Decentralized Finance hacks and the problem of non-regulation of exchanges.

Computer image with dots and Decentralized finance hacks text

As much as decentralized finance (deFi) is seemingly an attractive “alternative” but a highly “risky” mode of investment, deFi has its pitfalls. Most recently this was discovered in an extremely complex single transaction smart contract.

Several experts agree that a combination of oracles for price feeds (that are seemingly blindly trusted), an admin key with a coordinator, a pooled group of accounts and trusted keys – handling real-world fiat currencies are subject to 24/7 forms of attacks. Combine this with a significant lack of regulation of exchanges, smart contract API expositing exchanges or deFiservices, these become a nightmare.

One of the most recent such “attacks” happened on the bZx market using leveraged borrowing. A detail of this attack is given in the following link. The attacker borrowed close to a million dollars – in ether, – converted it to a stablecoin on a Defi exchange, within a flash second he sold it on another exchange, causing prices to drop across markets. Then the same individual uses the capital to repurchase at the new lower price, and then he repaid the loan and took the profits.

Algorand’s solution to the blockchain trilemma

Triangle image with text blockchain trilemma

The Blockchain Trilemma

Most blockchains suffer from a trilemma when decentralization, scalability and security cannot be ensured on the blockchain at the same time.

Firstly, decentralization is defined as that property of the blockchain where all stake holders have access to the same amount of resources.
Secondly, scalability where the blockchain is able to process an ever increasing number of transactions within the smallest acceptable “deterministic” time.
Thirdly, any security transaction wherein the blockchain network is able to process the transaction without the possibility of any form of attack.
Most blockchains in today’s world suffers from one if not two of these issues. For example, bitcoin’s blockchain mining is highly concentrated. It is well known that scaling is also a significant problem with bitcoin’s blockchain – since the maximum number of transactions per second processable by the network has been limited by the block-size, and mining algorithm combined.

Algorand – a Blockchain that supports transactions of all types, including smart contracts, promises to be a solution for all three, through a unique and clever “true proof of stake” algorithm. Silvio Micali, the ACM Turing award winner and MIT Computer Science professor and his students are behind this phenomenal idea that accomplishes all three together.

Algorand accomplishes a proof of stake through a three stage process – which  doesn’t depend only on how much stake a miner has on the network. The protocol that Algorand uses is called the Byzantine Agreement protocol. BA not only satisfies some additional properties, but is very fast. Roughly said, its binary-input consists of 3 steps in which one of the participants sends a message ot all other players. The network is complete and synchronous,  where only those who are online at any given instant of time can participate.

In the paper the describes Algorand, Chen and Micali describe a unique mechanism for describing how blocks are generated.  More on this in a future post.

Smart Contracts and Web Assembly

Recent developments in the Ethereum development community have contributed to a multitude of competing programming languages to write smart contracts that run on the Ethereum virtual machine. What if the Virtual Machine itself were to be changed? and the programming language  used to write smart contracts were to change from solidity to other commonly used languages such as C/C++ or even the most secure programming language of Rust, which One of the arguments for supporting this change is the need to support different kinds of hardware (from small devices that run on micro-controllers, to the largest quantum computer), software operating systems and browsers.  WebAssembly (abbreviated Wasm), is a binary instruction format for a stack-based Virtual Machine that runs within the javascript virtual machine supported by most of today’s browsers. Wasm is significantly developed and has a seemingly large list of tools that will enable users to build all kinds of apps. A detailed documentation of wasm and all tools supported is provided at this link. https://github.com/mbasso/awesome-wasm

EWasm ArchitectureFigure 2. Depicts the Ethereum Web Assembly and Ethereum Virtual Machine interface and how they inter-operate.

While Wasm apps are slowly gaining ground for different device based applications, the Ethereum foundation is promoting the development of Ethereum Wasm (https://ewasm.readthedocs.io/en/mkdocs/). E-Wasm is a full stack virtual machine layer on top the Ethereum Virtual Machine, that brings all the benefits of WASM i.e., security, portability, speed, and low memory footprint. This layer supports writing of smart contracts in other programming languages such as C/C++/Rust thereby . E-Wasm is designed as a portable target for compilation of high-level languages like C/C++/Rust, enabling deployment on the web for client and server applications in the most commonly used programming languages. The design and specification of EWasm will make development and deployment of Smart contracts atop Ethereum secure and accessible to the common masses without needing the complex syntax of the Solidity programming language. 

Web3 Infrastructure and their effects on today’s cloud-based services

turned-onsilver iMac

Web3

Web3 is the name given to the decentralized web where applications, services and infrastructure are all hosted decentrally. Some of the protocols that drive the web3 are IPFS and Smart Contract platforms and networks such as Ethereum. The infrastructure side will definitely see significant amount of decentralization at every layer.
For example, financial services are already being decentralized through services such as  Celsius.io, nexo.io, compound.finance, etc. Ethereum based smart contracts already operate these markets in ways that were not possible. For example, savings interest rates on crypto holdings (even stable coins) in these markets are way higher than what banks can afford.

Infrastructure

Another interesting area where this is happening is on the infrastructure side – both hardware, computing power, and on software services and support. the protocol that is seeing a resurgence in applications is that of ipFS. It may be a decade away as yet, but using cryptographic means, it might be possible in the near future to get significantly large storage at a fraction of the cost that it would otherwise.  Many crypto-platforms such as Filecoin and already releasing their early prototypes onto the market. Similarly,  firms such as infura.io support Ethereum smartcontracts with  IPFS protocols enabling infrastructure support for a lot of backend software such as for decentralized exchanges for creating financial products, testing them, etc… Sia – is another platform that resembles FileCoin.

Applications

There are more than 3 million smart contracts on ethereum alone, and many more on other platforms such as EoS, Tron and a host of other applications. These applications are on their way to decentralize everything from insurance, to banking , to holding assets. With the ZeroX protocol it is possible to exchange any type of securitized asset and exchange it for anything else in the world.

The web3 – as we are seeing it, will be a tectonic shift in the overall internet industry, that will see a new set of business models that will transform the way we work and live, with a lot more decentralization in the wealth and power created and shared.

DEFI ANALYTICS AND APPLICATIONS

Analytics in computer

The GROWTH OF PRODUCTS

Among the 100+ products (and growing)- a list of products and services running decentralized finance applications we have these sets of projects that provide deep Analytics for decentralized finance. Defi Pulse is one of them ( https://defipulse.com/). A clear aspect of this market is how the Maker platform that we have blogged about repeatedly has dominated the discourse both in terms of decentralized governance, ecosystem participation and value locked up and distributed among their users. As of date, approximately $700 million has been locked up on five categories i.e., lending, decentralized exchanges, derivatives, payments and assets.

Among the different forms of Defi applications we see evolving and documented on Defi pulse are the categories of lending markets (Cash loans or crypto-loans which can collateralize against the borrower’s own crypto-currency holdings), decentralized exchanges where users exchange crypto-tokens with each other, derivatives (both first order and second order ones), payment systems such as Lightning network, etc. and asset securitization mechanisms.

ASSET SECURITIZATION

The asset securitization platforms though have higher potential for growth, if legal blockades against cryptocurrency based smart contracts are entirely  removed and the legal mechanisms to enforce these (probably through other layers of smart contracts) are figured out by these audiences.  As an example, if someone were to securitize a 1 acre land holding, and were to sell 10% of the corresponding tokens to a particular individual in exchange for either another asset (token or cash or an equivalent), then would such a token sale be legally valid. There are already several attempts do this both from a legal and from a technology standpoint – though a successful implementation could possibly mean a shift in many areas.

Here is an example :- https://consensys.net/blockchain-use-cases/real-estate/

Insights from Ethereum Analytics

What is truly amazing about Ethereum Analytics on ethinfo.com is that it provides data backed evidence of all aspects of the blockchain ecosystem. As we’re ending 2019 – here are some insights:

  1. The network transaction fees has remained mostly constant for all of 2019 except for occasional spikes indicating that there is no surge in the number of transactions happening on the network.
Network fees

2. The total ethereum network utilization chart shows that the ether network utilization has been between 80 and 100 for almost all of this year, with some instances where the network utilization has been upto 98%.

The above image shows how much of the ethereum network is spread around the world. What is interesting to note is that despite the severe ban on “Cryptocurrencies” and other allied technologies in mainland china, there seems to be more than 1073 ethereum nodes active at this point. However, it is likely that these nodes are being run out of Hong Kong’s datacenters and not on mainland china. Similarly, India has about 160 ethereum nodes active at this point – despite the legal ambiguity.

The above graph shows that the overall network difficulty as measured in TeraHashes has continuously increased over the past year.

In conclusion – we have a network that supports cryptocurrencies that is sufficiently decentralized and is bursting at its seams in terms of network throughput with the utilization of about 90% with near-constant/predictable transaction fees. If this network moves toward Proof of Stake and some of the changes such as sharding were to play out on schedule, we will see a significant number of apps being deployed on the global platform.

Maker DAO’s decentralized Governance model

Maker Token Holder

Often, two detrimental factors affect open source software development.

1. COST OF OPEN SOURCE DEVELOPMENT – COMPENSATION AND OPERATING COSTS

One, the team that builds and later maintains the open-source software is often under-compensated or have to look out to organizations for funding. More often than that the extremely talented software developers and leaders have to engage in other professions or freelance for corporations so as to sustain their own lifestyles which allows them to contribute to open source. Later these organizations themselves impose rules/restrictions and such on these teams of developers leading them to lose track. The fallacies and problems of development are outlined in the Eric S Raymond essay on “The Cathedral and The Bazaar”. Quoting from the essay —- Brooks (the author of The Mythical Man-Month) even made an off-hand observation related to this: “The total cost of maintaining a widely used program is typically 40 percent or more of the cost of developing it. Surprisingly this cost is strongly affected by the number of users. More users find more bugs.” [emphasis added].

2. GOVERNANCE, MANAGEMENT AND OVERALL ENHANCEMENT OF THE SOFTWARE

While governance, management and enhancement of software has had its own perils, very often open-source software development projects have no particular structure. Very often leaders emerge from within and are strongly supported by sets of developers in their direction of development and vision. However, these single team led projects or leadership-driven approaches have shortfalls – they often do not incentivize the crowd or the public to contribute to the software’s development direction. They also are limited by the leader’s vision, the team’s bandwidth, and limitations. It’s almost like planetary exploration. Those who got there first and created the universe control everything therein. Those who come later or who want to improve the planet have only so much say, and if they want to are free to fork the code base and recreate the entire network – which is almost impossible.

MAKER DAO elegantly solves both these problems through an innovative governance protocol. Firstly, Maker allows for public financial innovation wherein individual teams are allowed to propose enhancements to the Maker platform. Each proposal submitted as a smart contract is voted on by the holders of the Maker Token. Each proposal is submitted as a smart contract and has two parts :

  1. The actual proposal to be implemented on the Maker platform and the details of the implementation. An example proposal is given here: https://vote.makerdao.com/executive-proposal/adjust-debt-ceilings-sai-stability-fee-and-the-dsr
  2. The fee that the team demands in order for the proposal to be implemented and released to the public is attached as part of the proposal.
  3. Later those who hold the Maker tokens vote for or against the proposal (http://vote.makerdao.com). Once they vote for change and this change reaches a majority count, the proposal becomes “Active”
  4. The Maker Platform generates the fee demanded by the team in order to execute the corresponding proposal improvement, and the proposal goes live after execution. Once the proposal goes live, the team is compensated with the corresponding tokens.
  5.  However, problems persist with this mode of governance. Often, voting is proportional to the number of maker tokens held by the voter. This is currently not yet centralized, however, given that the distribution of tokens as seen from etherscan.io   is as follows: i.e, https://etherscan.io/token/tokenholderchart/0x9f8f72aa9304c8b593d555f12ef6589cc3a579a2   – A total of 884,824.48 tokens held by the top 100 accounts from the total supply of 1,000,000.00 tokens. Secondly, such forms of voting- accomplished via a smart contract often suffer from the same problems as other cryptocurrency-related problems i.e, anonymity, collusion, multiple-accounts for the same individual, lack of identity, etc…. These problems are definitely extremely difficult to solve and need potentially different types of smart contracts and multiple layers of incentives and punishments to prevent a systemic breakdown of governance. Interesting problems to solve….for those interested in computing and in-game theory.
Maker Top 100 Token Holders

Unstoppable Blockchain DApps – via smart contracts on Ethereum – The true power of the blockchain

Unstoppable Blockchain DApps

This past week was a revelation after working for 3.5 years in the blockchain space, after listening to Dr. Stephan Karpischek’s Keynote speech on “Decentralizing Insurance” at the PreICIS SIGBPS 2020 workshop.

Stephan’s definition of a blockchain based software system appealed to me as the right way to create software systems and development ecosystems.

Software LIFE Cycle and Stoppable Software Systems

A software system has a life cycle which starts with a team building it. Often the team that builds this system is centralized heavily on three types of resources: i.e., (1) human capital provided by the management of the firm that owns the software (often licenses it and the source code), (2) the hardware needed to run the software( often single server systems installed and run on a set of nodes in single data-centers) and (3) software tools available to the developers and adopters (by means of developers invested in the system).

Each of these three components necessary to create an maintain software applications have multiple points of failure, both technical, economical and human resource related leading to a process known as “End of Life” for the corresponding software.   For example, management of firms that create these software projects can often shut down these  projects and relegate them to obscurity. The hardware and software on these systems can become outdated often and frequently.

UNSTOPPABILITY – A PROPERTY OF BLOCKCHAIN DAPPS

When all the 3 aspects of a software system that are (often) centralized disappear, then we have a true software system that is unstoppable. Public decentralized blockchains widely adopted makes this happen. For example, on the Ethereum Blockchain which is a global network with nodes around the world and hosted by different individuals, decentralized applications have the requisite hardware and software to live on for ever. Similarly, when teams developing the software is distributed globally and there is no single organization determining what can/what can’t be done, and governance of software is accomplished through governance models that are public, transparent and open to all, such a system becomes unstoppable.

Such unstoppable systems cannot be regulated, pulled down or forced to abort unless the entire network of computing nodes are stopped. For example, when one country regulates access to these network of nodes, other countries which provide free access to computing resources will provide environments for this innovation to thrive. Similarly, when investors decide to impose regulations such as geographic blocking on the corresponding software, the entire source code of the software can suddenly be forked and start to execute on nodes without the geo-blocking feature.

Ethereum nodes distributed globally

Source – https://etherscan.io/nodetracker

This in my opinion is the most important and critical aspect of Decentralized applications that Software development firms have to pay attention to.

Such a one Blockchain DApps is  –Uniswap

Earning interest while you HODL

currency and coin image

Cryptocurrencies and primarily Ethereum backed ones create new modes of earning interest. What was once an ICO backed increased adoption of cryptocurrencies – after being hyper-regulated, and banned by countries, has now transformed into an economy of regulated less riskier Decentralized Finance.

The premise for earning interest in cryptocurrency markets is simple, and below I list a few means to do so* . As a disclaimer, users who choose one of these means do so at their own risk.

  • Crypto-Exchanges and Margin Trading
    • Writing a crypto-exchange allowing traders to trade coins in exchange of small commissions per trade. There are more than 100+ decentralized exchanges which use smart contracts to swap one cryptocurrency to another. This approach needs deep expertise in a variety of areas including cybersecurity. The list of known ones is here (State of Decentralized Exchanges)
    • Margin Trading – On exchanges such as Poloneix.com users can lend their HODL-coins to others who trade on their behalf.
  • DeFI interest earning applications
    • With applications such as compound.finance, nexo.io, celsius.network and a host of others, users can invest their HODL -coins and earn interest off those coins based on rates determined by the network. These applications provide extremely high liquidity and enable users to withdraw the very same day.
  • Staking networks
    • Cryptocurrencies such as Tezos enable users to delegate their Tezos to bakers, who pay them interests. In fact, staked.us provides support to stake more than 10 different cryptocurrencies.
  • Collateralized Debt Bonds using Maker Platform
    • The Maker Network and crypto-platform enable users to set collaterals in their own bonds such that their existing crypto-currencies (e.g., ethereum, augur, etc) can be baked from the maker platform. The smart contract which locks the users’ cryptocurrency then issues a stablecoin known as DAI based on the existing governance rates of exchange. This DAI can either be invested in other DeFI platforms or can be locked into a savings platform through a Dai Savings Rate contract thus enabling them to earn interest on existing Dai holdings.

Maker DAO – a Decentralized way of solving the volatility problem in cryptoeconomics

Maker Log with keyboard image

Maker DAO bring stability for the blockchain and solving the volatility problem in cryptoeconomics. 

Hard problems in cryptocurrency

One of the many hard problems   in cryptocurrency ecosystems is the price instability of  most direct to trade crypto-assets.  The lifecycles of these cryptoassets begin with the mining function, and the network effects that accompany the blockchain.

These network effects often accentuate the ability of different stakeholders such as market makers/takers/traders/miners/app-developers, etc. to strategize in order to maximize their own rent making ability in these markets. Due to multiple sides of the markets continuously contributing in the face of entries and exits, the underlying asset faces significant volatility. 

In such circumstances, despite the promise of decentralized-fungible equivalent cryptocurrency that can be transferred without an intermediary, these cryptocurrencies often become risky for trade which expects some amount of stability vis-a-vis the current stable fiat (USD or Euro).

A solution in the form of stablecoins has often been sought wherein each cryptocurrency has collaterlized to some asset (either money in the bank or something else). Nevertheless, each such stablecoin is controlled by a trust or a consortium which is responsible for auditing the assets and ensuring that the right supply-demand-balances exist in these markets.

DAI and the Collateralized Debt Position

DAI is a type of collateralized cryptocurrency that is pegged to 1 USD and  operates purely on the Ethereum smart contract platform. The decentralized governance makes this a unique stable coin which any user can  exchange to fiat currency. 

How is DAI generated?

The way DAI is generated is through CDPs where users deposit a certain quantity of Ethereum (usually more than the number of DAI needed), into a smart contract. The ratio of the value of the collateral to the DAI generated is known as the liquidity ratio, and this liquidity ratio is pre-set by the Maker Platform voters through a governance mechanism considering several factors.

Once the  collateral (i.e., a certain quantity of ethereum that is accepted) is  locked into the smart contract DAI is generated. The DAI is generated and the user is now free to use this DAI to do anything he wants to. Once the DAI is paid back to the smart contract, with the interest (labeled as the stability fee) into the Maker account, the collateral is released to the user.

Governance

The governance of the DAI token exchange values and several intervening conditions such as a flash crash in collateral prices, or an emergency price variation,etc.  are handled through a transparent and collateral system overall.

Why go through the trouble of creating  DAI?

Firstly, DAI is accepted on many crypto-fiat exchanges as a mechanism to trade on various markets due to its price stability of 1USD. This is almost equivalent to borrowing money against cryptocurrencies at the rate of the stability fee (i.e., approximately 5% per annum with the risk of liquidation).

Secondly, DAI due to its decentralized nature enables users to participate on several decentralized  finance platforms such as dydx or celsius.network. These platforms offer an interest rate on DAI between 5.5 % and 9%. This gives people the ability to use their cryptocurrencies as a means of earning interest directly. 

How to create and use DAI

Step 1.

You own 10 Ethereum. You create a smart contract on the Maker Platform and send your 10 ETH to it. This is the website to make this https://cdp.makerdao.com/

You now have a CDP created.

Step 2.

You send another small transaction to the smart contract, which then locks up the CDP, making the 10 ETH temporarily inaccessible, and generates Dai. The CDP must be 150% overcollateralized, so depending on the price of Ether, the amount of Dai received will change. If ETH = $300, then 10 ETH = $3000. Then, the CDP would generate 2,000 Dai.

Step 3.

You could then do whatever you wanted with the Dai. Many people use it to trade other crypto, while still being able to hold on their ETH. So, say you then use Dai to purchase another cryptocurrency, such as Bitcoin. After a period of time, which could be days or even years, you sell you your Bitcoin for a profit back into Dai. You now have 3000 Dai after BTC goes up 50%.

Step 4.

You then now send the original 2000 Dai plus the 5% Stability fee (50Dai) and unlock the CDP, receiving back your ETH. Now, you have $950 in profit and the original 10 ETH.

Risks

The whitepaper lists several risks.

  1. Mkr governance can choose to liquidate the collateral if the risk is too high at any point in time, holding 13% as a penalty.