All investments involve some degree of risk. Risk refers to the degree of uncertainty and/or potential financial loss inherent in an investment decision. Investors need to consider the technical or systemic risks associated with an investment opportunity as well as their own approach to investing.
As investment risks rise, investors seek higher returns to compensate for taking such risks.
Risk/Return Tradeoff is all about achieving the fine balance between lowest possible risk and highest possible return. Low levels of risk are usually associated with low potential returns while higher levels of risk are normally expected to yield higher returns. But higher risk doesn't always mean higher retuns. That’s it… basically.
This year, everyone chased the highest yield farming opportunities & annual percentage yields (APY). Retail and other degens blindly followed anonymous influencers on Twitter and invested (aped) in protocols without any due diligence at all. Greed eats mind. After some got burned because of their own greed and then rescued by bantg and friends, the space cooled down. https://twitter.com/bantg/status/1311393970090651648
Defi products at the moment returning higher APY than yield products in traditional markets.
Currently, crypto-backed loans with higher automation and efficiencies, generate a better outcome for lenders and investors. The efficiencies referenced are facilitated by smart contracts' ability to hold digital collateral until both sides of the transaction fulfill their obligations algorithmically. The system reduces the cost of custody, settlement, and escrow — labor-intensive, costly actions within legacy systems and increasing efficiency. Algorithmic actions reduce the rent charged by the labor to perform these actions. The perception of higher risk + the efficiency gains + short term loans (and the lower hurdle because DeFi folks don’t KYC) are reasons why yields are higher in decentralized systems.
As risk in DeFi converges on risk levels perceived in TradFi, by the nature of the loans moving from crypto-backed loans to traders to collateralized mortgage loans to homeowners, for instance, the efficiency of smart contracts will continue to offer higher yield on decentralized systems compared to traditional centralized systems. The Twitter community responded to Vitaliks poll to why these returns are superior to TradFi.
Lending Dai to Compound or dollars to the U.S. government in the form of 10-year treasuries involves the same dynamic — lending money for a return so that others can borrow it with interest. The 10-year treasury bond is generally considered a relatively safe investment, but Dai and Compound represent completely new opportunities, which makes it difficult to fully assess the risk associated with them. The movement is particularly exciting because these new protocols effectively transform counterparty risk into code/protocol risk.
Let us have a look at the different risk levels (systemic and technical risk) involved when tokenizing debt to leverage assets. Something I like to call “Risk-Stacking”. Risk-Stacking mostly goes hand in hand with higher yield opportunities. By putting your money to work, e.g borrow it on AAVE, you generate yield when other people lend your borrowed assets.
This sums it up quite nicely. Every step/interaction with different protocols/smart contracts/applications should increase your yield but also your risk.
In a more general sense, we have to face different risk objectives:
- Blockchain Risk
Security, Decentralization, Network ownership — not really a problem for Ethereum right now but for other Chains like NEO with 12 nodes it is. - Procedural Security
Those who use cryptocurrency take on risk associated with their potential to act in ways that put their assets at risk. Cryptocurrency users take on the unique responsibility for securing their own private keys (e.g. Wallet- and Key-Management). The most common security risks in DeFi include phishing attacks in which a malicious agent duplicates a website or service to lure unsuspecting users into sharing their sensitive information. - FX/Token Risk (e.g. USDC/USDT, DAI, UNI)
If USD is not your local fiat currency, additional foreign exchange risk exists.
When interacting with tokens, there is always a possible risk of losing the value or peg of the token. USDC can be frozen by CENTRE or lose the PEG because of a black swan event. DAI can lose its peg because some collateral strives towards 0. This risk increases as more tokens get accepted as collateral. If the Dollar is not your foreign fiat currency, you should really care about the additional fx risk. - Macro Politics
Regulators approaches have included outright bans of cryptocurrencies and Initial Coin Offerings (ICOs), using a case-by-case vetting and approval process of such activities, and clear guidelines regarding whether a particular activity can work and eventually receive regulatory approval. Uncertainty increases risk. - Governance decisions can change the principles of the underlying application and token economics. Keeping up with updated protocols and changing terms of service among various cryptocurrency projects is tough. YFI token holders, for example, decided to cap the YFI token supply to 30k (Community stakeholders controlled the minting of additional YFI tokens). If they decided to inflate the supply, your own stake could be diluted. As Hasu pointed out it is easy to forget customer funds can be drained via governance in many protocols. For example in Compound, a supermajority of coin holders can vote in arbitrary new logic. While this logic takes 48h to activate, it is unlikely that all $800m would be withdrawn in time. In extreme cases, there could be a transition to a completely new token (YAM -> YAMv2). Keeping up with these types of changes will be critical for investors who decide to use DeFi products.
- Smart Contract Risk (e.g. compound, AAVE, C.R.E.A.M, balancer). Vitalik Buterins main concern/criticism is about underestimating the smart contract risk. Hackers often find valuable opportunities and exploits in smart contracts which are often worth millions of dollars. Malicious actors in crypto are always financially incentivized to break the system to make a living. The public nature of smart contracts increases the probability and risk. But even without malicious actors, funds can be locked in smart contracts because of false implementation, inexperience or lack of testing (e.g. SFI 50M$ Dai locked in LP Pool). Smart contract risks include dependency on timestamp, front-running, inadequate gas griefing, integer underflow and overflow, and forcible transmission of ether to a contract. In front-running risk, hackers can leverage transactions mempool to take an unincluded block and make their desired modifications. Smart contract risk is based on code and facts in comparison to the other risk vectors (politics, scam etc.). Evaluating SC risk is mandatory for every due diligence in an investment process. You don’t sign a contract in a language you don’t understand, right? So, why would you interact with a smart contract if you don't understand solidity?
But even analyzing the code doesn't prevent you from gettin rekt:
a) Audits focus on code, not context (attack vector economic attack/flash loans)
b) Code is law and immutability was a key selling proposition. Now every project is using proxies (e.g. uniswap), the consequence of this is, that the audited and the current version can differ. - Economic Attack is not a hack per-se. Actors try to manipulate markets to optimize their trade outcomes (often enabled by flash loans). While flash loans provide a new source of profit in the decentralized finance sphere, malicious actors attempt to use borrowed funds in order to manipulate the DeFi market — known as flash-loan attacks.
Understanding the DeFi risks clears the first step for solving them. Accepting risks with DeFi paves the path for efficient adoption of DeFi products and services. It’s difficult to analyze the impact of the different risk vectors on DeFi quantitatively, but we can get some clues from the insurance product provided by Nexus Mutual or Cover, which is a ‘decentralized alternative, to insurance’s.
In the next article, I will try to evaluate/quantify the different risk stacks and will dig a little bit deeper into risk hedging options and how to weigh potential risk vectors.
