While 2020 has been a landmark year for the crypto space, there have been a few notable letdowns. Despite the growing mainstream acceptance of virtual currencies, some governments are still creating policies that stifle innovation, placing their countries at a disadvantage in the emerging digital economy.
Decentralized finance was a major talking point going into the year, and the market segment did not disappoint, with massive growth in investment throughout 2020. However, rogue actors continuously deployed elaborate scams, riding on DeFi hype to fleece victims.
Apart from that, several projects suffered opportunistic profiteering attacks with flash loan exploits and arbitrage, draining funds from liquidity pools. While there is an argument for not calling these events “hacks,” they offer in stark relief some of the growing pains of the DeFi space as participants work toward actualizing the end goal of democratizing finance.
Still, in 2020, crypto exchanges are leaving substantial funds in vulnerable hot wallets. While cryptocurrency theft declined significantly during the year, reports of platforms getting hacked and user deposits and data being siphoned is no less a setback than it was in previous years, even if such news hardly affects the markets these days.
Regarding the exchanges, 2020 is coming to an end, and several high-profile platforms have yet to adopt protocol improvements such as Segregated Witness, or SegWit. Users are still paying more in transaction fees than they should, while some argue that the exchanges continue to operate like altcoin casinos.
Mounting DeFi scams
Back in February, Cryptox reported that DeFi was pivoting from a niche market and moving toward mainstream adoption. At the time, the total value of Ether (ETH) locked in the market had recently crossed the $1 billion milestone.
Currently, the total value locked in DeFi is almost $14 billion, with an expanding cast of projects and protocols offering diverse services such as lending, derivatives and payments, among others. Indeed, the growth of the DeFi market in 2020 was so huge that transaction volumes on decentralized applications increased by 1,200%, according to data from DappRadar.
User retention, once a major bane of DApps, gave way to consistent patronage as the DeFi “degen” culture emerged in the latter half of 2020. Even decentralized exchanges saw record trading volumes, especially during the third quarter of the year.
In June, Compound Finance introduced liquidity mining, opening the yield farming floodgates. While notable DeFi actors rolled out projects that attempted to stitch together several financial markets, fringe protocols arose, capitalizing on the hype in the DeFi arena to defraud investors.
From meme coins to rug pulls and even malicious contract codes, rogue actors consistently perfected their strategies to siphon more funds from yield chasers in the DeFi space. On the one hand, automated market makers, or AMMs, such as Uniswap saw record volumes, but a significant portion of this trading activity was in support of these “scamcoins” designed to steal funds from victims.
Indeed, in several instances during the year, Cryptox highlighted the rising level of fraud within the DeFi space that seemingly threatened to overshadow the pioneering achievements in the sector. According to blockchain intelligence firm CipherTrace, DeFi is now the largest contributor to crypto-related crime, despite an overall decline in cryptocurrency thefts in 2020.
According to the CipherTrace report, as of November, the total loss from DeFi hacks amounted to over $100 million. Also, 45% of all cryptocurrency hacks in the first and second quarters were from the DeFi arena, with the proportion now closer to 50% in the second half of the year, according to the crypto forensics firm. Malcolm Tan, chief advisor at DeFi AMM service KingSwap, told Cryptox of his disappointment in the activities of scammers in the sector, adding:
“DeFi has the potential to shake up the financial industry through digital technology, but its progress is being impeded by scammers and rug-pull projects that cause losses in assets and belief in the community. Until these issues have been stamped out and the investors and adopters of DeFi can more safely and securely put their assets into DeFi, this nascent industry will not be able to grow substantially.”
Flash loan attacks and outright crypto theft
As a growing market segment, it is perhaps unsurprising to see a few missteps along the way as legitimate DeFi projects move toward maturity. However, the regularity of flash loan exploits and other forms of opportunistic profiteering attacks have also served as a source for concern across the sector throughout the year.
DeFi lending protocols such as MakerDAO, Compound, dYdX and bZx all suffered such attacks, with the entities involved employing several iterations of the same opportunistic profiteering vectors that targeted any glitch in the system. Taking advantage of issues like temporary price oracle malfunctions or network congestion, these attackers were able to trigger forced liquidations of under-collateralized debt positions or simply drain funds from liquidity pools.
For Piers Ridyard, CEO of layer-one DeFi engine Radix, vulnerabilities in legitimate projects are an even larger problem for the sector than scammers, telling Cryptox: “While there are obviously some bad actors, as there are in any industry, my view is that the majority of losses have been caused by the fundamental complexity in producing DeFi applications.” He went on to add:
“A small, unintentional mistake in code can cause problems resulting in the loss of millions. This isn’t a bad actor; it is just a developer who is trying to get their product to market quickly to avoid missing the opportunity. It’s not even a reflection of any developer’s skill, just the level of complexity they are dealing with.”
Back in April, Chinese DeFi platform dForce suffered a $25 million hack as the project failed to guard against a known ERC-777 vulnerability. More recently, Compound Finance’s reliance on centralized price oracle feeds cost its users about $52 million in Dai liquidations when the price of the stablecoin reached a 30% premium on Coinbase.
Apart from these attacks, other hacks have occurred across the DeFi space, with some being “black swan” events and others more likely repeatable unless mitigating steps are taken. Even the DeFi insurers haven’t been spared in the onslaught, with Nexus Mutual founder Hugh Karp losing $8 million to a suspected hacker.
Perhaps even more disappointing is that on some projects such as Maker and Compound, the community voted against compensation for users affected in these events. On “Black Thursday” in mid-March, some vault owners lost 100% of their collateral as the price of Ether declined by half.
Stifling crypto regulations
While this year saw a continuation of greater regulatory clarity for the crypto space, some governments ensured that it was one step forward and several steps backward in the area of cryptocurrency regulations. In the European Union, strict Anti-Money Laundering standards have seen some exchanges forced to exit the region, owing to the rising cost of compliance associated with these laws.
Additionally, stablecoin regulations appear to be the next battleground between crypto proponents and regulatory agencies. Almost every major intergovernmental financial institution has singled out stablecoins as the one crypto market segment that requires attention from traditional gatekeepers.
As part of their efforts to counter privately issued stablecoins, many countries are now working toward creating their own CBDCs. However, the consensus is that most of these sovereign digital currencies are little more than virtual companions to national fiat.
In the United States, some Democrats in Congress recently sponsored a bill requiring private stablecoin issuers to hold banking licenses. In response, many within the crypto space argued that such onerous regulations would discourage crypto startups, leaving the stablecoin field only accessible to established financial elites with deep pockets.
Coinbase CEO Brian Armstrong also rocked the U.S. crypto industry back in November when he alleged that the Treasury Department was working to extend Know Your Customer verification to noncustodial wallets. Several major players in the U.S. crypto scene — including Jeremy Allaire, CEO of crypto payments outfit Circle — are already attempting to dissuade Treasury Secretary Steve Mnuchin from carrying out such a plan.
Outside the U.S., India will be ending the year without any concrete position on crypto regulations by the government. Aside from the Supreme Court rescinding the 2018 ban on banks offering services to crypto exchanges back in March, not much has emerged by way of regulatory clarity for the country’s crypto sector.
Kashif Raza, co-founder of Indian blockchain-focused law firm Crypto Kanoon, told Cryptox that the failure of the country’s government to formulate a clear legal framework for the cryptocurrency sector is a source of frustration for stakeholders:
“Many people in India are watching this space grow from the fence. They want to enter into this space but are worried about the future of crypto in India. The confused state of regulation in India is killing innovation in the startup space as it is very hard for startups to convince a venture capitalist to invest in the crypto space. With every passing day, India is losing an opportunity in this space.”
Exchanges slow to adopt Bitcoin improvement protocols
In July, Bitcoin consulting outfit Veriphi published a report showing that the incomplete nature of SegWit and transaction batching adoption had cost traders over $500 million in extra trading fees since 2017. Apart from SegWit and batching, many high-volume exchanges also have yet to offer support for layer-two protocols like the Liquid sidechain and the Lightning Network.
Coinbase only adopted batching in March, with the company stating that user fees would decline by 50% following the move. Earlier in December, Kraken, another U.S. crypto exchange service, announced plans to support Lightning Network scaling technology in 2021.
Social media commentary on the subject offers the consensus that exchanges prefer to be “shitcoin casinos” rather than supporting important Bitcoin improvements. Tweeting on the matter earlier in December, “Grubles,” a developer for Blockstream — a digital asset infrastructure company — characterized the situation of exchange platforms blocking Bitcoin improvements as the “altcoiner go-to move.” According to Grubles, this is done to push people toward altcoins: “Then once we have layer-2 you drag your feet because that also pushes people toward alts.” Samson Mow, chief strategy officer of Blockstream, told Cryptox on the matter:
“Most exchanges are more concerned with listing new altcoins to drive volume rather than improving Bitcoin infrastructure for their users. Lightning and Liquid integration isn’t very difficult and Bitfinex CTO Paolo Ardoino has stated that it only took him a few hours for adding Liquid due to its similarities with Bitcoin. As with SegWit, if something benefits users but doesn’t drive immediate revenue, it will be put on the backburner.”
Ali Beikverdi, CEO of South Korea-based crypto exchange deployment service bitHolla, also decried the lack of broad-based adoption of Bitcoin improvement protocols. “Bitcoin is stuck with its current codebase and very little has been added to it,” Beikverdi told Cryptox, adding:
“Many of the new changes with taproot, schnorr signature, and many other cool features have not yet been added to production software. It was once presumed to be an open financial protocol for defining money but the conservative pace has made it more of an old school asset for investment only.”
Despite this, on the whole, 2020 has been a landmark year for the crypto space, with a flood of institutional investments and a growing sense of cryptocurrencies being a more mature asset class. The new year promises to be a pivotal one for the industry, with DeFi and central bank digital currencies likely to be the main focus. However, it’s also important to remember the ways in which the crypto industry did not make breakthroughs in 2020 and, perhaps, learn a lesson from it.