The DeFi boom of 2020 has opened the public’s eyes to the possibilities and potential of cryptocurrency, but the downside is the vulnerability of the software systems used to sustain the relatively new blockchain sector. As the volume of total funds in the network is increasing, a string of recent breaches has shown that there’s a need for more robust security measures for DeFi.
On the 11th of May, 2020. Hackers exploited the system of three protocols—Rari Capital, Larva labs Meebits NFT project, diverting about $22 million worth of digital assets. As the hype and value of DeFi has grown, it has also become profitable for those attempting to exploit the system.Value DeFi also lost $21 million to hackers in a string of attacks. One was on the 7th of May 2020, while the other attack was in November 2020. The appraisal carried out showed that the hackers exploited a loophole caused by a missing line of code to cart away millions of dollars. It was reported hackers stole a total of $120Million via 15 DeFi hacks in 2020 alone. A series of DeFi hacks have also occurred in the year 2021. over $156million has been carted away by hackers in just six months, with the “rug pull” being one of the fraud schemes used to exploit the DeFi protocols.It is essentially a scheme in which token holders cash out and steal the money from the investors. According to DeFi pulse, the total value locked into DeFi is $62.07 billion. This shows how much the DeFi community has expanded over the past few months. The need for a better security and privacy mechanism has never been greater. While the blockchain itself is immutable and the blocks can not be changed, the software that was created by developers is still prone to attack. We saw how a missing line of code allowed hackers to cart away $21 million from value DeFi.
Solution to the DeFi hacks
There are several solutions that the DeFi community can employ to boost their security systems. One of those solutions is the adequate testing of DeFi protocols. A lot of the work should be done during the pre-launch. The code of DeFi projects should be adequately tested before being launched to the public. This will help the platforms to stop loopholes that have been overlooked, reducing the ‘human-error’ problem. Another solution is the offer of rewards and incentives to ‘trial’ users to identify and spot weaknesses in the test project. The most reliable solution is the use of Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKS). Zk-SNARKS proof allows users to prove the possession of certain information, like the secret key, without revealing the information, and without any interaction between the prover and the verifier. This prevents the leakage of sensitive information that might be exploited by hackers.
One of the unique DeFi projects making use of this proof is the Onion Mixer. Onion Mixer is the first decentralized protocol for anonymous cross-chain transactions. You don’t need to reveal sensitive information to the protocol before a transaction can be approved. The reliable privacy-focused solution has created a way for transactions to be anonymous. It combines CoinJoin and zero-knowledge proof. The Onion Mixer achieves privacy by using zkSnarks to break the on-chain link between the source and the destination address.
It provides people with an anonymous way to manage their DeFi assets without revealing sensitive information that can be exploited for hacking.
Adoption and growth
For DeFi adoption to continue to grow, the security of the DeFi system must be improved. Users’ DeFi assets should be secured using reliable techniques. To increase the security of the DeFi community, existing DeFi protocols should rely on a security and privacy-focused solution like the Onion Mixer. Security and privacy concerns will most certainly raise a cloud of uncertainty in the hearts of new and potential users at a time when interest in DeFi and blockchain technology is at an all-time high.