Some of the most prominent risks present in the fledgling DeFi field come from issues with smart contracts, user error, market volatility, lack of insurance on loans and potential failure of the price mechanism.
Despite its possible advantages, the DeFi movement is still in its infancy. This means that some of the great upsides of using these platforms also come with relatively high risks. One major source of problems is smart contract vulnerability. Despite its programmed intentions, if a contract is released into the ecosystem with a flaw in its code, it can lead to loss of funds.
This has happened in the past, with perhaps some of the most notable episodes affecting Ethereum. Though the field has come a long way with audits and peer review becoming the norm, there is no guarantee that it won’t happen again. A recent example is the attack against the bZx protocol, where a hacker was able to take advantage of subtleties in how “flash loans” operate in order to steal thousands of dollars worth of Ether. While events like these do usually lead to updated solutions for the underlying problems, there are likely to be more discovered and exploited errors before these systems operate flawlessly.
This smart contract vulnerability can be closely tied to another common problem currently afflicting the space: user error. Even if developers think their code is airtight, they cannot anticipate the ways in which users will interact with their applications. Millions of dollars have been lost due to users sending their funds to the wrong address, such as a DApp’s smart contract blockchain address. This is a problem that can often be rectified with new token standards such as ERC-777, which can detect and block these mistaken transactions, although raising the transaction costs.
Another facet that many users don’t consider is both internal governance of an asset as well as its external regulations. Essentially, there is always a chance that a given project can change who runs the platform or how it is operated, sometimes with little to no warning. Furthermore, local governments can enact new regulations that do anything from augment when a specific currency can be used or render the currency illegal altogether.
Other pitfalls, such as the unpredictable markets that underlie some of these decentralized services, combined with a lack of insurance, means there is currently still a very real risk of an investor losing large sums of money even if neither they nor the developers made a single mistake.