How To Spot A Fake DeFi Platform

The decentralized finance (DeFi) sector made headlines in 2020 and saw a plethora of projects with DeFi applications. While the market did not start in 2020, it, however, became popular in the middle of 2020.

However, its popularity has come with a litany of bad actors. For every groundbreaking financial innovation ascribed to the likes of Uniswap, Aave, and Maker DAO, there are scores of scams, rug pulls and the likes.

Due to the activities of these bad actors, it becomes imperative to identify scams in the DeFi space. While this is not an exhaustive list, here is a list of things to look out for.

Developer Activity

One of the ways to check that a project is genuine is through the Github repository. The GitHub repo of a genuine DeFi project will contain a fair bit of activity including but not limited to “commits,” “code upgrades,” and “branches” among others.

Frequent updates to the project’s smart contracts may also elicit comments from other software developers as well. Where there is an absence of a GitHub repo, or any programming file sharing platform is usually an indication of a fraudulent DeFi project.

Malicious Smart Contracts

A forensic study of a DeFi project’s smart contract is also another way to identify a possible scam. Given the raft of fraudulent projects that have defrauded investors in the past, DeFi users can quickly look for common red flags in a project’s code.

Some of the obvious smart contract scams include inflation bug, transfer of ownership, liquidity not locked, revoking access etc. Indeed, the liquidity pool not locked was responsible for most of the “rug pulls” that dominated the DeFi space during the DeFi summer of 2020.

In this scam, the project’s developer withdraws the liquidity in the pool, effectively causing a devaluation of the investors’ tokens. Another method of achieving this devaluation is via an inflation bug that allows the scammer to increase the total supply of the DeFi token exponentially leading to a crash in the “coin” price.

Other malicious smart contracts involve lines of code that allow scammers drain a user’s wallet based on the approvals already granted during the initial contact with the project. Since this contact is set to “always allow” by default, rogue actors can use the “allowance” to siphon coins from an unsuspecting user as was the case with the UniCats scam of October 2020.

Audited Smart Contract

Apart from checking the smart contract code for these common red flags, it is important to also check if the project has undergone a smart contract audit. DeFi projects looking to launch the market are supposed to have their smart contract codes audited by a professional auditor. This process eliminates bugs and ensures that their platforms are secure for users, thereby reducing risks.

However, some of the developers ignore carrying out necessary audits, as auditing a code is expensive. Also, most of these projects cannot afford these audits and are instead focused on making money by fleecing unsuspecting investors.

Meanwhile, an audited smart contract code does not mean that the project is 100% safe, as there have been cases of such seemingly “safe projects” involved in rug pulls. Likewise, a project without an audit does not mean that it is a scam, but investors are to be wary and do their research before putting money in DeFi smart contracts.

Project Goals

Most DeFi projects come with hyperbolic promises and nothing else, as they do not have any concrete plans for their projects. That is a red flag that investors should be aware of, as these sorts of projects are unsustainable and have no backing.

A solid project should have a roadmap used in achieving aims and objectives. This shows that the project is authentic and the team behind it is focused on improvement and opportunities. The roadmap also offers a standard by which to judge the progress of the project as it achieves or fails to attain stated milestones.

Even when DeFi projects check all the boxes above, they are still vulnerable to hacking and exploitation by rogue actors and opportunistic profiteers. Smart contract bugs can pass the auditing and bug bounty process, providing an entry point for malicious cyber intrusions.

As of April, data from crypto research outfit Messari put the total losses from DeFi hacks since 2019 at about $285 million with the majority of the lost funds coming from flash loan attacks.

Leave a Reply

Your email address will not be published.

Related Articles
Read More

Beaver Finance Offers Hedges With Yield Farming

Beaver Finance is a pioneer in its offerings. It is the first DeFi platform to offer liquidity mining. This is under its hedging solution for Impermanent Loss. The platform features a single asset Automate Yield Farming. The platform also contains an Engine for Asset Allocation....
Read More

How Defi Is Offering Innovative Solutions To Institutional Investors

According to research, the total decentralized finance market is estimated at $58.31 billion at the time of writing. Statistically, this shows that the decentralized finance industry is expanding exponentially. And now, institutional investors are redirecting their attention towards DeFi. Institutional Investors and DeFi The mainstream...