DeFi is a blockchain-based approach to delivering financial services that don’t rely on centralized intermediaries but instead use automated programs. These automated programs are known as smart contracts, enabling users to automatically trade and move assets on the blockchain.
Protocols in the DeFi space include decentralized exchanges (DEXs), lending and borrowing platforms and yield farms. Since there are no centralized intermediaries, it’s easier for users to get involved in the DeFi ecosystem, but there are also increased risks. These risks include vulnerabilities in a protocol’s codebase, hacking attempts and malicious protocols. Combined with the high volatility of the crypto market in general, these risks can make it harder for DeFi to reach wide adoption with average users.
However, workarounds and advancements in the blockchain space can address these concerns.
Regulatory concerns with DeFi
Regulation can benefit the DeFi space, but it also conflicts with the core principles of decentralization. Decentralization means a protocol, organization or application has no central authority or owner. Instead, a protocol is built with smart contracts executing its main functions while multiple users interact with the protocol.
For example, smart contracts take care of the staking and swaps with a DEX, while users provide liquidity for the trading pairs. What can regulators do to prevent an anonymous team from pumping up a token’s value before withdrawing liquidity from DEXs, otherwise known as rug pulling? Due to the decentralized nature of the DeFi ecosystem, regulators will face challenges when trying to maintain a certain level of control within the space.
Despite the challenges, regulation isn’t completely out of the picture regarding decentralized finance. In Q4 2021, the Financial Action Task Force released an updated version of their guidance to virtual assets document. The update outlined how developers of DeFi protocols could be held accountable in a crisis. While the protocol may be automated and decentralized, the founders and developers could be called virtual asset service providers (VASPs). According to the state where they are based, they may also need to be regulated.
Regarding regulation within DeFi, platforms can also build protocols that comply with regulatory requirements. For example, Phree is a platform that builds decentralized protocols while considering regulatory concerns where possible. One of the ways they do this is by working with traditional finance entities to build DeFi protocols that meet standard regulation requirements. This would entail adding processes like Know Your Customer and Anti-Money Laundering checks to DeFi platforms like DEXs and lending or borrowing platforms. In addition, making traditional finance (TradFi) compatible with the DeFi ecosystem would help to spread its adoption due to the dominance of organizations in the TradFi space.
Ajay Dhingra, head of research at smart exchange Unizen, told Cointelegraph, “Incompatibility with traditional finance ecosystem is one of the major challenges. There is a need to connect the CeFi regulatory framework with on-chain identities and real-time regulatory reporting so that Defi becomes accessible to financial institutions that deal in trillions.”
Central bank digital currencies (CBDC) have been suggested as an answer to stablecoins after the Terra algorithmic stablecoin collapse earlier this year. Swiss National Bank executive Thomas Moser previously told Cointelegraph regulators might favor centralized stablecoins over decentralized ones. However, he also mentioned that it would likely take time and that current financial regulations could make the DeFi ecosystem obsolete due to conflicting principles.
Security concerns within the DeFi ecosystem
Security issues are a major concern within the DeFi sector, with malicious actors in the space taking advantage of vulnerabilities within bridging protocols and decentralized applications (DApps).
Adam Simmons, chief strategy officer of RDX Works — builders of the Radix protocol — told Cointelegraph, “The dirty secret of DeFi right now is that the entire public ledger technology stack has a huge number of known security issues, as demonstrated with the billions of dollars lost in hacks and exploits in the last few years.”
Vulnerability exploits are still taking place in the DeFi space. Recently the Nomad token bridge was drained of $160 million worth of funds. It is also estimated that $1.6 billion worth of funds has been stolen from DeFi protocols this year alone. Lack of security within the DeFi space makes it less likely for new users to get involved while discouraging people who have fallen victim to protocol exploits.
In order to combat this problem, there needs to be a greater emphasis on vetting protocols within the space to discover vulnerabilities before hackers can take advantage. There are already platforms like CertiK that carry out audits on blockchain-based protocols by checking the smart contract code, so that’s a good start. However, the industry needs to see increased auditing of DApps before they go live to protect users in the crypto space.
User experience issues
User experience (UX) is another potential roadblock for users who want to get involved in the DeFi ecosystem. The way investors interact with wallets, exchanges and protocols isn’t a straightforward intuitive process, leading to some users losing their funds due to human error. For example, in November 2020, a trader spent $9,500 in fees to execute a $120 trade on Uniswap after getting the “gas limit” and “gas price” input boxes confused.
In another example, a rock nonfungible token (NFT) worth $1.2 million was sold for less than a cent when a user listed it for sale at 444 WEI instead of 444 Ether (ETH). These examples are known as fat finger errors, where users lose money due to mistakes they make when inputting values for prices or transaction fees. For DeFi to be widely adopted by the masses, the process must be simple for regular, everyday people.
However, that is currently not the case. In order to use a DeFi application, users need to own a noncustodial wallet, or a wallet where they control the private keys. They also need to back up the recovery phrase and keep it in a safe place. When interacting with a DApp, users need to connect their wallet, which can sometimes be complicated, especially when using a mobile wallet.
In addition, when sending or receiving payments, users need to copy the addresses involved in the transactions, and in some cases, they need to input the amount of gas they want to spend on a transaction. If a user doesn’t understand this process, they could use a low gas setting and end up waiting hours for their transaction to be sent since the gas fee is so low.
The process gets even more complex when dealing with tokens built on networks such as the ERC-20 and BEP-20 standards. When you transfer these tokens, you need to pay for the transaction with the cryptocurrency of the network it belongs to. For example, if you want to send an ER-20 token, for example, USD Coin (USDC), you’ll need to hold ETH in your wallet to pay for the gas, which adds more complexity to the transaction.
Developers in the DeFi space need to make the ecosystem more user-friendly for beginners and regular non-technical users in the space. Building wallets and DApps that prevent fat finger errors (by auto-inputting values, for example) is a good start. This is already the case with centralized exchanges, but it needs to be brought into decentralized platforms and noncustodial wallets for the DeFi sector to grow.