In part 1 of this series, we examined the distinct type of risks facing the DeFi market and how unanticipated interactions that come from the composability of open protocols is both a compelling challenge and opportunity. In part 2, we explore some of the notable collateral effects of DeFi’s risk profile, its impact on the current market, and, finally, explaining how we view contract composability as leading to a new, vibrant demand for risk management products.
As long as Ethereum remains an open, permissionless network alongside increasing TVL in DeFi protocols, the potential for risk exposure from the use of decentralized applications and smart contracts will continue to increase for the DeFi community. The main culprit for this vulnerability, composability, is a double-edged sword of both innovation and threat emergence. As DeFi participants navigate and assemble features across established and new protocols, there is an equally active need to navigate a potential adversarial, buggy, and volatile space.
Many of the incidental or intentional adaptations to the consistently emerging threats on Ethereum end up vastly improving other areas of DeFi. Others, such as the recent Harvest Finance exploit, amplify myriad questions about the correct identification and classification of exploits and the effective use of corresponding and mitigating protections for assets that should result.
For example, debates that may sound like semantics actually attempt to precisely define protocol intent. Should a protocol be offered with no assumptions in the use of open, trustless code, or should a community be able to build shared consensus regarding conventions and use that enforce a notion of acceptable and, potentially, safe use?
Harvest Finance’s exploit is characteristic of the dilemma facing risk in DeFi. How do you quantify unpredictable risk for sophisticated arbitrage plays using flash loans? Is that something that should be covered by protection products or sophisticated risk management tooling? If so, who takes these risks, and if they are taken, how can these risks be valued?
These are meaningful questions with tangible economic impacts that need to be addressed by the broader DeFi community. Ingenious exploits mixing financial acumen with technical knowledge on composable protocols will continue. Now it’s a matter of identifying where and how to mitigate their downside effects.
Composability — A New Frontier for Risk Management
New types of risk require new types of protection. In a composable DeFi stack, not every risk is a bug, not every exploit is clear-cut, and new kinds of risk continually emerge. Never before have financial actors been able to capitalize with so much size virtually instantly to exploit opportunities on a network without permissions.
Flash loan attacks will likely become endemic in a composable DeFi ecosystem. New threats even more sophisticated may eventually arise. These are novel dangers that blur the line between a knowledgeable user’s brilliant exploit to an outright malicious crime.
Reverting to the Harvest Finance exploit, would existing protection providers have covered it? Let’s explore.
As mentioned in part 1 of this series, many existing risk management (e.g., derivatives-based price risk hedging) and protection products only address fundamental DeFi risks piecemeal. For example, only providing discretionary coverage for smart contract exploits, non-inclusive of economic risks, such as the complex arbitrage play by the Harvest exploiter.
In particular, Nexus Mutual smart contract coverage does not include:
“…any events where inputs, that are external to the smart contract system, behave in an unintended way and the smart contract system continues to operate as intended, where inputs include but are not limited to; oracles, governance systems, incentive structures, miner behaviour and network congestion.”
In addition, Nexus coverage does not extend to the intertwined protocol with the one that a protection pool is available for. So, in the case of Harvest, if Harvest coverage was available, the exploit would not be covered because the exploit included the manipulation of the Curve Y Pool — not explicitly Harvest’s own contracts.
Consequently, Nexus Mutual, had it provided coverage to Harvest Finance, would likely have had to initiate a community vote due to the fuzziness of the financial engineering deployed. However, the cards would likely be stacked against claimants since the language for coverage explicitly rules out malicious economic engineering by a user as a covered event.
Regardless of what side of the argument one sits on, the market demand for coverage of such events is inevitable and more importantly, necessary for mass adoption of DeFi.
Surging demand for nuanced risk management products also produces compelling side effects, many of which are for the net benefit of DeFi. For example, the capital inefficiency of over-collateralized (OC) lending in major protocols like Compound drives creative engineering for risk management products that have the meaningful result of improving capital efficiency across the full DeFi ecosystem.
Sharply modelled protection contracts, such as with any overage of collateralization amounts claimed against fixed cover amounts, could reduce over-collateralization ratios for depositors significantly. Functioning similar to an American put option on the underlying collateral, the put option would cover the difference between the original collateralization ratio (e.g., 150 percent) and the corresponding reduced ratio with the protection contract.
Reduced collateral requirements free up capital, which can then be used for low-risk yield farming opportunities, benefitting users supplying protection in capital pools, and improving yields across DeFi markets.
Risk management issues also permeate governance, making it a sophisticated and fluid topic, independent from the protocols it is used to address.
For example, flash loans can be used to force through governance votes, creating fears of future events that negatively affect stakeholders without their consent but still consigning to the rules of the protocol. More positively, community-governed DAOs are progressively assuming the risk management burdens of community treasuries, marking them as green pastures for the innovative restructuring of fees/incentives and decisions about how to allocate stakeholder capital.
How do you provide coverage for governance-based risks? What will future governance risks look like? Are pivotal decisions on stakeholder capital allocation deserving of their own risk management products?
At UNION, we analyze these questions beyond the technicalities and semantics, working towards products that offer users an array of protection products with varying levels of risk and reward for Buyers and Writers of protection alike.
Fluid Risk Management for Fluid Innovation
The only way to adequately address sophisticated attack vectors is via bundling of asset protection that encompasses technical, economic, and user-driven risk assessment. The idea is to provide various options for coverage based on the user’s flavour of risk. Moreover, such coverage needs to be built from the ground up, without barriers to access, and protecting user assets in ways that have prevailed in CeFi as well.
If UNION were writing smart contract protection for Harvest Finance, how would the risk be covered if it doesn’t fall neatly into pre-defined boundaries? No bug, no key stolen — just loose tolerance and clever financial engineering. How discretionary should coverage in events like flash-loan arbitrage events be? Should there be “full coverage” protection offered?
Theoretically, it could be performed by working with a quality auditor to evaluate the risk of smart contracts outside of logical or technical errors. Agent-based simulations could produce stress testing in a variety of scenarios to provide a better simulation of whether a successful (and outsized) flash loan could be executed. The risk score could be passed to the UNION protocol, which transforms the score into a protection premium and capital requirement. The community could then determine, through the UNION governance process, whether to support coverage and any market incentives to attract liquidity providers.
If there’s a demand for more coverage, then UNION exists to enable its development — whether that demand arises from a crop of degen traders and risk-averse yield farmers or institutions hedging their positions.
An important offshoot to this risk score model is the incorporation of third-party feedback, data, and disclosures of exploits. For example, how would Peter Zeitz’s (0x) disclosure of a vulnerability in the contract amplification coefficient of Curve’s smart contracts affect the coverage of assets exposed to an exploit that again blurs the line between technical and economic for Curve users? In addition, can we extend these models and protection products to help institutions manage their growing digital asset portfolios?
At UNION, we believe that full-stack protection, no KYC, and liquid secondary markets can empower the rise of more sophisticated protection instruments to meet the daunting challenges of exploits resulting from DeFi composability. Rather than settling on one side of the ideological spectrum, UNION affords DeFi users the optionality of selecting which asset protection ideology to subscribe to.
The modular framework of UNION exists to tailor protection solutions to specific threats.
Imagine a spectrum of structured risk products that support claims for vulnerability exploits. For example, writers of protection (i.e., LPs for protection pools) for complex situations like Harvest earning higher yields due to bundled protection for a variety of types of exploits — a la economic and technical. Or lower yield protection pools that only cover logical error in smart contract code and do not account for agent-based risk score of economic threats.
The potential design space is limitless for products that organically meet a full complement of market demands.
To adequately account for the evolving and complex risks facing DeFi, an open foundation for developing sophisticated risk assessment and coverage products is necessary.
That’s where UNION arrives.
The UNION platform is designed as a crucible for scalable protection products that can be bundled to cover the technology stack and multiple economic risks facing DeFi platforms. High transaction costs, inefficient use of capital, piecemeal protection coverage, and a lack of sophisticated protection products are handcuffing DeFi’s push towards its ultimate goal — an alternative financial system.
By building a series of modules for capital pools, dynamic pricing, and governance for managing coverage risk and generating revenue for protection coverage, UNION provides a scalable infrastructure for protection and risk management that support DeFi as a new and promising financial sector. Hedging risk in DeFi is more than merely offering single protocol NFT contracts for discretionary smart contract vulnerabilities. It needs to be more inclusive of the mixture of evolving threats facing Ethereum that can be bundled into more sophisticated products.
Current asset protection platforms such as Nexus Mutual and NSure offer discretionary smart contract coverage, but neither offers liquid secondary markets,, bundled protection, or tranched, structured risk products like that of BarnBridge’s smart bonds.
UNION melds together the advantages of the current offering of asset protection platforms while concurrently expanding their scope to include no-KYC, a modular set of tools for constructing sophisticated products (e.g., CDOs), and liquid secondary markets. Compared to the current market, UNION promotes a much more open and accessible design space for all types of DeFi users, whether they are more risk-averse or conservative when it comes to asset management.
By bundling protection, including exposure, gas fees, smart contract, and even layer one risk, UNION can achieve 3 significant advantages over competing protection models:
- Secondary Markets
- No-KYC Decentralized protection
- Reduced Collateral Requirements and Optimal Coverage Pricing
For example, secondary market coverage is a natural advantage over Nexus Mutual’s primary market coverage. Secondary markets not only increase liquidity, but they embrace the development of more sophisticated protection products commonplace within traditional finance. These products include credit default swaps (CDS), which can be used to model the protection premium of layer one or DeFi protocol vulnerabilities.
Subsequently, we can introduce models for collateralized debt obligations (CDOs) as portfolios of CDS.
CDOs on UNION may represent the correlated smart contract risk between a portfolio of borrowing/lending protocols in DeFi, such as Aave, Compound, and Maker. Tranched risk products could even represent varying degrees of risk profiles in the price of ETH that serves as the collateral for a variety of DeFi platforms.
This is just a primer for our next piece, where we will explore the current market of asset protection platforms in DeFi in-depth, characterizing the different ends of the asset protection spectrum and classifying them into protection buckets. We will then compare UNION to the existing market, outlining how the platform can congeal the fragmented aspects of the market into a comprehensive, low barrier ecosystem for advanced risk management.
From smart contracts to the on-chain layer and even the mempool, DeFi participants seek intelligent tools to quantify and simplify risk management. In a market where the individual’s decision carries more risk-bearing outcomes than the traditional financial market replete with intermediaries, that’s a compelling proposition.
Stay tuned for more info and follow us at:
Telegram ANN: https://t.me/UNNFinanceANN