DeFi's Compiling Risks
To someone who still bears emotional scars from having traded equities through the Great Financial Crisis, the primary appeal of DeFi is its transparency — because the heart of the problem in 2008 was a lack thereof.
It was a confusing time: Shares of Lehman Brothers and Bearn Stearns skyrocketed when management assured the market that they had ample liquidity and good collateral.
That seems naive in hindsight, but we took those banks at their word because the situation with mortgage back securities was so opaque that, with the few exceptions profiled in The Big Short, investors had nothing else to go on.
Customers of Lehman and Bear, however, were not so trusting: Management assurances did nothing to stop the rapid outflows from their prime brokerage businesses.
And the investment banks didn't trust each other, either: Trading between banks came to a screeching halt because even where a counterparty seemed trustworthy, there was no way to tell whether that counterparty's counterparties were trustworthy, too.
The transparency of DeFi holds the promise of allowing finance to operate without any of those trust issues: In 2008, if mortgage contracts had been smart contracts, everyone would have known what the risks were and who held them.
Instead, TradFi's opacity gave banks and investors a false sense of security before the crisis and an exaggerated sense of risk during the crisis.
In theory, neither of those mistakes should happen in DeFi.
But, as demonstrated by today's drama in Curve Finance, DeFi has some trust issues of its own.
Whiffing on a curveball
The $70 million exploit of Curve is small by crypto standards: Hackers are estimated to have pilfered nearly $4 billion worth of crypto in 2022.
Even the tiny Mango Markets DEX was exploited for $100 million, so you might wonder why a giant DEX being exploited for $70 million is headline-worthy.
But that's precisely the issue: We expect the small protocols to get exploited, but not the big ones and curve is one of the biggest ones: It may be the most structurally important protocol in DeFi and it's long been one of its most active.
As such, it was assumed to be one of the safest, too: The way we learn whether crypto protocols are trustworthy is by trusting them and we've been trusting Curve for a long while — if there was a vulnerability in its code, it was reasonable to think it would have been exposed by now.
But the vulnerability turned out to be not in Curve's smart-contract code but in the compiler that reads that code.
A compiler is software that translates code written in high-level languages like Python into the low-level assembly language of 0s and 1s that computers can understand.
You don't hear much about it because compilers for the major languages have been vetted to the extent that they are something close to bulletproof.
But much of DeFi is based on newer languages like Solidity and, in the case of the Curve exploit, Vyper.
The Curve exploiter found a vulnerability in the compiler code that connects Vyper to the Ethereum Virtual Machine, which is the computer that runs the Ethereum blockchain.
I'm guessing that is a vulnerability that people have not spent much time thinking about.
In the Blockworks story linked above, Dr. Laurence Day, the founder of Wildcat Finance, explains that "compilers come pre-packed with a whole host of behavioural assumptions that the vast majority of us simply take for granted because we assume that people smarter than us have done the leg-work closer to assembly."
And that's exactly how I feel about all of DeFi: I don't know how to read smart-contract code, but I trust there are enough people who do that using the big protocols is safe.
Today we've learned that we not only have to trust those people, but the people who understand compiler code, too.
However big of a concern that is, it's likely to get bigger: Blockchains like Solana have their own, presumably less-vetted virtual machines. And others, like Arbitrum and various zero-knowledge-proof projects, are planning new ones.
Zero-knowledge-proof technology is already incomprehensible to all but a select few — so using those chains will require placing your trust in that small group of people as well as the even smaller group of people that will understand their compilers, too.
That seems like a lot of trusting for a trustless financial system.
Trusting Times in DeFi
The Curve exploit also has an element of contagion that's reminiscent of the Great Financial Crisis: Curve's founder, Michael Egorov, has a $60 million loan with Aave, backed primarily with depreciating CRV tokens, which could get margin called and force liquidations that ripple out to other protocols.
All that is fully transparent, however, much to DeFi's credit.
It's also to DeFi's credit that Curve's smart-contract code has still not been exploited: The assumption that the major DeFi protocols are sufficiently battle-tested remains intact.
But the programming languages that much of DeFi is being built on may not be nearly battle-tested enough.
It's impossible to say how big of a risk that could be: Even with the now-know vulnerability at Curve, we are relying on Curve to tell us how risky things are.
Per today's research newsletter, "all other pools are now safe, according to Curve, but the accuracy of this statement is still up for debate."
I'm sure they are correct, but having to take their word for it feels a bit like taking investment banks at their word in 2008.
That may require an even larger leap of faith now because the number of people that understand both crypto and compilers is possibly even smaller than the select group of investors who knew not to take the investment banks at their word back then.
That may make compilers the least transparent risk of DeFi.
No comments:
Post a Comment