DeFi platform Poly Network was at the centre of one of the biggest cryptocurrency theft last week.
For most of the 13-year lifespan of cryptocurrencies, exchanges have been the epicenter of cyberheists. Now, a higher risk of hacking is in sight in the growing sector: peer-to-peer cryptocurrency platforms. One such site, Poly Network, was valued at $ 610 million. (approx 4,530 crore) crypto theft last week, one of the largest in history. In the days after the raid, the decentralized financial platform (DeFi) announced that the “white hat” hacker (s) had returned almost all of the loot.
The unusual ending to the Poly Network saga hides new risks in this growing crypto corner, which is estimated to be held at $ 80 billion (roughly Rs 590 billion) or more, according to interviews with industry executives, lawyers and analysts.
DeFi sites allow users to lend, borrow, and save credits, usually in cryptocurrencies, bypassing traditional financial gatekeepers like banks and currency exchange offices. Proponents say the technology provides cheaper and more efficient access to financial services. The site highlighted the vulnerability of DeFi sites to crime. Potential thieves are often able to exploit flaws in the open source used by websites. And since regulation is still sketchy, there is generally little or no recourse for victims.
Centralized exchanges that act as intermediaries between buyers and sellers of cryptocurrencies were previously the main target of crypto cyber heists. For example, the Tokyo-based Mt.Gox exchange collapsed in 2014 after losing $ 500 million to hacks. Coincheck, also based in Tokyo, was hit by a $ 530 million (approximately Rs.3,930 billion) robbery in 2018. Many major exchanges that are under regulatory focus and attract large investors have stepped up security and raids to such an extent that they are now relatively rare.
Less secure
A responsibility for security on major platforms like Coinbase Global has pushed the less secure places aside, said Ross Middleton, chief financial officer of the DeFi DeversiFi platform. “What’s happened is the big exchanges have got really good (on security) and they no longer exist, “he said. The limit is now definitely DeFi. Crime losses on DeFi platforms are at an all-time high, crypto intelligence firm CipherTrace said last week, leaving thieves, hackers and fraudsters $ 474 million from January to July Looted US dollars (approximately 3,510 billion rupees).
The spike came as funds poured into DeFi, reflecting overall flows in cryptocurrencies. According to DeFi Pulse, the total value of such websites is now more than $ 80 billion (about 590 billion rupees) compared to just $ 6 billion (about 44,490 billion rupees) the year before. DeFi specialists say that security risks usually lie with newer websites that can be run with less secure code. “There is a widening security and risk gap between old, battle-tested DeFi protocols, and new, untested DeFi protocols,” said Rune Christensen, former director of the panel behind the high-profile DeFi App Builder.
Proponents say that using open source code means users can quickly identify and fix vulnerabilities, reducing the risk of crime. DeFi can police itself, they say. Yet for financial watchdogs and governments across the world looking at regulating the crypto sector, DeFi is always more focused.
Enforcement action
US Securities and Exchange Commission (SEC) chairman Gary Gensler has signaled that he will take a tough stance on DeFi as these platforms are subject to US securities laws and this month launched his first enforcement action with DeFi Technology launched, claiming the company has unregistered securities and mislead investors. The SEC did not respond to additional questions about their position.
Officials with the US Commodity Futures Trading Commission have also warned of increased scrutiny. In June, Commissioner Dan Berkovitz called DeFi a “Hobbesian market” in reference to a 17th century philosopher who viewed life without government as “unpleasant, brutal and short”. Derivatives platforms violate commodity trading laws, he suggested. In other places the movements are slower. DeFi is still a long way off the political agenda in the UK, for example, the industry is not regulated.
For some analysts, tighter regulation is inevitable, and there is little evidence that DeFi sites can do the job for themselves. “The unfortunate situation is that (Poly Network) was seen as the average Tuesday in the DeFi world,” said Tim Swanson of the blockchain firm Clearmatics. “The industry likes to congratulate itself by saying that it lives in transparent systems, but has repeatedly shown that it is unable to control itself.”