Zi Cen: DeFi first needs to prove that it is not a poison
I have always said that DeFi is just an antidote we imagined.
From the golden period of the public chain track created by the rise of Ethereum in 2017, to the horrific downward trend for a whole year in 2018, this horrific sight has turned into darkness in 2019. The blueprint of the project description looks beautiful, but when we enter the death spiral of the bear market, almost all visions become a joke. Judging from the data on DAppReview, even the most active DApps on all public chains have only a few hundred daily activities, and the data is very bleak.
In the beginning, DeFi was actually just an antidote for ETH. After the popularity of ICO faded in 2018, the Ethereum community had to face an embarrassing situation, continuing to lose blood and going down all the way. Ethereum without the Staking function needs an antidote to lock up the liquidity that has nowhere to be placed after the ICO. This antidote is DeFi.
Remember, it is the Ethereum community that needs DeFi to be a revolution. Therefore, it is indeed motivating the whole people to promote the development of DeFi. The great progress made by DeFi projects such as MakerDAO in recent years is a very gratifying signal. However, the decentralized pledge issuance model widely adopted by DeFi actually originated from the design of BitShares, which was officially launched in 2014. Although the successors have used various methods to optimize the design of this model, they still cannot get rid of the almost uncontrollable snowball bubble accumulation when the market is bullish, as well as the liquidity crisis and black swan curse when the currency price falls sharply.
Then, DeFi became the antidote for all public chains. Think about it, what are the public chains doing? DApp, digital identity, cross-chain protocol, asset on-chain, decentralized exchange, and DeFi. Everyone is doing and wanting to do everything, why? Because there is really no move. But in the end, DeFi became the hottest direction, and the reason is very simple, because only DeFi is the application that can really lock liquidity.
But we still can't get rid of the embarrassment, "There is nothing to do in a bull market, and nothing to do in a bear market."
However, DeFi is a new ecology that has not undergone a long-term security attack and defense test, and cannot escape various unknowns, including black swans.
However, Uniswap and Lendf.me have been attacked one after another. The recent intensive thunderstorm incidents, especially the cumulative loss of Lendf.Me of more than 24 million US dollars, almost directly returned to zero, brought a sharper torture to DeFi. If the open source system cannot be guaranteed Funds are safe, and you don't even have the ability to prove that you're not a poison. DeFi at least needs to get out of the shadow of the thunderstorm before it can prove itself to be a real revolution, but everyone seems a little overwhelmed.
The attack on CeFi does not help DeFi break through its own bottleneck. Fans of DeFi often challenge the centralization risk of CeFi, but in fact, the CeFi cold, warm and hot wallet system controlled by multi-signatures, why can’t it be understood as another dimension of DeFi?
Take RenrenBit as an example, post our daily defense against hacker attacks, and you can find out what kind of offensive and defensive confrontations RenrenBit has been facing since its launch. The centralized platform has designed a cold, warm and hot wallet system, with full-link capital flow security risk control, intrusion detection/defense and analysis at the host network layer, and multi-signature + MPC/TEE/HSM combination as the last line of defense. These are almost all mature security solutions. Although they also have great security challenges, they are relatively easy to implement and deploy as long as there is a professional security team. But even so, we still dare not be careless.
What about DeFi? DeFi is tantamount to a streaking hot wallet. The DeFi ecosystem is still in its early days, and the smart contract Code is Law means that the code is open source without any errors. However, while some new ERC standards are rich in functions, they have not experienced much real security offensive and defensive confrontation in terms of security. Furthermore, the interoperability between internal smart contracts and external smart contracts in DeFi may also open up unknown risk entrances virtually.
We often say that no one can ever say 100% when it comes to asset security. In the face of the torture of security, the centralized platform can provide a complete security system as an endorsement, and gain the trust of users by virtue of long-term stable operation. A very real question. After experiencing the disaster of Lendf.Me almost returning to zero overnight, the same financial plan is placed in front of users. Will users choose a centralized platform or DeFi? Because in my opinion, the centralized platform can give the answer of "even if a security accident occurs, at least someone can be found, at least the compensation can be paid, and at least the rights can be protected if the compensation cannot be paid".
Schrödinger’s Lei, DeFi is still anxious in the face of the severe security situation, and it needs to go through a long process to rebuild confidence, not only for community users, but also for the core team and investors behind it.
But a realistic and deadly question, I am afraid that no one can answer it. Who should bear the financial security responsibility of the open source agreement?
Finally, back to EOS, why can’t DeFi be the antidote for EOS?
In this matter, the most fundamental difference between the EOS ecology and Ethereum is that EOS already has staking voting lock positions, and there is no need to pin the "locked liquidity" on DeFi. Locking liquidity is no longer a rigid need, and DeFi has lost the fertile soil like the Ethereum community. Therefore, even if EOS has high enough concurrency and efficiency, it is difficult for DeFi projects to be active enough.
epilogue
epilogue
Pioneers have been paying a huge cost of trial and error to practice our idealism, but we are still far from proving that DeFi is really a revolution. When we talk about DeFi, when we can no longer walk on thin ice because of potential security risks, it is not too late to use DeFi as an antidote.
To quote @曹阴:
thank you
thank you
Thanks to Yu Xian, a well-known white hat hacker and founder of SlowMist Technology, for providing professional security advice and contributing some content to this article.
