by HodlX guest post Submit your post
In the United States, government-backed organizations protect most traditional users of finance by providing some sort of insurance for their deposits.
Among other things, these organizations protect funds in registered Institutions against loss as a result of the insolvency or bankruptcy of the bank.
Would a similar organization work in DeFi?
What are FDIC and SIPC?
FDIC
The FDIC protects deposits in banks up to certain limits. If a bank becomes insolvent, the FDIC will retain or liquidate its assets and begin paying customers.
The FDIC spends most of its budget on a consumer surveillance and protection program.
The program concerns the examination of banks in order to assess their operating conditions, management practices and policies, and compliance with applicable laws and regulations.
It also ensures that participating US commercial and savings banks comply with consumer protection laws. About $1.1 billion was spent on this program thus accounting for 58% of its expenditure in 2021.
He spent $227 million to resolve the bankruptcy of the bank and manage the receivership of these funds. In addition, it spent $316 million managing its deposit guarantee fund, while $303 million went to what it called “enterprise general and administrative expenses.”
This adds up to a total of $1.9 billion in FDIC operating expenses. A more detailed overview of their spending in 2021 can be found in their annual report here.
SIPC
SIPC protects users’ shares in broker-dealers. If a broker-dealer loses your securities as a result of insolvency, the SIPC will step in to liquidate their assets and initiate legal action against anyone necessary to return as much of the funds as possible.
Both of these organizations function well to protect consumers from losing their traditional finances but they are used to it.
In addition to being able to raise funds by charging an appraisal rate that acts as a membership fee or insurance cost for institutions, most of their functionality comes from the ability to liquidate assets and take legal action against responsible parties.
This may not be likely or even possible with DeFi.
Can this model run in DeFi
DeFi hacks especially since last year they are not only more common and more expensive percentage in the industry. They are also less likely to end up with the return of stolen funds.
The most effective way to make up for lost funds from users in DeFi is not litigation. Repays users funds from the organization.
While the SIPC does this sometimes, it is often not needed as most funds are recovered.
The SIPC Board of Directors has decided that the assessment rate in 2022 will be 0.0015% of gross revenues of member investment firms.
Similar numbers are low for the FDIC, where recognized institutions with more than five years of insurance on the account pay between 0.015% and 0.4% of revenue.
DeFi hacks and membership fees
Hackers took over about 0.25% of DeFi TVL not revenue in relatively safe protocols last year.
Since we cannot count on recovering any of these funds, we must assume that the membership fee would have to be high enough to cover these losses directly.
In addition, limiting these losses to a maximum dollar amount cannot be trusted to lower withdrawal requirements because it is trivial to split the investment between addresses.
This means, for example, that a protocol like Maker with a TVL of $7.9 billion would have to pay around $20 million a year for a membership fee.
That is, if we assume that 0.25% will remain a constant risk percentage for relatively secure protocols, excluding operating costs.
By the same estimate, Uniswap, which does not earn any transaction revenue, would have to pay about $15 million a year.
While these are very rough estimates, it is clear that these membership fees are not sustainable across many DeFi protocols.
Why DeFi is attractive to hackers
According to Token Terminal, DeFi protocols and their blockchains have generated over $19 billion in revenue over the last 365 days (as of August 31, 2022).
A portion of these profits goes to the founders and developers. Some are redistributed to users via revenue sharing tokens. Often, smart contracts cause revenues to accumulate in vaults.
There are many ways in which much value can flow within and between these transparent blockchains and smart contracts.
So it is not surprising that malicious actors such as hackers or scammers are looking for ways to get hold of some of these online tokens.
DeFi vs TradFi
Why is there no such system in DeFi anymore? Let’s sum up.
- Hacked assets are hard to recover in DeFi.
- The amounts hacked in DeFi are so large that even taking a percentage of TVL instead of revenue would not be able to cover the amounts lost.
He points out that a system that tried to cover the entirety of DeFi protocols in the same way that the FDIC and SIPC do would not be sustainable. We cannot rely on or be funded by TVL DeFi not to mention their income.
We have seen that revenues from DeFi protocols cannot compensate for losses such as those from May 2021 to May 2022 (2.56%).
Even their TVL would not be enough to cover the insurance costs permanently with the hacked amounts, especially under current market conditions.
Why can that be?
Audited code and exploits
One of the issues we found during our research was that more than 70% of the hacked protocols we investigated had no code audits.
Other than that, all other protocols were only audited by a small number of audit firms or even only internally by the DeFi protocol itself.
However, we cannot conclude that these well-known audit firms are incompetent or unreliable.
They also typically controlled most of the unhacked part of the DeFi ecosystem, which may explain their overrepresentation in our data.
Ultimately, however, we can still say that there is a need to supervise the functioning of audit firms. This is to ensure thorough audits of DeFi critical infrastructure code.
Audits quite often miss exploits or simply do not audit against all previously used attack vectors.
Potential solution
A potential solution would be to create a DIPS (DeFi Investor Protection Scheme). This system should protect investors and their deposits from losses due to incorrect protocols and hacks.
It should do so by helping to oversee and review the rigor of participating protocol audits. It can also potentially help with resource recovery and potentially much more.
DeFi protocols should only be allowed to join DIPS if they continuously pass oversight by trusted, field-tested and statistically speaking the most effective auditors.
This is how DIPS can give seals of approval to DeFi protocols. These signal users that their investments are based on DeFi protocols that have been rigorously tested and audited.
Application
Looking back at our numbers, this has the potential to drastically reduce the current massive amount of hackers.
Idea for DIPS that builds on TVL DeFi or even his income to cover burglaries under his umbrella it would no longer seem strained.
Let’s cover every dollar in DeFi with native blockchain solutions not redesigned TradFi solutions.
Dominik Prediger is a Web 3.0 developer at Ease.org. He is a student of business informatics focused on blockchain exploration and learning about smart contract security.
Follow us on Twitter Telegram on Facebook
Disclaimer: Opinions expressed in The Daily Hodl are not investment advice. Investors should exercise due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and transactions are at your own risk and any losses you may incur are at your own risk. Daily Hodl does not recommend the purchase or sale of any cryptocurrencies or digital assets, nor is it an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Featured image: Shutterstock/prodigital art/Natalia Siiatovskaia
