Curve Finance’s front end this week became the victim of an exploit that ended with a loss of more than US$573,000. Curve took to Twitter to warn its users of the issue with its site, though luckily the spoofing exploit did not affect the Curve exchange:
On August 9, Twitter user @samczsun alerted the public to the exploit with a tweet that read: “@CurveFinance frontend is compromised, do not use it until further notice!” Despite the Curve team’s quick response to the issue, they were unable to prevent the loss.
The hacker(s) responsible seemingly changed the protocol’s domain name system (DNS), which then allowed them to approve a malicious contract by directing users to a fake clone. In a stroke of luck for Curve, the program’s exchange remained uncompromised, as it utilises a separate DNS provider.
An hour after the initial warning of the exploit, Curve tweeted:
The issue has been found and reverted. If you have approved any contracts on Curve in the past few hours, please revoke immediately. Please use https://t.co/6ZFhcToWoJ for now until the propagation for https://t.co/vOeMYOTq0l reverts to normal
While a significant sum was lost, the quick circulation of information on Twitter regarding the attack on the nameserver and front end may have prevented greater losses.
The Curve decentralised finance (DeFi) protocol is an integral part of the DeFi ecosystem, and exploits such as this prevent other protocols from accessing income sources.
Protocol Exploits Elsewhere
DeFi protocol exploits have proliferated in 2022, with two notable examples occurring in May and June. The first victim was the Fortress protocol, with the crypto borrowing and lending platform losing approximately US$3 million in stolen funds. The Binance Smart Chain (BSC)-based platform had suffered an oracle attack only days prior.
More recently, Terra-based DeFi app Mirror Protocol was the subject of a US$2 million exploit related to Terra blockchain’s recent rebrand to Terra Classic. The exploit almost completely drained the mBTC, mGLXY, mETH, and mDOT pools. Luckily the developers were able to patch the damage before all pools could be drained.
With recession concerns and dipping crypto prices reducing borrowing demand from the decentralised finance ecosystem, DeFi lender Porter Finance has announced the closure of its bond issuance platform:
Two things from Porter's BI shutdown announcement:
1. "not confident there will be large inflows of lending demand for fixed income DeFi products like the ones offered through Porter Finance." 2. "no longer willing to take on the legal risk associated with bond offerings."
The Ethereum-based lender allowed decentralised autonomous organisations (DAOs), such as Porter’s Ribbon DAO, to issue convertible bonds to raise funds in return for paying yields to users. However, the lack of demand for fixed-income DeFi products has meant that the Porter Finance bond issuance platform was in operation for only a month.
Porter Finance founder Jordan Meyer cited the competitive rates of traditional finance and the lack of institutional fixed-income DeFi adoption as the twin forces driving low demand for bond issuance. Meyer has also stated that his company is “no longer willing to take on the legal risk associated with bond offerings”:
Porter Finance, which announced in April that it had received $5 million in investment from ParaFi Dragonfly and others, announced the closure of its bond issuance platform because it was no longer willing to take legal risks associated with bond issuance. https://t.co/Kk8j3Uz0A7
Ribbon DAO, the protocol that helps users access crypto-structured products for DeFi, which was using Porter Finance to issue its bonds, is still bound by its promise to repay yields to users. The closure of Porter Finance’s first-of-its-kind service follows the implosion of other DeFi companies such as Celsius.
Other DeFi Movements
Last month’s hot topic was the DeFi sector with DeFi Yield Protocol (DYP) up by a notable 107 percent in a week. At the time, DYP was trading at US$0.43. According to Coinbase, DYP will phase in alongside five other Ethereum-based altcoins – PARSIQ, Elastos (ELA), HOPR, MATH and ALEPH – in trading pairs with Tether once liquidity conditions are met. The six altcoins will be grouped under the exchange’s new ‘Experimental’ title.
At the same time, the combined CeFi and DeFi crypto lending platform Alkemi Network announced a partnership with hardware wallet maker Ledger. The collaboration will mean that Ledger’s 1.5 million users can earn yields with their ETH, USDC or wBTC via their wallets’ interfaces. The combination of CeFi and DeFi allows users to maintain full control of their assets.
More positives for the Waves open-source blockchain, following the announcement of a DeFi revival plan, the WAVES token price increased by approximately 60 percent in the May 31 trading session, only to crash back down a couple of days later.
🚀Waves Enterprise goes open-source and launches DAO. It’s a paradigm shift! https://t.co/EgeSNb3Sfj 🔥
The WAVES token jumped from US$6 at the beginning of the week to a US$10.15 intraday peak on May 31 and is now likely to hit its US$12.30 resistance, a point it has not reached since May 11.
The trouble for the WAVES token began at the beginning of April after a large sell-off of USDN. The knock-on effect was last month’s de-pegging of the stablecoin. This, combined with the Vires Finance liquidity crisis and the LUNA crash, meant an intense plunge for WAVES.
Anatomy of a ‘Master Plan’
There are several contributing factors to the 60 percent WAVES surge, the most notable being the Waves DeFi revival plan. The so-called “master plan”, according to a Waves Tech post, will look like this:
begin buying and locking CRV tokens with 45 percent of the WAVES staking profits from Neutrino, and vote to incentivise the USDN 3-pool, to improve demand for USDN;
liquidate large accounts, taking control of their collateral;
sell the collateral without de-pegging USDN to return liquidity to Vires Finance and reduce utilisation rate, enabling larger user withdrawals; and
improve Neutrino architecture with a new recap token that recapitalises Neutrino with new Waves Tokens when under-collateralised:
4️⃣ Improve Neutrino architecture with a new recap token that recapitalizes Neutrino with new Waves Tokens when under-collateralized.
The $ value of the WAVES tokens in the Neutrino smart contract – the Backing Rate – is presently lower than the amount of USDN in circulation.
As part of the recapitalisation of Neutrino, the Waves protocol will be airdropping the new token via Tsunami Testnet, providing users meet eligibility conditions.
With the wider crypto market slowly turning green after a lengthy period of lows, along with the revival plan to be implemented, WAVES may continue its surge over coming weeks.
WAVES’ Recent Breaks
March was eventful for the Waves protocol as it managed to stay at the forefront of innovation via a partnership with Allbridge. A combination of this partnership and the protocol’s migration to Waves 2.0 caused the token to surge by 120 percent in just a week.
The back end of March saw the Waves protocol pump 70 percent following the news that it would be launching in the US. The US Waves Labs project was tasked with supercharging the protocol’s ecosystem upon its March 28 launch.
MM.Finance, the largest DeFi exchange on Cronos, has lost US$2 million in a recent exploitation by hackers. A Domain Name System (DNS) vulnerability is believed to be responsible, with the stolen funds being sent to Tornado Cash:
1/ We have been investigating the onchain tx & also engaged partners w/ extensive connections & expertise in escalating this in terms of real world consequences. We have traced your funding to OKX exchange & we need everyone's help to RT this post to get @okx & @Jay_OKXpic.twitter.com/4PhBrR5yfu
— MM.Finance – #1 Defi Ecosystem on #Cronos (@MMFcrypto) May 5, 2022
As per its tweet, MM.Finance traced the perpetrator of the cyberattack back to OKX centralised exchange. The funds stolen in the frontend breach were bridged to Ethereum using Multichain and deposited into Tornado Cash. OKX requires users to go through a ‘know your customer’ procedure, therefore the attacker had to have used fake IDs when signing up for the exchange.
While MM.Finance intends to compensate the affected addresses, the exchange has said that if 90 percent of the funds are not returned to MM.Finance within 48 hours, it will contact the FBI:
📍 We have collated the addresses that have lost funds during the attack earlier via the data onchain. Over $2,000,000 USD will be compensated and reimbursed.
— MM.Finance – #1 Defi Ecosystem on #Cronos (@MMFcrypto) May 5, 2022
DeFi Exploits Increasing
Early April saw DeFi lender Inverse Finance suffer a US$15.6 million exploitation. The decentralised Ethereum protocol was compromised by hackers targeting its money market through the artificial manipulation of its token prices.
And, only days ago, Rari Capital lost US$80 million to hackers following a Fei protocol exploit. The assets had been held in Fuse lending pools, apparently the fault of a reentrancy vulnerability.
Ethereum is currently powering the future of global decentralised finance (known as “DeFi”) so it’s blockchain must be well equipped to scale and handle an influx of apps and users into the millions. Currently there are limitations with Ether blockchain with speed and high transaction fees, which has led to the emergence of Ethereum layer 2 projects that help resolve the network performance and enable continued expansion of the DeFi ecosystem.
What is Ethereum Layer 2?
A layer 2 project is a company and network of its own that operates on top of the Ethereum blockchain base layer (known as “layer 1”). Layer 2 projects (also known as “sidechains”) connect Decentralised applications (Dapps) to interact with aspects of the layer 1 blockchain to significantly speed up transactions, whilst making use of the base layer’s privacy and decentralised infrastructure.
Why use Layer 2 Projects?
The main Ethereum 1.0 blockchain currently has a low speed of around 7-15 transactions per second (TPS). Layer 2 solutions can achieve much faster speeds of up to 9,000 tps by handling most of the hard processing “off-chain” on their sidechains to increase efficiency.
There are an increasing amount of layer 2 projects and sidechains in circulation, each working to improve user experience for swapping coins and tokens, minting NFTs, reducing transaction GAS fees and increasing the speed of transactions.
We have compiled a list below of what we think are the best 10+ Ethereum layer-2 projects and sidechains worth knowing about.
1. Polygon
Polygon – a multichain ecosystem.
Polygon is a protocol and framework that allows projects to connect with Ethereum-compatible networks to enable ‘scalable-solutions’ for a multi-chain ecosystem.
Advertised as being for developers, by developers, Polygon has identified the challenges facing the Ethereum blockchain and presented its own solutions by offering instant and ‘zero-gas’ transactions with a Proof-of-stake (PoS) chain.
Polygon utilises the MATIC token, which helps to secure the network and to pay any transaction fees. Originally the project was called MATIC and was seen as a direct competitor to Ethereum, but in 2021 it rebranded to Polygon and now enhances the Ethereum ecosystem rather than directly competing with it.
Optimism is a community focused layer 2 framework that offers projects with lighting speed for a lower cost to transmit data to and from the layer 1 blockchain. Optimism is an optimistic rollup chain, which means a large batch of transactions are ‘rolled’ together and then condensed and processed on layer 1.
The Optimism ecosystem promotes hundreds of apps and integrations including DeFi, NFTs, Bridges and Portfolio trackers. There isn’t a native token for the Optimism project yet. The project current donates all the profits towards scaling the growth and sustainability of public goods.
3. Arbitrum
Arbitrum – build an app in five minutes.
Arbitrum is a layer 2 project built by Offchain Labs that provides Ethereum apps to scale at low cost whilst also providing software developer’s which simplified feature implementation of smart contracts. Arbitrum claims that you can build an Eth app in as little as five minutes.
Much like Optimism, the Arbitrum also doesn’t have a project token yet. That being said, the ecosystem is growing with hundreds of live applications including NFT marketplaces, Wallets, Bridges and On-Ramps making use of the quick start developer tools.
4. Starkware
StarkWare – facilitate all kinds of transactions.
Starkware is an Ethereum layer 2 project that provides scaling solutions for applications wanting to keep transaction fees low and fast executing.
The Starkware ecosystem includes a few different sub-projects which help provide permissionless decentralised ZK-Rollups that help facilitate the transactions that accompany AMM, spot trading, NFT minting and crypto trading. Big projects such as Sorare have integrated Starkware into their infrastructure to enable minting of Ethereum-based NFTs.
Starkware doesn’t have a native token yet.
5. Uniswap
Uniswap – apply for funding to build your app.
Uniswap is one of the leading the decentralised crypto trading protocol projects that supports thousands of DeFi applications including token swapping, staking, voting, liquidity providers and more.
You can use the Uniswap app to swap DeFi tokens directly on-chain through popular DeFi wallet providers on Ethereum, Polygon, Optimism and Arbitrum networks.
The native token for Uniswap is the UNI token, which you can use to save trading fee costs and stake in liquidity mining pools to earn yield. The UNI token also serves for decentralised governance of the project.
6. Loopring
Loopring – an automated execution system.
Loopring is a zkRollup Ethereum Layer 2 project that provide low-fees and high speed for trading, swapping and payments using ETH.
Loopring promotes an ‘automated execution system’ that allows users to trade cross-exchange and participate in cross-blockchain liquidity. Defined as ‘blockchain agnostic’, Loopring can integrate with any platform using smart contracts. You can use the Loopring BETA marketplace to create a Layer 2 wallet and trade DeFi tokens with ETH and USDT trading pairs.
The LRC token is native to Loopring and aids in these transactions.
7. OMG Network
OMG Network – Enya and Boba combine.
OMG Network (also known as “OMG Foundation”) provides Ethereum with a Layer 2 Optimistic Rollup solution that reduces gas fees and improves transaction throughput for smart contracts.
A new project launched by OMG is called Boba, which is extending Ethereum Virtual Machine (EVM) smart contract capabilities specifically for DeFi and NFTs projects running integrations on external servers such as AWS to help execute sophisticated algorithms that are not possible to run on-chain.
8. ZKSpace
ZKSpace – decreasing transaction latency and gas fees.
ZKSpace is a fairly new ZK-Rollup Ethereum Layer 2 protocol that offers near instant transactions without waiting for block confirmations.
The ZK project offers a layer 2 NFT protocol which provides NFT projects with cheaper NFT issuance, minting, airdrops and sales. 2022 should be an interesting year for ZKSpace, with lots of exciting developments scheduled, including ZKSea – an NFT Layer-2 marketplace.
The native token ZKS is used to save fees on the DeFi token swap L2 Wallet and also used to pay for minting NFTs on the L2 marketplace.
9. Skale
Skale – businesses can rent a sidechain.
Skale is an elastic blockchain network that focuses on high-performance, offering up to 1000x faster transaction speeds for your Ethereum Dapps.
Crypto projects have the option to rent a sidechain through Skale to increase transaction throughput making use of the Ethereum 2.0 validator nodes with the use of Sharding technology.
Projects can execute solidity smart contracts on Skale powered blockchains to enhances DeFi, games, NFTs and content streaming services.
SKL token is the native token of the Skale network, which aids in ecosystem cleaning, network development and upkeep, and reward validator nodes – the community keeping the network secure.
10. Gnosis Chain
Gnosis Chain – formerly xDai.
Gnosis Chain (formerly known as xDai) is a prediction market platform on the Ethereum network. Gnosis chain is providing its users with the chance to build their own prediction platform through the creation of a specific infrastructure layer.
Gnosis Chain also hosts free tournaments on the outcomes of their prediction platforms, and doing well with these can earn you GNO – the native token for the Gnosis Chain.
11. Bonus: Raiden Network
Raiden Network – compatible with all ERC20 tokens.
Raiden Network is an open source project that aims to help scale Ethereum payments by providing off-chain transfer of ERC20 tokens.
While this network is currently work in progress, Raiden is looking to avoid the ‘blockchain consensus bottleneck’ to facilitate ETH micropayments, similar to that of BTC lightning network.
Ethereum layer 2 projects will have a big say in the short adoption of Ethereum-based projects and also in the long-term success of Ethereum as a global settlement platform.
2022 brings the long anticipated Ethereum 2.0 upgrade which many believe will not make Layer 2 networks obsolete, but actually enhance them and increase adoption into the Ethereum ecosystem. Upgrades such as sharding will become available to Layer 2 projects enabling them to improve their services to Dapps and Layer 3 apps.
Australian Analyst Matt Harcourt of Apollo Capital, the country’s leading crypto-asset investment firm, recently spoke to DMARGE about crypto trends in 2021. While the discussion focused largely on Bitcoin (BTC), it’s Ethereum (ETH) that’s making headlines today after securing a new all-time high (ATH) above its previous record of AUD$1,850 (US$1,420).
Ethereum was one of the best-performing assets of 2020, gaining over 800% in value throughout the year. After starting the year at the extremely low price of AUD$166, ETH has steadily climbed to its new ATH, only suffering a brief dip during the early days of the COVID-19 outbreak.
In mid-2020, a thriving decentralized finance (DeFi) market emerged that was largely developed on Ethereum’s ERC20 protocol. Although DeFi had a somewhat bumpy start with several projects collapsing or exit-scamming, it nevertheless helped to boost Ethereum’s price and should continue to do so into 2021. 24-hour volume on the Ethereum network has also seen extreme growth this year, peaking at $140 billion on January 4.
Harcourt believes there is room for more growth going into 2021, citing a ‘broken’ financial system that will help boost interest in cryptocurrencies.
“…there is a ‘broken’ (I use that word loosely) financial system that will inevitably be replaced by the more open, fair and efficient system that is Bitcoin and blockchain technology (Ethereum, Decentralised Finance),” he told Australian news outlet DMARGE.
However, he noted that now may not be the best time to buy as prices are very high. “A good time to enter the market may come in 1, 2 or 3 months as I think Bitcoin will end 2021 at a higher price,” he said. It looks like he might be right, as other market indicators are suggesting a possible retrace from the current overbought level.
The supply of Bitcoin on exchanges is currently at the highest its been in nine months, suggesting traders are getting ready to sell. With Bitcoin already up by a massive 25 percent just in 2021 alone, buying power must surely start dissipating soon. Even the institutional interest that drove Bitcoin to new highs through late 2020 is beginning to wane, and retail investors appear to be diversifying into altcoins.
Over the past 24 hours, smaller-cap cryptocurrencies like AAVE, ATOM, and MIOTA have all enjoyed gains of between 7 to 12 percent. In the same period, Bitcoin has seen barely any change at all, suggesting that this record-breaking month-long rally that saw it double in price may finally be exhausted.
The decentralized finance (DeFi) market is faced with other risks than investors losing their money due to price fluctuation. BNC Research, which focuses on digital currencies, revealed the non-financial threats in the DeFi market, showing just how the industry is still nascent. So, there’s an uphill battle for the industry to face before it becomes even safer for mainstream adoption.
Meanwhile, it’s worth commending the developments so far in the decentralized finance industry. Since 2020, the industry has recorded more investors and protocol developments, which was fueled by the recent yield farming craze. At the time of writing, the total value locked (TVL) in the DeFi market had reached $14.1 billion, according to DeFi Pulse.
Other DeFi Risk Investors Should Know
Besides the common volatility issues with cryptocurrencies in general, BNC mentioned “scalability” as another risk investors should worry about in DeFi. Notably, Ethereum is the root network for DeFi, and scalability is one of the concerns with the current version. As Ethereum 2.0 – a more scalable version of the blockchain – is years away, BNC said that the network is likely to get congested as more people flock to DeFi.
Congestion of the network would cause higher transaction fees, as was seen during the rush in DeFi some months ago. Also, there are chances that many DeFi applications might be forced to shut down due to higher transaction fees. One other concern is smart contract vulnerabilities. In recent months, many new protocols were exploited by hackers due to bugs/flaws in the coding. It was estimated that tens of millions of dollars had been lost this year to hackers.
Another problem relates to price oracles used by DeFi protocols. There are times where these oracles provide outdated and inaccurate price updates. Bad actors can exploit this weakness, especially if the oracles post a price for an asset that is higher than the actual market value. BNC Research also mentioned poor design and coding as a problem, adding that these challenges and more, need to be addressed to prepare the room for DeFi mainstream adoption.
