DeFi weekly selection 丨 Lightning attack or new normal, should I buy insurance for DeFi?

In this issue:

  1. DeFi data for one week: Defi ecological lock-up funds fell to 1.29 billion US dollars, which is 18.16% less than last week
  2. A Comprehensive Interpretation of Lightning Loans: Why Will Lightning Attacks Become the New Normal?
  3. Should you buy DeFi insurance? In-depth comparison of Nexus Mutual and opyn
  4. The existence of DeFi may make ProgPoW upgrade short-term
  5. The first DEX based on zkRollup technology is launched, and the settlement cost is less than 10%
  6. Lending platform Compound issues governance tokens and explores decentralized governance
  7. to sum up

According to the Defi data from dapptotal statistics, the total value of DeFi application hedging last week has dropped significantly. As of now, it is about 1.29 billion U.S. dollars, which is 18.16% less than last week. Among them, Maker ’s locked position is 456.2 million U.S. dollars, accounting for 35.01%. US $ 23718 million, accounting for 18.35%, and Edgeware's lock-in position was US $ 160 million, accounting for 12.43%.

2

In addition, the data shows that the current ETH lock-up volume of the Defi ecosystem is about 3.7 million ETH, which is an increase of about 40,000 ETH last week.

A Comprehensive Interpretation of Lightning Loans: Why Will Lightning Attacks Become the New Normal?

In response to the recent bZx attack, Haseeb Qureshi, managing partner of Dragonfly Capital, wrote :

"The recent bZx hack has given us a sneak peek. I suspect this is just the beginning. Why is Lightning Loan a weapon for attackers? There are two main reasons.

  1. Many hacks require a large amount of upfront funding (such as manipulating the price of Oracle coins). If you get a positive return of 10 million USD of ETH, it should not be an arbitrage transaction.
  2. Short-term loans can minimize the taint of attackers. If I have an idea of ​​how to manipulate Oracle Coins with 10 million USD of ETH, even if I have that much ETH, I may not want to risk it with my own funds. My ETH may be stained, the exchange may refuse my deposit, and the difficulty of money laundering is greatly increased. risky! But if I loan $ 10 million with Lightning, who cares? All parties will benefit. My loan source, dYdX's mortgage pool will not be polluted, and dYdX's pollution has disappeared to some extent. "

Therefore, it believes that lightning attacks will continue to occur, and the existence of lightning loans has also given Ethereum a new reason to transition to Ethereum 2.0 as soon as possible.

Article link: https://www.8btc.com/media/561659

Should you buy DeFi insurance? In-depth comparison of Nexus Mutual and opyn

We mentioned the bZx attack above, and the management partner of Dragonfly Capital also thinks that similar lightning attacks will occur, so how to deal with it?

Obviously, insurance applications will become the focus of DeFi players. However, insurance applications in the current DeFi ecosystem are still in a very early stage. For example, Nexus Mutual and opyn are two prominent examples. The current scale is very small. The effective insured amount like Nexus Mutual has just exceeded 3 million US dollars, and there are only 239 insurance policies. The platforms with the most insured amounts are:

  1. flexa ($ 770,000);
  2. compound (US $ 526,000);
  3. dydx ($ 474,000);
  4. MakerDAO ($ 294,000);
  5. ParaSwap ($ 220,000);
  6. Uniswap ($ 215,000)
  7. In addition, Nexus Mutual has recently paid for related policies, but it is interesting that it did not pay every claim. Of the 6 claims so far, only three have been approved. The details are as follows:

    1. The first bZx 30,000 DAI claim was rejected and seven of the eight evaluators voted down;
    2. The second bZx 4 ETH claim was accepted and all 4 appraisers voted for permission;
    3. The third bZx 30,000 DAI claim form was accepted, and 9 out of 10 appraisers voted for approval (interestingly, this claim form was actually the first reapplication for the first form);
    4. The fourth bZx 50,000 DAI claim was rejected. The policyholder purchased the bZx during the period between the first attack and the second attack, and the second bZx attack was a problem of the oracle;
    5. The fifth bZx 2,600 DAI claim was accepted;
    6. The sixth InstaDApp claim was rejected;

    1

    Where did the money for these claims come from? In theory, it should be the insurance money involved in the policy.

    For example, the current policyholder has insured a list worth $ 10,000 on the platform and chooses a duration of 5 months. The insurance premium he needs to pay for this is about $ 54. Therefore, the insurance premium Nexus Mutual has obtained so far is actually Is very small (currently only about 26,000 US dollars).

    5

    The other source of funding is the entry threshold for membership. Membership fees: Before participating in the policy, you need to become a member. This requires KYC and a one-time membership fee of 0.002ETH. There are only 239 policies, so the membership fee involved with Nexus Mutual is currently only about 0.478 ETH.

    If you rely solely on these funds, Nexus Mutual will not be able to pay the few bills (about 33,400 US dollars) paid in a row.

    So how to ensure that the insured can get compensation?

    This involves the mortgage asset minting insurance token (NXM). The specific mechanism is not described in this article, and the relevant data is directly given: At present, the participants' mortgaged assets in the Nexus Mutual contract are about 13271.69 ETH, and the total amount of insurance policies involved The amount is approximately 15100.62 ETH.

    4

    Therefore, in summary, in the future, if similar hacking incidents occur again and the participants have insured the relevant assets, whether they can get compensation may depend on the following factors:

    1. The nature of the attack, for example, if the attack belongs to the oracle problem, the claim will be rejected , and there are many similar reasons for rejection (refer to here );
    2. The time when the claim was initiated, such as a 30,000 DAI claim, which was rejected for the first time and accepted for the second time, which was mainly related to voters' views on the attack;
    3. The amount of the claim, if the amount of the claim issued is too large, far beyond the scope of the fund pool, it may be rejected (Note: The largest Nexus Mutual policy I have observed is for the Flexa platform A sum of money, which involved an amount of $ 217,000, if a hack occurs, the insured may be rejected by the voter after the claim is initiated)
    4. The nature of the claim, if the policy was insured after the loophole was disclosed, it may not be possible to obtain compensation after the accident (in order to prevent fraud) ;
    5. The ratio of funds in the asset pool to the funds required for underwriting (MCR%). A ratio higher than 100% means that the current platform is in a healthy state, and voters will judge whether to claim compensation based on this ratio ;

    In order to increase the MCR ratio, Nexus Mutual is working to modify the rules on insurance pricing . In general, insurance costs will rise overall, and the rates for large orders will be relatively low.

    Let's talk briefly about the Opyn platform. Unlike Nexus Mutual, the insurance of the Opyn platform is based on a derivative method. It currently provides deposit insurance services for Compound (especially DAI and USDC deposits). The insurance pricing is based on the market price of oToken on Uniswap. And suppose you have a problem with your compound deposit. In theory, you can make a claim at any time and get a compensation. The following is what happens automatically in the background:

    1. You sent your USDC / DAI to Compound, and the value of these coins was compromised due to a hacking event or other crisis;
    2. You send the insurance token back to the agreement;
    3. You immediately receive the insurance money paid by ETH;

    So who is providing insurance? Opyn is a bilateral market, and any individual who is interested in collateralizing ETH and earning insurance premiums can provide insurance. This is an over-collateralized design market with a minimum guarantee ratio of 160% , which means that for every $ 1 of insurance, $ 1.6 of funds is locked behind, and those who provide insurance can be on Uniswap Sell ​​oToken to insurance buyers and earn premiums. You can also add oToken to the Uniswap pool and earn transaction fees from other users' trading activities.

    However, this also exposes participants to the risks of the USDC, Compound, Opyn, and Maker agreements. If an adverse event occurs and the related agreement is hacked, participants may lose some or all of their collateral.

    For the insured, they are facing the problem of reducing the annualized income of DAI and USDC. For example, the annualized income of DAI is about 8.08% before being insured, and only 4.49% after being insured.

    2

    Since the agreement was just launched on the Ethereum mainnet, there has not yet been a payment slip, and the rationality of its design has not been verified.

    In general, although Opyn and Nexus Mutual belong to the DeFi insurance platform, they are different in the markets they are good at. Among them:

    1. Opyn requires over-collateralization, with a minimum of 160%, while Nexus Mutual's design is low-collateralized;
    2. Nexus Mutual targets extreme risk situations, so the claims process will be relatively complicated and its insurance costs will be relatively cheap;
    3. Opyn is faced with a high probability situation, claims may be easier, but insurance costs are relatively higher;

    The existence of DeFi may make ProgPoW upgrade short-term

    Recently, the Ethereum community's debate on the ProgPoW hash algorithm has become the focus again. Some developers hope to include it in the next hard fork upgrade. Younessi posted:

    "Due to the ProgPoW algorithm, decentralized finance (DeFi) will be at risk. If you care about mortgage-based DeFi systems, such as Maker / Dai, Compund, dYdX, etc., please consider your position on ProgPoW. I think the current priority is It is to prevent controversial divisions, not to approve / deny ProgPoW (PP).

    If the implementation of the ProgPoW algorithm is promoted, Ethereum will likely have a controversial split, because there must be someone who wants to make non-ProgPoW blockchains also have sufficient economic value. Even if the split is only temporary, a large amount of collateral will be liquidated immediately. " Article link: https://www.8btc.com/article/562481

    At present, ProgPoW is unlikely to be accepted by the Ethereum community in the short term.

    The first DEX based on zkRollup technology is launched, and the settlement cost is less than 10%

    Last week, the first unmanaged DEX Loopring based on zkRollup technology was launched on the Ethereum mainnet. Its theoretical TPS on the current Ethereum PoW chain can support up to 2,025, but due to the existence of a relay layer bottleneck, it currently only supports 100 TPS .

    After optimizing the zero-knowledge proof libsnark source code, Loopring's settlement cost can be further reduced to $ 0.000124 per transaction ($ 1 million transactions $ 124), and the proof cost is reduced to $ 0.000042 per transaction ($ 1 million transactions $ 42) ), This improvement greatly reduces the transaction costs of participants.

    Link: https://medium.com/loopring-protocol/zksnark-prover-optimizations-3e9a3e5578c0

    Of course, having these technological advantages does not mean that Loopring will definitely achieve good results. For example, the platform still has problems such as insufficient liquidity, and these belong to the scope of operations.

    Lending platform Compound issues governance tokens and explores decentralized governance

    Last week, Compound, the lending platform, announced the release of the governance token COMP , creating a community organized by token holders, giving the community permission to change proposals, such as proposals, voting, and implementation, thereby replacing the current development team's Centralized governance.

    And many current administrator keys for the DeFi protocol are actually controlled by the development team, which has been criticized by many people, and explorations like Compound are worthy of attention.

    Article link: https://www.8btc.com/media/561527

    to sum up

    Although the recent bZx attack has caused a lot of negative impacts on the Defi ecosystem, it is also said to bring out the value of insurance applications. Of course, the current related applications are also in the early stages of exploration, and whether their design is reasonable, this still needs to be There are more practical verifications. The thunderstorm of Fcoin also reminded us of the problems of the centralized platform again, which is also the significance of DeFi, and technologies like zkRollup can greatly reduce users' dependence on the centralized trading platform.