The Billion-Dollar Problem With Decentralized Exchanges (DEX)
Discover the billion-dollar issues affecting the success of Decentralized Exchanges (DEX) in the trillion-dollar crypto market. Learn about the challenges and potential solutions to the problems.
The decentralized finance (DeFi) ecosystem has been growing rapidly in recent years, with Decentralized Exchanges (DEXs) playing a crucial role in its development. Decentralized exchanges in the last year closed at over $700 billion in trading volume. That’s almost an 8-fold increase from the 2020s $115 billion trading volume. Total Value Locked (TVL) has quadrupled, and the number of active DEXs has climbed significantly since 2020.
This sudden rise in growth has also given way to an unprecedented spike in cyber attacks targeted particularly at DeFi projects.
The Billion-Dollar Problem
In 2021, DeFi-related losses from cyberattacks & frauds totaled $1.3 billion; in 2022, that number exploded to $3.8 billion.
And according to the blockchain analytics firm Crystalblockchain, some of the most popular forms of crypto-theft have been security attacks targeted toward cryptocurrency exchanges in particular.
Top Attack Vectors in DeFi
One of the core tenets of DeFi is to remove the middleman or a third party from the process.
With DEXs, assets are managed instead by a smart contract. There are mainly two attack vectors encompassing most of the security attacks & fraud incidents on DeFi projects.
- Security System Breaches or Failures
- Frauds
1. Security System Breaches or Failures
With security breaches, loopholes & errors in the code are targeted as exploit points by attackers. This type of exploit has been behind some of the highest-profile DeFi attacks.
a) Ronin ($625.5 Million Stolen)
The Ronin, till today, was perhaps the most significant DeFi breach in history. The attack was massive because the Ronin Bridge connects Axie Infinity’s Ronin sidechain to Ethereum, and the attack occurred on the Ronin Validator Security bridge, and Axie DAO validator node . The hackers made away with more than 173,600 ETH and 25.5 million in USDC, totaling over $600 million in a series of withdrawals.
The criminal was able to compromise private keys, which enabled them to conduct fraudulent withdrawals. Notably, Ronin utilized a decentralized validator key system. The attacker, however, discovered a backdoor in a decentralized validation technique. Specifically, they used a gas-free RPC node to obtain the signature for the Axie DAO validator.
b) PolyNetwork ($600 Million Stolen)
The exploit in question was a significant security breach in 2021, potentially ranking as the most extensive exploit in the DeFi sector to date. The attacker utilized a smart contract vulnerability to pilfer more than $600 million worth of cryptocurrency across three separate chains.
The hacker relayed messages through transactions on Etherscan & claimed to “KEEP IT SAFE”.
2. Frauds
The vast majority of this year's rug pulls came from DEXs, but they are not limited to them.
Chainalysis, 2021
Rug pulls, or Exit Scams are commonly done through malicious actors creating new tokens and promoting them to unsuspecting users & investors in expectation of a rise of the token.
Exit scams are commonplace in DeFi, as it takes a low level of cost & skill to create new tokens. Specifically, they are prevalent on decentralized exchanges (DEX) - as they do not require code audits and have very minimal requirements for listing tokens.
Eventually, the creators empty the liquidity pool and make off with the stolen funds while nose-diving the token price to 0.
a) AnubisDAO
The creators behind this project launched a dog-themed project reminiscent of meme coins like Shiba Inu & Dogecoin. The project positioned itself as a hard fork of OlympusDAO, a decentralized reserve currency protocol.
During the sale, investors poured $60 million in ETH for ANKH coins - despite the project not having a website.
In less than a day - the liquidity was removed and sent to a separate address, leading to a complete loss of funds for the investors.
b) SQUID
The P2E token was influenced by the massively popular Netflix series "Squid Game." The project garnered significant attention, and the corresponding token, SQUID, experienced a remarkable increase of over 35,000% within a period of three days.
The project launch was initiated at a starting price of $0.01, which saw an abnormal surge in value, rapidly increasing from $2 to $11 within a single day. The price continued to escalate, reaching an all-time high of $2,850 at 09:35 UTC on November 1st.
The project garnered extensive attention and was covered by mainstream news outlets such as CNBC and BBC.
However, shortly thereafter, the price plummeted to a low of $0.002 within minutes. In the preceding days leading to the crash, investors became aware of the unavailability of a mechanism to sell their tokens.
The Elephant in The Room: Cross-chain bridge problems, a lack of liquidity, and UX issues
The decentralized exchanges (DEXs) face several challenges, including low liquidity levels, insufficient and insecure cross-chain interoperability, and subpar user experience.
The shortage of liquidity in DEXs hinders attracting institutional investors in significant numbers, which is closely linked to the inadequacy of interoperability solutions. This is due to the dependence of DEXs on liquidity providers, limiting their access to liquidity on a single chain. As a result, traders frequently prefer centralized exchanges (CEXs), which offer better prices and liquidity, over DEXs.
The existing cross-chain bridges for DEXs lack adequate security measures, making them an unattractive option for users. Furthermore, the complexity and difficulty of using these solutions only serve to further detract from the appeal of DEXs.
Regarding user experience, DEXs are often designed for advanced traders familiar with cross-chain bridging, slippage, and impermanent loss, creating a barrier to entry for more novice users.
1. Lack of Accountability
The core members and teams behind many of the leading DEXs today were established before the surge in popularity. This has resulted in the challenge of immature governance, as teams with limited experience make decisions affecting significant assets.
The ease of acquiring governance rights can result in the "hidden centralization of control," granting disproportionate power to specific actors.
In July 2021, Uniswap removed 120 coins from their platform in response to significant regulatory pressure, with no prior consultation or engagement with the community or governance token holders. This instance highlights the potential for owners or operators to exercise centralized control.
2. Potential Market Abuse By Owners/Operators
Given the anonymous & decentralized nature of the space, market abuses are particularly difficult to detect. Examples of market abuses are insider trading, wash trading, painting the tap, churning, & front running.
3. Criminal Exploitation
The sudden influx of billions of dollars into space has inevitably attracted the likes of unscrupulous actors.
Bad actors commonly use DEXs for malicious purposes of money laundering, terrorist fundraising, fraud, and other financial crimes.
This sudden spike has also skewed user expectations - causing a higher susceptibility to frauds & scams.
Is DeFI Doomed?
The DeFi sector is relatively new and still evolving; it has shown significant growth and potential for providing alternative financial services to a broader range of individuals and businesses. Nevertheless, the future of DeFi will depend on the ability of the industry to overcome these challenges and deliver value to users in a safe, secure, and sustainable manner.
Over the past year, DEX trading volumes have surged from $18 billion to more than $200 billion each month, becoming real competitors to their centralized counterparts.
Elliptic
Developers & technologies are evolving, tools for enhancing user experience are being introduced, financial primitives & Dapps are still up, and investors seem to be unfazed.
Final Thoughts
The billion-dollar problem facing DEXs is a critical issue that can potentially limit their growth and impact in the DeFi ecosystem. However, by exploring solutions such as cross-chain aggregated swaps, incentivizing market makers, using executor nodes to fulfill transactions, liquidity pool farming, and decentralized stablecoins, DEXs can overcome these challenges and compete with centralized exchanges. Stay tuned for more insights and developments in the world of decentralized finance.