Brew Money

Chapter 10

Risks in DeFi

Innovation risk is an age-old story. The DeFi industry is new, and the risk it entails transfers to the users. Some risks to consider with DeFi are scams, hacks, fluctuating yields causing losses, & abandoned projects.
1. Phishing Attacks run rampant in the DeFi space right now. The scammer usually pretends to be an official entity and tricks people into sharing confidential information.
Example: Using the keyword ‘Metamask’ will attract multiple bots sharing a google form link with the user. The google form asks you to enter sensitive information such as a wallet seed phrase or click on an unknown link.
2. Social Engineering: Scammers set up accounts that look exactly like famous personalities & convince users to transfer their crypto on the promise of better returns. 
Example: Someone lost $1.14 million to scammers pretending to be Michael Saylor, the CEO of MicroStrategy.
3. Hacks: DeFi users collectively lost ~$1.57 billion in the first four months of 2022 due to exploits. The developing stage of the space allows for blind spots in security that hackers can exploit. 
Example: On August 10th, 2021, Hackers exploited a vulnerability in Poly Network’s codes that powered their smart contracts & swiftly made away with a whopping $611 million. 
4. Rug pulls: A project may suddenly be abandoned with the liquidity cleared out. This ‘exit scam’ is being done in different ways:
  1. Protocol’s Development team may deliberately leave backdoors in their smart contracts so that they can "rug pull" the funds once the time comes.
  2. Admin access to funds may be hacked or manipulated by the internal team.
The name is popularly associated with dApps providing liquidity to DEXs.
Example: Luna Yield disappeared with ~$6.7 million after two days of launching on Solana’s launchpad SolPad. The team members were nowhere to be found, with all social media handles deleted.
5. Dying projects: A given dApp may ultimately be left to die on the vine as the core team developing it pursues other projects.
Example: GetGems was launched in 2015 as a social messaging app that allowed people to send and receive Bitcoin. After raising ~$1 million through crowdfunding and direct investments, they failed to deliver any initial objectives.