MakerDAO’s loss of more than $5 million over a technical issue raises questions on the stability of the DeFi ecosystem, as a string of attacks threatens Ethereum.
Thursday’s market meltdown left MakerDAO (MKR) with a $5 million hole that the project is now scrambling to fill. As this is just the latest in a series of hard blows to decentralized finance (DeFi) projects, some are wondering if the ecosystem can sufficiently defend itself.
Cointelegraph contacted a variety of industry experts and DeFi stakeholders to get their takes on the health of the decentralized finance ecosystem.
Millions lost to attacks
The Coronavirus-induced price crash was an effective stress test for Ethereum (ETH). The network became congested as users rushed to exchanges, the incredible volatility wreaking havoc on some systems.
Alex Melikhov, CEO of EOSDT — something of a MakerDAO’s analog running on EOS — explained what happened to Cointelegraph. Melikhov argues that the issue was the proprietary oracle MakerDAO used for price feeds, which glitched due to the sudden flood of pending transactions.
“As a result, the on-chain prices in the system were remaining outdated in a period of significant price movement — $166/ETH on-chain instead of $133/ETH on the market.”
Melikhov suggested this caused a “perfect storm,” in which MakerDAO’s keepers were unwilling to buy Ether at a 20% market premium instead of the usual 3% discount. This lack of natural buyers seems to have paved the way to trouble. Melikhov explained:
“MakerDAO’s logic allows for zero bids at auctions, so some market actors got liquidated ETH for free.”
Maker accumulated some $4 million of unsecured debt as a result. After considering an emergency shutdown, the Maker Foundation did not take decisive action. Melikhov suggests this led to the widening of the collateralization hole, which now sits at $5.5 million on March 13.
The loss comes less than a month after two high-profile attacks siphoned more than 3,000 ETH in collateral worth ~$360,000 from DeFi platform bZx.
Turmoil in DeFi
These first visible cracks in DeFi’s reliability shifted the tone of the community’s conversation, according to Andre Cronje, developer of the iEarn platform. In early March, Cronje quit the project citing a “hostile community” that holds developers “responsible, and even liable for user actions.”
Equilibrium’s Melikhov emphasized that MakerDAO’s recent problems are technical, and not economic in nature:
“These circumstances showed off the lack of redundancy in the MakerDAO’s system and weaknesses in the Ethereum network capacity.”
The DeFi community may be especially sensitive to vulnerabilities in MakerDAO’s system because it currently holds over 55% of all the Ether locked in DeFi projects, according to Defipulse. The company’s DAI stablecoin is furthermore the most traded asset in decentralized exchange platforms such as Uniswap and Kyber.
“The DeFi landscape might change dramatically if MakerDAO fails,” Melikhov noted.
Synthetix CEO and co-founder Kain Warwick adopted a more positive tone about these recent events, emphasizing that the price decline has nothing to do with Ethereum’s fundamentals. Warwick nevertheless concedes that the price decline exposed some vulnerabilities in DeFi:
“This recent downturn has been a macro trend driven by uncertainty, so this short-term price action on ETH doesn’t reflect the long-term viability of the network. We’ve definitely seen some teething problems over the last 24 hours as protocols have experienced shocks due to the price action.”
Michael Anderson, co-founder of DeFi-heavy investment fund Framework Ventures, maintains that the attacks are “exogenous factors” that are nevertheless leading to exploitation of their system design. He added:
“These issues are persisting because we now have a real amount of value in the DeFi ecosystem, and therefore an incentive to search for weak points.”
So what happens now?
The MakerDAO community has already initiated emergency measures to stabilize the network. Its whitepaper includes a contingency for under-collateralization, which consists of minting new MKR and auctioning it off until the borrowers are made whole. That auction is expected to occur in the next few days.
The community is also developing measures to prevent similar issues in the future.
bZx has also revealed its plan to restart activity, seeking to learn from past mistakes. The user losses will be covered by the team and bZx stakeholders, while security is set to be bolstered through higher bug bounty rewards and audits.
Synthetix’s Warwick argued that the price action and subsequent vulnerabilities served as an important lesson to the ecosystem.
“The good news is these tests are a clear demonstration of antifragility of Ethereum — becoming stronger through stress.”
Sowmay Jain, co-founder and CEO of DeFi-enabled wallet InstaDApp, likewise remained optimistic about future prospects.
“Such painful times remind us that we are extremely early in the space, and there’s still lots of room for improvement. However, I am very hopeful this will ensure that the DeFi ecosystem rises back with an even robust economy.”
Equilibrium’s Melikhov summarized the lessons to be learned from this turbulent period. He also expressed hope that DeFi will see more active development on other blockchain platforms:
“Overall, it will hopefully result in more precise financial modeling and maintaining more technical redundancy for the sector. We at Equilibrium strongly believe that the cross-chain approach will significantly improve the risk profile of the ecosystem.”
Michael Anderson believes that there is no single solution that would prevent further attacks:
“We will be playing ‘whack-a-mole’ for a while, but each time we find something the industry grows stronger for it.”
Some people expected this
Messari co-founder Ryan Selkis had expressed his skepticism about DeFi’s security in January, well before any of the hacks occurred. “Impossibly optimistic to say there won’t be a confidence shaking bug before DeFi gets big,” he concluded.
Anderson, whose fund relies heavily on DeFi investments like Chainlink and Synthetix, also anticipated the trial by fire. He said:
“Sergey [Nazarov] from Chainlink has said this before, and we agree, that the DeFi ecosystem will need to go over these bumps on the path of progression. Discovering these issues now, while the stakes are relatively low, will put DeFi in a much better position to take on more value and develop better products”
Noted BTC evangelist Andreas Antonopolous also seems to have called this price decline a couple months before it happened. Speaking during a January 3 podcast episode, Antonopolous said, “The reason it will crash hard is because a lot of the venture capital, corporate investments and private investment from individuals that is based on cheap money and disposable income and excess cash in portfolios etc., like in any other part of the economy, will dry up.”
If the decentralized finance sector can navigate this storm successfully, the user confidence is bound to return. It just remains impossible to know how long the storm will last.