The Decentralized Financial Crisis: Attacking DeFi

by   Lewis Gudgeon, et al.

The Global Financial Crisis of 2008, caused by excessive financial risk, inspired Nakamoto to create Bitcoin. Now, more than ten years later, Decentralized Finance (DeFi), a peer-to-peer financial paradigm which leverages blockchain-based smart contracts to ensure its integrity and security, contains over 1bn USD of capital as of February 2020. Yet as this ecosystem develops, with protocols intertwining and the complexity of financial products increasing, it is at risk of the very sort of financial meltdown it is supposed to be preventing. In this paper we explore how design weaknesses in DeFi protocols could lead to a DeFi crisis. First, overcollateralized DeFi protocols are vulnerable to exogenous price shocks. We quantify the robustness of DeFi lending protocols in the presence of significant falls in the value of the assets these protocols are based on, showing for a range of parameters the speed at which a DeFi protocol would become undercollateralized. Second, we present a governance attack on Maker - the largest DeFi protocol by market share - that allows an attacker to steal all 0.5bn USD worth of collateral. Moreover, we present a novel strategy that would allow an attacker to steal the Maker collateral within just two transactions and without the need to lock any tokens. This paper shows that with the composition of collateralized debt in these DeFi protocols, the failure of one protocol may lead to financial contagion, resulting in losses ranging from 145m USD to in excess of 246m USD.


page 8

page 17

page 19


Empirical Review of Smart Contract and DeFi Security: Vulnerability Detection and Automated Repair

Decentralized Finance (DeFi) is emerging as a peer-to-peer financial eco...

Disentangling Decentralized Finance (DeFi) Compositions

We present the first study on compositions of Decentralized Finance (DeF...

Data Privacy Protection in DeFi Protocols

With the development of decentralized finance (DeFi), the inherent limit...

FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation

In decentralized finance (DeFi) ecosystem, lenders can offer flash loans...

Short Squeeze in DeFi Lending Market: Decentralization in Jeopardy?

Anxiety levels in the AAVE community spiked in November 2022 as Avi Eise...

Cryptographic and Financial Fairness

A recent trend in multi-party computation is to achieve cryptographic fa...

Liquidity Risks in Lending Protocols (LPs): Evidence from Aave Protocol

Decentralized Finance (DeFi) can replicate most traditional financial ac...

Please sign up or login with your details

Forgot password? Click here to reset