Author

Topic: Is DeFi really revolutionary? One attack after another. (Read 268 times)

hero member
Activity: 2660
Merit: 551
We all know that a few months back we had Flash loan attacks costing millions by exploiting bZx protocol. Now, looks like a DeFi protocol, dForce has lost over 99 percent ($25 Million) of its assets in an attack Saturday night.
More info: https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attack
So is DeFi really a revolutionary idea as some claim?

I think it is a revolutionary idea, however, we all know that attacks can happen anytime in crypto sphere, we have seen this since the beginning so if this is a gauge for technology, then I would say it's wrong, in my opinion. Remember that the flaw was already identified in 2018, but they refuses to do something, and now they are paying the price.
legendary
Activity: 1904
Merit: 1159
Defi is certainly revolutionary--snip--
Plus no matter how hard you try, sometimes a small issue is left which no one sees.
That is quite an excuse for millions of dollars being lost due to stupid zero-day exploits on code that these devs tout as "revolutionary"

For that hacking itself needs to be demotivated like via combined efforts by all exchanges to blacklist addresses as soon as they are found to be of hackers.
LOL, If the solution is to do away with hackers and just use code with loopholes, then why do we need DeFi at all? Why make it decentralized at all? Lets just make it well-policed. Lets just trust the services provided by the biggest exchanges. You are making so many leaps of faiths in your desperation to justify this that you are compromising on the fundamental aspects of this ecosystem.
full member
Activity: 983
Merit: 100
Very true, so far over two Defi projects are already attacked by hackers and scammers, this mean that Defi is that different to other projects in crypto world in terms of security, for now it's just like others until further notice
Now the new task for the Defi project is to increase the security of their systems in a stronger direction so they can no longer be attacked by hackers and scammers, because hacking a system will make everything chaotic.
member
Activity: 574
Merit: 18
Making Smart Money Work
Very true, so far over two Defi projects are already attacked by hackers and scammers, this mean that Defi is that different to other projects in crypto world in terms of security, for now it's just like others until further notice
sr. member
Activity: 994
Merit: 261
All will be interested in the new system, so they use it and need a trial to find out the real weaknesses and strengths. DeFi will likely be many who try to use it and hopefully they work hard to be successful with it.
sr. member
Activity: 952
Merit: 284
In love with Bitcoin!! 💓💕
Defi is certainly revolutionary. But if an incompetent Chinese team just copy-pastes the code then you can't do much. Plus no matter how hard you try, sometimes a small issue is left which no one sees. Solution is rigorous auditing which most projects ignore. Also big exchanges are also hacked despite all the security measures. For that hacking itself needs to be demotivated like via combined efforts by all exchanges to blacklist addresses as soon as they are found to be of hackers. Like it was done in the case of this Force hack which led to hackers willing to negotiate and sending back some funds.
legendary
Activity: 2893
Merit: 1158
I think it's the fault of the one who is handling it. DeFi has potential to grow big but the team just neglects the possible risk during its early stage. They didn't fix the problem in the first attack and now they suffered huge lost this attack. $25,000,000 is not a joke to its team and its users. I wonder how they will come back from this?

Idea might be good but that doesn't decides how a project prosper, it is its team.
We know that this is a fairly new thing, but at least it has more advantages than conventional banks. DeFi is more transparent, flexible, with global reach.
And it is not a small fund. With failures and ineffective systems, it will be a good lesson for further development.
https://t.me/ico_analytic/1806
I absolutely agree with you. But Defi developers need to use more secure development tools, but i think need time, because more and more tools created every hours
full member
Activity: 896
Merit: 108
I think it's the fault of the one who is handling it. DeFi has potential to grow big but the team just neglects the possible risk during its early stage. They didn't fix the problem in the first attack and now they suffered huge lost this attack. $25,000,000 is not a joke to its team and its users. I wonder how they will come back from this?

Idea might be good but that doesn't decides how a project prosper, it is its team.
We know that this is a fairly new thing, but at least it has more advantages than conventional banks. DeFi is more transparent, flexible, with global reach.
And it is not a small fund. With failures and ineffective systems, it will be a good lesson for further development.
https://t.me/ico_analytic/1806
full member
Activity: 1624
Merit: 163
I think it's the fault of the one who is handling it. DeFi has potential to grow big but the team just neglects the possible risk during its early stage. They didn't fix the problem in the first attack and now they suffered huge lost this attack. $25,000,000 is not a joke to its team and its users. I wonder how they will come back from this?

Idea might be good but that doesn't decides how a project prosper, it is its team.
legendary
Activity: 2156
Merit: 1151
Nil Satis Nisi Optimum
i do believe that there are issues regarding DeFi, and scams are present, but also believe that each scam is in the news and blown out of proportion, because people lose money all the time, with many scams, bunch of them not related to crypto markets, and nobody is telling stories about that, but each 10k USD loss in DeFi is a story that everyone should hear and it is a shut down for the industry, i do not think so, products are in early stage, and you should analyse solution offered before investing money in it, or invest small amount to see how it is going

i do not understand people that invest 100 ETH in a product that they do not know anything about, and at a later stage they claim that they are scammed, world is not functioning that way, you should do your own analysis before investment
full member
Activity: 1820
Merit: 107
We all know that a few months back we had Flash loan attacks costing millions by exploiting bZx protocol. Now, looks like a DeFi protocol, dForce has lost over 99 percent ($25 Million) of its assets in an attack Saturday night.
More info: https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attack
So is DeFi really a revolutionary idea as some claim?
I believe in the idea of Decentralized Finance or Defi and I think it was an innovative finance option. The main idea is revolutionary because it will create a chain of a Decentralized Finance protocol and not just relying on the old traditional financing scheme. But still, all systems are subjected to flaws and errors. thats why I believe in the saying " No system is perfect, All is subjected to flaws" I think that's the reason (flaws) Only the system is vulnerable but the idea of a Decentralized Finance is great and timely. But I don't leave any possibilities that it may be an inside job who knows!
legendary
Activity: 2893
Merit: 1158
We all know that a few months back we had Flash loan attacks costing millions by exploiting bZx protocol. Now, looks like a DeFi protocol, dForce has lost over 99 percent ($25 Million) of its assets in an attack Saturday night.
More info: https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attack
So is DeFi really a revolutionary idea as some claim?
I think yes, just defi is so young, need time. Eth, if you remember, has problems with such type of attaks. Move language is interesting way of defi

https://blog.dfinance.co/how-dfinance-protect-against-reentrancy-attack/
legendary
Activity: 1904
Merit: 1159
As we grow towards a universal platform and solving issues, Defi would be one of the most secure way to handle our finance, fast, efficient and secure.
What universal platform? DeFi gives no guarantee of being the "most secure way". Decentralizing finance is an idea to allow access to finanical tools without central parties. Security has got nothing to do with it being decentralized. Its security will only be as good as the underlying protocols and the intelligence/ expertise of its devs.

From the host of attacks, it is clear that the ethereum based platforms are inherently insecure due to a multitude of possible bugs. This one was an exploit of the ERC-777 standard btw. If you need security, all these "devs" and "teams" should stop playing with toys that sound exciting and focus on development using bitcoin, the safest network there'll ever be.

--snip--security like cold wallet storage and multi-sig function on the parts of the team members.
In such exploits, security is breached not because of not following basic things like cold-wallet or multi-sig. These are breaches due to inherent weaknesses of the ethereum platform. Since the DAO Hack, it has been shown numerous times that Ethereum based entities lose money due to code issues. How can people just put in millions on these is beyond understanding. Novelty and the greed i suppose.
hero member
Activity: 2604
Merit: 816
🐺Spinarium.com🐺 - iGaming casino
The decentralized Finance technology are new and varied. That's the reason why many of them are attached. It's also due to the lack of safety measure implemented by those DEFis.
As we grow towards a universal platform and solving issues, Defi would be one of the most secure way to handle our finance, fast, efficient and secure.

If that technology can attract more people to come, I guess there will one or more group of people who want to try to test the system, so they know if the platform have a bug or not. But I agree that Defi will grow better in the future if the team can do hard work and fix the problem although there is no guarantee for them not to get attack again.
full member
Activity: 742
Merit: 128
Coinbene.com - Experience Fast Crypto Trading
The decentralized Finance technology are new and varied. That's the reason why many of them are attached. It's also due to the lack of safety measure implemented by those DEFis.
As we grow towards a universal platform and solving issues, Defi would be one of the most secure way to handle our finance, fast, efficient and secure.
this is another lesson to learn before releasing a new ideas First make sure there are no holes and security issues before launching a project . Since it's a big money involved  there is also big risk and like what happened  there are big money that has been  lost for that experiments.
jr. member
Activity: 672
Merit: 1
If truly decentralized, such loss wouldn't have occurred. There should have been some measures in its funds security like cold wallet storage and multi-sig function on the parts of the team members.
jr. member
Activity: 45
Merit: 1
The decentralized Finance technology are new and varied. That's the reason why many of them are attached. It's also due to the lack of safety measure implemented by those DEFis.
As we grow towards a universal platform and solving issues, Defi would be one of the most secure way to handle our finance, fast, efficient and secure.

Agreed
sr. member
Activity: 1932
Merit: 300
Vave.com - Crypto Casino
The decentralized Finance technology are new and varied. That's the reason why many of them are attached. It's also due to the lack of safety measure implemented by those DEFis.
As we grow towards a universal platform and solving issues, Defi would be one of the most secure way to handle our finance, fast, efficient and secure.
Ucy
sr. member
Activity: 2674
Merit: 403
Compare rates on different exchanges & swap.
I was reading about the hack to understand what really happened to a whole "decentralized thing"... saw an interesting article on yahoo, checked back later and i could access it again....probably due to my device or something else...



* The article on yahoo appeared this way:

Quote
Multicoin Capital-backed DeFi protocol dForce loses ~$25M total locked value in an exploit

Celia Wan
The Block ● April 19, 2020, 4:36 AM UTC



— Well, here are some interesting things I found on the article (summary) :

Quote
* dForce, a Multicoin Capital-backed Chinese decentralized finance (DeFi) protocol, has been exploited.

* On the dForce Telegram channel, CEO Mindao Yang said the team is still investigating the issue and advised users not to supply any asset into Lendf.Me now. The team also confirmed the Chinese crypto news site ChainNews that it Lendf.Me was attacked at block height 9,899,681.

* Although details of the exploit were yet to be revealed, it is worth noting that in January,
Lendf.Me integrated with imBTC , an Ethereum token pegged to BTC. Earlier today, a liquidity pool for imBTC on decentralized exchange Uniswap was exploited, resulting in a loss of around $300,000 worth of tokens.
The imBTC attack took advantage of the fact that imBTC uses ERC 777 standard, which allows the hacker to continuously call the Uniswap smart contract to withdraw funds before the external balance could be updated.
On Twitter, some users are speculating that Lendf.Me experienced a similar attack to the imToken one, as transaction records show that the hacker repetitively called Lendf.Me's withdrawal function to take out imBTC that was supplied to the lending protocol by the hacker in the first place.
This scheme, however, was not new. In 2016, the famous DAO hack used a similar mechanism that led to $60 million Ether being stolen. A ConsenSys audit of Uniswap last year also discussed this vulnerability in depth.

* On April 15, dForce just announced a $1.5 million funding round led by Multicoin Capital, with participation from Huobi Capital and China Merchants Bank International (CMBI), the investment arm of one of the biggest banks in China.

The link:
https://finance.yahoo.com/news/multicoin-capital-backed-defi-protocol-043640470.html?guccounter=1&guce_referrer=aHR0cHM6Ly9kdWNrZHVja2dvLmNvbS9sLz9raD0tMSZ1ZGRnPWh0dHBzJTNBJTJGJTJGZmluYW5jZS55YWhvby5jb20lMkZuZXdzJTJGbXVsdGljb2luJTJEY2FwaXRhbCUyRGJhY2tlZCUyRGRlZmklMkRwcm90b2NvbCUyRDA0MzY0MDQ3MC5odG1s&guce_referrer_sig=AQAAANLxu58lZfWJcV8j0esqlub8L7YYjL70j0JSIVnQGLVFkIB5EAz2VPhcMwnnp-_f0jXG8CSL6e_Ud9NKhmZCMEyT5BjuE9D2GOEOoUjDmGrdW6fyxLPH0BEr3-_B3iFg8V8T98z7GjZZggUul-SCkT-Va0ikW2lilVkwFER7wNmS



That ^ doesn't look decentralized even without seeing the details of what really went wrong.
Some desperately trying to give decentralization a bad name? I hope not.

"Defi" community really need serious and honest cleansing of the platform, or maybe abandon it and start something really decentralized and safe?
hero member
Activity: 2282
Merit: 505
It seems hackers have identified a loop hole in defi protocol and that's how the hacking will continue. Something needs to be done to stop this early.
That means if that was not a defi. The real decentralized finance that was truly decentralized just like fork or even etherdelta. These are the real dex. So many times the hacked tried to hack both of these sites but it never happened except DNS hijacking but the hot wallet was still safe. So many platforms sell Defi as a gimmick only to raise the attention from the users while they were all crap platforms.
hero member
Activity: 1876
Merit: 512
The issue with Deforce team is predictable, I do not know how stupid a team can be and decided to force compound code and start using it, do you think the compound team are stupid when they decided to move to V2. I do not think some of these developers understand the risk factor associated with business like Defi and people just start to appreciate some platform that has been running for years without being exploited and users also need to do the cost benefit analysis if it worth it risk your money for a 10% at most profit.
jr. member
Activity: 61
Merit: 1
It seems hackers have identified a loop hole in defi protocol and that's how the hacking will continue. Something needs to be done to stop this early.
legendary
Activity: 1904
Merit: 1159
Give the ecosystem some time, it will find stability
On what basis do you say that? It is a shit -show with people coming up with these concepts of BTC derivatives/ ETH-derivatives. Cryptocurrencies in themselves are an in-fallible record unto themselves. Just because you want to trade them, you don't necessarily need these "derivatives". In most cases, the underlying assets lose value, or are manipulated by market strategies or worse still, the developers fuck up and have their code exploited.

People who are betting on such an infrastructure are bound to lose. Instead of making a show of these so-called protocols and smart-contracts, the serious developer should actually be focussing on ensuring that the underlying asset is rock-solid in terms of finality of settlement and robustness of code. Only bitcoin fulfills that. If these DeFi devs want to be taken seriously, they should stop toying around with insecure protocols and start development using bitcoin. The ideas of smart-contracting using Simplicity/ Sidechains are what they should invest effort in. Otherwise "DeFi" will continue to be another one of the money grabs after ICOs, IEOs and what not.
jr. member
Activity: 35
Merit: 2
Give the ecosystem some time, it will find stability
sr. member
Activity: 1050
Merit: 416
Buy Bitcoin
We all know that a few months back we had Flash loan attacks costing millions by exploiting bZx protocol. Now, looks like a DeFi protocol, dForce has lost over 99 percent ($25 Million) of its assets in an attack Saturday night.
More info: https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attack
So is DeFi really a revolutionary idea as some claim?
Jump to: