Sorry, Karen. Write down your phone number on this sticky note and someone from somewhere will get back to you, maybe.
Certainly, centralized exchanges have had their fair share of pies to the face. Mt. Gox, anyone? For the time being, however, hackers have found lower-hanging fruit in DeFi and DEXs. Centralized exchanges have allocated big funds and big brains to shore up their safeguards and security measures, and major hacks have become less common among them. The largest centralized exchanges are also likelier to have the capital to restore stolen funds to customers and survive a hack.
An old fan favorite among South Koreans, BitMEX, proudly states on its homepage: “Zero Cryptocurrency Lost through Intrusion or Hacking.” In the wild, wild west, that’s not nothing. DeFi might be a wonderful idea, but delivery of product is the real trick. “Frictionless, when functional” doesn’t have the same ring to it. As always, investors and users will need to be cautious about how they move assets. At no time in history has security been an easy game. Security itself is a good, and it’s never free.