Decentralised Finance | Crypto Community Currencies

Decentralized finance (commonly known as DeFi) is a type of finance created on the blockchain that does not rely on financial institutions such as brokerages, exchanges or banks to provide financial instruments, but instead uses smart contracts on the blockchain (e.g. Ether) to conduct financial activities[1]. the DeFi platform allows people to lend or borrow money from others[2], trade cryptocurrencies, and earn interest in a savings-like account[3][4]. As of 31 December 2022, DeFi tokens had a market capitalisation of $40.52 billion, compared to BTC's market capitalisation of $318.41 billion on that date. For DeFi optimists, DeFi amounts to a groundbreaking techno-logical advance that offers a new financial architecture that is non-regulated, unlicensed, publicly auditable, (pseudo-)anonymous, and potentially new capital efficient. In contrast, DeFi pessimists fear that, among other things, the unregulated and hacker-prone DeFi ecosystem helps to promote unregulated and new forms of financial crime.The pseudo-anonymous nature of DeFi allows cryptocurrency attackers, fraudsters and money launderers to move, launder and earn interest on capital. This paper seeks to examine the infrastructure of decentralised finance, its classification and its risks.
(i) DeFi's infrastructure

1. Blockchain (Blockchain)
   The key to all DeFi is the backbone of decentralisation, i.e. the blockchain. A blockchain is fundamentally a software protocol that allows multiple parties to operate under shared assumptions and data without the need for mutual trust. This data can be anything from information on the location and destination of items in the supply chain or account balances for tokens. Updates are packaged into 'blocks' and 'chained' together cryptographically to allow for auditing of previous history, hence the name. The blockchain is made possible by a consensus protocol, a set of rules that determine what blocks can be part of the chain and become the "truth". These consensus protocols are designed to be resistant to malicious tampering within certain security boundaries.

2. Cryptocurrency (Cryptocurrency)
   The most popular application of blockchain technology is cryptocurrency. A cryptocurrency is a token (usually scarce) that is secured and transferred in an encrypted manner. Scarcity is the possibility to guarantee value, which is itself an innovation of the blockchain. Often, digital objects can be easily copied. As former Google CEO Eric Schmidt said, "Bitcoin is a remarkable cryptographic achievement, and the ability to create something that cannot be copied in the digital world is of enormous value" [11]. Because asymmetric key cryptography protects accounts, no one can post a fraudulent transaction without having ownership of the corresponding account. You have a "public key" that represents the address of the token you are receiving, and a "private key" that is used to unlock and spend the tokens in your custody. This type of cryptography is also used to protect your credit card information and data when using the Internet. An account cannot 'double spend' their tokens as the ledger audits their balance at all times and faulty transactions will not be cleared. The ability to prevent 'double spending' without a central authority illustrates the key advantages of using blockchain to maintain the underlying ledger.

3. The Smart Contract Platform (The Smart Contract Platform)
   A key component of DeFi is the Smart Contract Platform. These blockchains go beyond simple payment networks, such as Bitcoin, and allow for the creation of smart contracts, enhancing the capabilities of the chain itself. Ether is a prime example of a smart contract platform. A smart contract is code that can create and transform arbitrary data or tokens on top of the blockchain it is on. The concept is powerful because it allows users to code rules for any type of transaction without trust, or even create scarce assets with specialised functionality. Many of the terms in a traditional commercial agreement can be transferred to a smart contract, which will not only enumerate, but algorithmically enforce those terms. Smart contracts go beyond finance and have applications in gaming, data management and supply chains.
   Among smart contract platforms, Ether has a relatively unique fee called the "gas fee", a unit of measure to calculate the amount of computational work required for each transaction on the Ether network. The more complex a transaction is, the more computing power it requires, and the higher the gas fee. The "gas fee" provides an incentive for efficient smart contract code, as contracts that use fewer resources and have a reduced probability of user failure have a much higher chance of being used and successful in the marketplace. The downside is that it forces agents to maintain an ETH balance in order to pay the 'gas fee', worrying not only about overpaying but also about underpaying and not trading at all. For this reason, there are initiatives underway to extract the "gas fee" from the end user and to support a competitive chain that eliminates the concept of gas altogether.

4. The Oracle (Oracles)
   One of the problems with blockchain protocols is that they are isolated from the world outside the ledger. This restriction limits applications to Ethernet-native contracts and tokens, thereby reducing the utility of smart contract platforms, often referred to as the oracle problem. In the context of a smart contract platform, an oracle is a data source for any information that reports information outside of the information blockchain. How can an oracle be created that can speak authoritatively about off-chain information in a trust-minimising way? Many applications require an oracle, and implementations exhibit varying degrees of centralisation. There are several ways of implementing oracles in various DeFi applications. A common approach is for an application to host its own oracle, or to hook into an existing oracle from a trusted platform. An Ethereum-based platform known as Chainlink aims to solve the oracle problem by using aggregation of data sources. the Chainlink whitepaper includes a reputation-based system that has not yet been implemented. The oracle is an open design problem and a challenge for DeFi to achieve utility beyond its own isolated chain.

5. Stablecoins (Stablecoins)
   A key drawback of many cryptocurrencies is excessive volatility. This adds friction to users who wish to take advantage of DeFi applications but do not have the risk tolerance of volatile assets such as ETH. To address this issue, a whole class of cryptocurrencies called stablecoins have emerged. Stablecoins are designed to maintain price parity with some target asset, such as the US dollar or gold. Stablecoins provide the necessary stability, and the mechanisms by which stablecoins maintain their pegs vary from implementation to implementation. The three main mechanisms are fiat collateral, cryptocurrency collateral and non-collateralised stablecoins. By far the largest category of stablecoin is fiat-collateralised and is backed by off-chain reserves of the target asset. Typically held by an external entity or group of entities that are routinely audited to verify the existence of the collateral, the largest fiat-collateralised stablecoin is currently Tether (USDT). Create a decentralised stablecoin that can both scale effectively and withstand a collapse in the event of a contraction. Stablecoins are an important part of the DeFi infrastructure as they allow users to benefit from the functionality of the application without the risk of unnecessary price fluctuations.

6. Decentralised Applications (dApps)
   dApps are an important part of DeFi and are similar to traditional software applications, except that they exist on a decentralised smart contract platform. The main benefit of these applications is that they are permissionless and censorship-resistant. Anyone can use them, and no single institution controls them. A separate but related concept is that of a decentralised autonomous organisation (DAO). A DAO encodes its operating rules in a smart contract that determines who can perform what actions or escalations. A DAO usually has some kind of governance token, which gives the owner a percentage of the voting rights on future outcomes.
   (ii) The various types of DeFi products and their characteristics
   This section focuses on DeFi protocols classified by the type of operation they provide, mainly including on-chain asset swaps, decentralised lending, stablecoins, portfolio management, derivatives, and hybrids that can protect privacy.

7. On-chain asset exchange
   Decentralised Exchanges (DEXs)[99] are a class of DeFi protocols that facilitate the uncustodial exchange of digital assets, where all transactions are settled on-chain and can therefore be publicly verified. While DEXs initially only supported local assets on the chains on which they operated, wrapper tokens, such as wBTC, and innovative cross-chain solutions have enabled DEXs to overcome this limitation. Currently, there are different variants of DEXs, such as order book DEXs (both individual and bulk settlement) and automated market makers (AMMs), depending on the price discovery mechanism. Automated Market Makers (AMMs) are the most common type of DeFi product. AMMs provide liquidity to users so they can easily buy and sell tokens on decentralised exchanges. Unlike traditional finance, this type of product does not require a middleman or broker, allowing users to trade without any counterparty risk and at low cost. However, AMMs also have some drawbacks. As transactions are conducted on the blockchain, users must pay a "gas fee" for each transaction. In addition, the price of tokens can be more volatile than on traditional financial platforms.

8. Decentralised lending
   Lending of on-chain assets is facilitated through loanable funds protocols (PLFs)[72], which refer to DeFi lending protocols that create a distributed ledger-based marketplace for loanable funds of crypto assets by pooling deposited funds in a smart contract. In the context of PLF, the market refers to the total supply of tokens and the total lending volume, where the available deposits constitute the liquidity of the market. Assuming that the market for tokens is sufficiently liquid, agents can borrow directly against the reserves of the smart contract and the cost of borrowing is given by the market's interest rate. On PLFs, lending usually takes two forms: over-collateralised loans and flash loans.

9. Stable Coins
   Non-custodian stablecoins are crypto assets that achieve price stability by being relative to a target currency (usually the US dollar) and seek to achieve this through additional economic mechanisms. Note that custodian-based stablecoins such as USDT are outside the scope of DeFi, as these rely primarily on trusted third parties to operate, although they may be assets used in other DeFi protocols. In a decentralised environment, the challenge for protocol de-signers is to construct a stablecoin that achieves price stability in a way that is economically secure and stable, and in which all required parties can continue to participate and profit from [90]. Price stabilisation is achieved through the use of on-chain collateral, providing a basis for secured loans from which the stablecoin derives its economic value.

10. Portfolio management
    For liquidity providers seeking to maximise returns, liquidity allocation can be an onerous task given the complex and vast space from which returns are generated. The management of on-chain assets can therefore be automated through DeFi protocols that act as diversified investment funds, where tokens are deposited into smart contracts and investment strategies that require transactions with other DeFi protocols (e.g. PLFs) are encoded in the contract. the yield of DeFi is generated through interest (including accrued fees) and token rewards. For the latter, the protocol (e.g. PLF or AMM) distributes local tokens to its liquidity providers and/or users as a reward for providing deposits and/or protocol adoption. These protocol local token rewards are similar to equity in that they represent a right to participate in the governance of the protocol and often represent a claim on the revenue generated by the protocol. In exchange for the liquidity provided, the distribution pattern of token rewards may vary from protocol to protocol, but is typically proportional to the liquidity provided by the agent on a given protocol. The smart contract encoded on-chain asset investment strategy is therefore tailored around the return generation mechanisms of the different protocols with the sole purpose of return aggregation and maximisation.

11. Derivatives
    A derivative is a financial contract that derives its value from the performance of the underlying asset. As of March 2022, the derivatives market represents around 62% of the overall crypto asset trading market. While approximately 99% of derivatives trading volume is achieved on centralised exchanges, a number of DeFi protocols have emerged that offer similar functionality, notably synthetic assets, futures, perpetual swaps and options.

12. Privacy-preserving blenders
    Mixers are methods to prevent the tracking of cryptocurrency trading behaviour. These methods are important for protecting user privacy, as ledgers of trading behaviour are inherently public information; however, this also means they can be used to mask the origin of illicit funds. Blenders work by developing a "shielded pool of assets" that are difficult to trace before they enter the pool. They typically take one of two forms: (1) blending funds from multiple sources so that individual coins cannot be easily traced to separate addresses (also known as "coin syndication"), or (2) directly masking the content of transactions using a zero-knowledge proof of transaction validity.
    (iii) Risk
    As we have mentioned in the previous two sections, DeFi allows developers to create new types of financial products and services that expand the possibilities of financial technology. While DeFi can eliminate counterparty risk, cut out the middleman and allow financial assets to be exchanged in a trustless manner, as with any innovative technology, innovation brings with it a new set of risks. In order to provide users and institutions with a robust and fault-tolerant system capable of handling new financial applications at scale, we must address these risks head-on. Without appropriate risk mitigation, DeFi will remain an exploratory technology, limiting its use, adoption and attractiveness. the main risks DeFi currently faces are smart contracts, governance, oracles, scaling, exchange, hosting and regulatory risks.

13. Smart contract risk
    Over the past decade, cryptocurrency-focused products (mainly exchanges), have been hacked several times. While these hacks have occurred due to inadequate defences, they demonstrate an important point: software is uniquely vulnerable to hackers and developer misconduct. Blockchain can eliminate traditional financial risks with its unique properties, but DeFi is built on code. This software foundation gives attackers a greater attack surface than the threat vectors of traditional financial institutions. Public blockchains are open systems that allow anyone to view and interact with the code on the blockchain after it has been deployed. Given that such code is typically responsible for storing and transferring blockchain-native financial assets, it introduces a new and unique risk. This new attack vector is known as smart contract risk. Smart contract risk can take the form of a logical error in the code or an economic vulnerability where an attacker can extract funds from the platform beyond its intended function.

14. Governance risk
    Protocol governance refers to the representative or fluid democratic mechanism that can change the protocol. In order to participate in the governance process, users and investors must acquire tokens with explicitly assigned protocol governance rights on a liquid marketplace. Once acquired, holders can use these tokens to vote on changes to the protocol and to guide the future direction. Governance tokens typically have a fixed supply and help counteract attempts by anyone to gain a majority (51%), but they expose the protocol to the risk of control by malicious actors. While we have yet to see a true governance attack in practice, new projects like Automata38 allow users to buy governance votes directly and could accelerate the threat of malicious/hostile governance. the DeFi protocol is vulnerable to attack once the governance system is up and running. Any adversary with financial power could simply gain access to most of the flowing governance tokens to gain control of the protocol and steal funds.

15. Oracle risk
    The oracle is one of the problems that remains unsolved in DeFi, and most DeFi protocols require an oracle to function properly. Essentially, oracles are designed to answer a simple question: how can off-chain data be securely reported on the chain? Without an oracle, the blockchain is completely self-contained, with no knowledge of the outside world other than the transactions added to the native blockchain. Many DeFi protocols need access to secure, tamper-proof asset prices to ensure that regular actions, such as clearing and predicting market resolutions, work correctly. The reliance of protocols on these data feeds introduces oracle risk. Oracle's represent a significant risk to the systems they support, and if the cost of corruption for an oracle is always less than the potential profit of corruption for an attacker, then the oracle is extremely vulnerable to attack. The oracles that currently exist represent the highest risk to the DeFi protocols that rely on them. All oracles on the chain are vulnerable to preemption and millions of dollars have been lost due to arbitrageurs. To date, three types of Oracle solutions have been introduced, developed and used Schelling Point oracles, API oracles and custom, application-specific oracle services.

16. Scaling risks
    Ethernet and other 'proof-of-work' (consensus mechanism) blockchains have a fixed block size. In order for a block to become part of the chain, each Ether miner must execute all contained transactions on their machine. It is unrealistic to expect each miner to process all financial transactions for the global financial markets. Ether is currently limited to a maximum of 15 TPS. however, today almost all of DeFi rests on this blockchain. Ethereum is able to handle less than 0.1% of the throughput compared to Visa, which can process up to 65,000 transactions per second. Ethereum's lack of scalability puts DeFi at risk of not being able to meet the necessary demand. Many efforts have focused on improving Ether's scalability or replacing it with alternative blockchains that can more easily handle higher transaction volumes. So far, all efforts have proved unsuccessful for Ether. However, some new platforms, such as Polkadot, Zilliqa and Algorand, offer some solutions to this scaling risk.

17. Swap risk
    There is a different but general set of risks associated with on-chain order book DEXs. These exchanges suffer from scalability issues inherited from the underlying blockchain on which they operate and are often vulnerable to complex front-running of arbitrage bots. Order book DEXs also often have large spreads due to the presence of low levels of market makers. Whereas traditional finance is able to rely on sophisticated market makers including Jump, Virtu, DRW, Jane Street, etc., order book DEXs are often forced to rely on a single market maker per asset pair. This reliance is due to the nascent DeFi market and the complex computational infrastructure required to provide on-chain liquidity for order-based DEX. As the market evolves, it is expected that these barriers will be broken down and more traditional market makers will enter the ecosystem; however, for now, these barriers create a significant barrier to entry. Regardless, AMM and order-based DEX can eliminate counterparty risk while providing a non-custodial and trust-free exchange platform for traders.

18. Custody risk
    There are three types of custody: self-custody, partial custody and third party custody. For self-custody, the user develops their own solution, which may be a flash drive not connected to the internet, a hard copy, or a vault device. For partial custody, there is a combination of self-custody and an external solution (such as Bitgo). Here, a hack against an external provider provides enough information to recreate the private key. However, if a user loses their private key, the user in combination with an external solution can recreate the key. A final option is third party custody. There are a number of companies that have traditionally focused on the custody of centralised finance that offer solutions for decentralised finance (e.g. Fidelity Digital Assets). Each of the three approaches has its own risks.

19. Regulatory risks
    As DeFi's market grows in size and influence, it will face greater regulatory scrutiny. Major centralised spot and derivatives exchanges previously ignored by the CFTC have recently been forced to comply with KYC/AML compliance orders and DEX appears to be next in line. Currently, several decentralised derivatives exchanges, such as dYdX, must geo-block US customers from accessing certain exchange functions. While the non-custodial and decentralised nature of DEXs creates a legal grey area and the prospect of regulation is uncertain, there is no doubt that regulation will come once the market expands. A well-known algorithmic stablecoin project known as Basis was forced to shut down in December 2018 due to regulatory concerns. In response to regulatory pressure, DeFi has seen a growing number of anonymous protocol founders, such as an anonymous team that launched a fork of the original Basis project (Basis Cash44).