When people talk about financial services (transactions, storage, lending, etc.) in the crypto industry, they always talk about "decentralization" or "centralization." Crypto evangelists tend to believe that the former is less risky because users can trust assets without trusting their counterparties, thereby avoiding the risk of financial loss due to hacking, misconduct, government seizures, and other forms of human error Or malicious behavior.
However, reality is not black and white. Although the Platonic ideal of "decentralization" is very beautiful, the protection provided by today's products and services cannot be simply classified as "centralized" or "decentralized". It is best to understand these products and services through a series of trust models.
In this article, we will explore the concept of "trust" and analyze that it is not dualistic-but multidimensional. Then, we use these attributes to give a "trust score" to some of the top products and services in the market today and show where they all fall in the trust graph. In the end, we believe that hosting risks are not always predictable of trust scores. .
Each attribute in this article includes three sub-parts: (1) its trust map; (2) the top products and services in the crypto industry in this map; and (3) market observations.
Before scoring agreements and companies, a scoring framework needs to be established. We define five characteristics that users must face when using a product or service that affect overall trust. They are:
- Verifiable security
- Legal and regulatory protection
The scores for these attributes are determined by two questions. Question one, "How will users lose their funds?" Question two, "If they can, how can users recover the lost funds?"
There are several situations where users lose funds:
- Carrier Theft (Hosting)
- Hacking (Hosting)
- Operator freeze (hosting)
- Third party (e.g. law enforcement) freezing (hosting)
- Program vulnerability freezing (verifiable security)
- Poorly designed system leads to poor management (verifiable security)
- Changes in system rules make users easily face any of the above situations (immutable)
In some cases, users can recover lost funds through formal insurance policies (on-chain or off-chain), or using legal recourse.
Through these five attributes, we define a criterion for scoring a product or service from 1 to 5 (lowest to highest trust; higher scores are better). In the next five chapters, we will introduce each attribute, establish scoring criteria, and score 21 product and service samples. The sample source focuses on multiple product categories (covering exchanges, lending, and over-the-counter trading) and different sizes (we try to select the most famous projects and companies in each category).
Hosting is the most common attribute related to trust. However, custody is not binary. We rate custody according to the following five criteria.
Although  managed and  completely unmanaged are easy to define, the score between the two requires a deep understanding of how each product and service works. We identified three of the most relevant attributes (inspired by the research results of Chris Blec): (1): There is a management key that can confiscate or freeze funds; (2) Time lock; (3) Operational security around management keys. How many of these attributes a product or service has determines that it scores , , and . We add one point to each protocol that contains one of these characteristics. Summarized as follows:
- Custody: User assets are hosted by the operator of the project or service. For example, Coinbase is the sole custodian of user funds.
- Unmanaged, with managed keys: Assets are hosted by smart contracts, not operators. If someone (usually the developer of the contract) has the right to freeze, change, or remove the asset from the contract, the asset is potentially more vulnerable. For example, the previous version of Compound allowed management keys to take away user assets at will without time locks (but the Compound team did not do so).
- Unmanaged, with management key and time lock: This situation is the same as (2) above, except that one point is that it is more difficult for the operator to have an idea of the user's assets due to the existence of time lock. For example, the current version of Compound still allows the management key to modify the contract, but requires a 48-hour waiting period to take effect. This gives users a window of time to withdraw assets.
- Unmanaged, with management keys, time locks, and strong key operation security: This situation is the same as (3) above, but there are published and verifiable practices around the operation security of management keys. In our sample, there is no project, and its user funds security depends on a management key, and the project has time lock and strong management key operation security. This may change this year as projects improve their operational security and communicate it to users.
- Fully unmanaged: In this model, smart contracts host user assets and there is no backdoor of any kind. One example is Uniswap.
Three interesting results can be drawn from the scores above.
First, there is a trade-off between completely minimal trust (such as Uniswap) and scalability. In terms of hosting, although MakerDAO (5 points) and Uniswap (5 points) both have relatively minimal trust, MakerDAO can upgrade system parameters through a formally defined governance system, while Uniswap cannot modify existing contracts at all. This means that in many cases, in order to upgrade MakerDAO users, there is no need to exit the old contract and then transfer their assets to the new contract. On the other hand, the Uniswap system has no way to modify existing contracts or parameters. Its rules are static and cannot be changed.
Second, the most used DeFi products and services are not Platonic ideals of decentralization, but more similar to those of centralized competitors. Especially stablecoins, because stablecoins are based on fiat currency pledges, they require a higher degree of trust. The Compound and dYdX protocols deserve our attention because they occupy a considerable share of collateral in the DeFi protocol. In dYdX and Compound, the team controls the ability to modify the smart contract's management key with certain restrictions (such as time locks).
Third, almost all services with a score of 2-5 position themselves as "unmanaged", with a strong emphasis on minimizing high levels of trust and thus being more secure. In practice, some users actually bear serious hosting risks. To use these services securely, users must understand the underlying design of the system. Blind trust in unmanaged protocols is a risk in itself.
It doesn't make sense if the rules can be changed at will. Whether a rule will change depends on: (a) the motivation of authorized stakeholders to change the rule, and (b) the extent to which the rule can be changed. Since (a) is unobservable, we focus on (b)-the variability of the system.
We divide the variable between the two:  completely changeable, that is, the operator can make any changes;  completely immutable, that is, no one can modify the logic, parameters or pointers / references of the contract . The scores , , and  are determined by how much the system can change.
- Operators have unilateral authority to make changes to all levels of the system. Examples include all centralized exchanges (eg Binance, Coinbase). This may change as exchange tokens play an increasingly important role in governance.
- Operators have the power to make changes to most aspects of the system. DeFi products and services that do not issue governance tokens fall into this column (e.g. Compound).
- Operators have the right to make changes to certain aspects of the system. In our sample, the only product with a score of 3 is Unchained Capital, because their main product is a multi-sign "vault". The vault is immutable, but its subsidiary products are variable. .
- The scope for making adjustments is limited and can only be achieved through decentralized governance. Most decisions are DeFi products and services (such as MakerDAO) controlled by token holders.
- No one can make changes to the system. The only product we scored 5 points on was Uniswap.
Most of the products we come across are changeable (causing them to score 1), and even the DeFi project is not static. This means that users of DeFi or CeFi should realize that the rules of the system they use can be changed. The important thing is that even if a system seems to meet the user's trust minimization requirements at a certain point in time, the ability of operators to change the rules also means that the system's guarantees are fragile.
In most cases, changing rules is relatively harmless or even predictable; for example, centralized exchanges require users to add KYC certification (this is true for almost all major exchanges, and this phenomenon is expected to be more frequent this year). Even if this is unlikely, users need to be prepared for the worst: malicious operators tamper with the rules. The most common example is exiting a scam, where an operator freezes a withdrawal request and runs away with money (such as Bitconnect).
It is worth noting that there is an important nuance in "opt-in". For mainstream protocol upgrades like MakerDAO's multi-collateral Dai or 0x v3, users (and third-party developers) must migrate from the previous version to the new version. Users must do the same when Uniswap is upgraded to v2. The immutable version of the previous version caused friction for users (migration is very painful), but preventing malicious changes to the rules also served as a natural barrier. In these cases, developers cannot force users to upgrade-users must actively opt in.
Every investor's nightmare is to wake up one day and find that their assets have been stolen. Unfortunately for many crypto traders, this nightmare has happened in reality. Exchange hacking incidents occur from time to time, whether it is the Mentougou hacking incident as far back as 2014 or the Upbit hacking incident as recent as 2019.
But "the exchange was hacked"-because of the security breach of the exchange, hackers can obtain private keys and steal user assets-not the only way for users to lose funds. Smart contract program vulnerabilities can also cause assets to be frozen or hacked, such as the infamous Parity wallet vulnerability that has frozen more than one million ETH. Recently, a vulnerability in the margin loan agreement bZx allowed two attackers to make $ 370,000 and $ 665,000 in two separate transactions, respectively.
Therefore, users need to judge the safety of a certain product. In some cases, they have no information available-the product itself is a black box. In other cases, all code is open source and independently audited by a reputable audit company. For the former, users must trust blindly. In the latter case, they can verify the safety of the product themselves.
Please note: There are many types of audits-financial audits, security audits, process audits, and even economic audits-for the purposes of this article, we focus on security audits.
We rate  for the black box subsystem;  for systems with verifiable security. The middle area is then scored by assessing the opacity / transparency of a product and whether it is audited (and if so by whom). Auditing is better than no auditing, and it is best to have multiple independent audits. Transparent is better than opaque. (Note: Formal verification helps reduce the security risk of the contract, but this article does not consider this, because none of the items in our sample have formal verification.)
- Opaque and unaudited. For example, a centralized exchange does not have independent auditing. This phenomenon is very common in startup exchanges.
- Not transparent, but claims to be audited. For example, Tether promoted a repayment audit, but these claims were largely unsubstantiated.
- Transparent or auditable. For example, BitMEX and FTX claim that they have been audited, but we cannot find any independent reports to confirm this.
- Transparent and with an independent audit, or opaque but with multiple audits. Mainly refers to most large centralized exchanges. For example, Coinbase and Binance are opaque, but they have both performed multiple independent audits.
- The system is public in all aspects and has undergone multiple professional audits. This applies to most large DeFi products and services. Trust score
Since the DeFi protocol runs on the public chain, anyone can verify them, so one of their natural advantages is transparency (note: smart contracts are not necessarily open source, but all mainstream contracts are open source). Because user assets are always at risk and it is very difficult to write smart contracts securely, the more prominent projects in the crypto industry have undergone multiple independent audits. This also explains why users tend to use these relatively new systems for large transfers.
Over the past few years, traditional centralized exchanges have rapidly specialized. To a large extent this is the result of industry maturity and high expectations from traders.
However, there are still some cowboy-style exchanges, especially reckless (such as BitMEX) or upstart (such as FTX) exchanges. Interestingly, the lack of verifiable security has not prevented these emerging exchanges from attracting users and high transaction volumes: BitMEX is one of the largest exchanges, and FTX is one of the fastest growing exchanges. In fact, a project can claim that the lack of verifiable security is a product feature, not a vulnerability. For example, verifiable security requires KYC-something many traders are reluctant to encounter; and formal oversight by derivatives regulators-hinders innovation and new product development.
Legal and Regulatory Oversight
Although many people in the crypto industry cheer for liberation from the legal and regulatory framework (which controls daily financial products and services), most people are more inclined to have a legal system to provide recourse after an accident. In addition, people often want to know that the entities with which they do business are subject to credible regulatory and judicial systems. Institutional investors in particular want-and often need-their counterparties to provide strong legal and regulatory guarantees.
We scored this question: "If users' funds are lost, to what extent can they recover their losses through legal and regulatory protection?" Especially for DeFi products, there is currently no legal precedent to rely on, so it is necessary to Development update score. We currently try to evaluate these agreements based on current information.
- No legal protection. This applies to most DeFi products and services.
- The chances of users being protected by laws and regulations are slim. This applies to centralized financial products and services located in jurisdictions known for their easy financial regulation, such as Seychelles.
- The possibility of users being protected by laws and regulations is average.
- The possibility of users being protected by laws and regulations is high.
- Users are strongly protected by laws and regulations. This applies to centralized financial products and services in most developed countries.
Obviously, legal and regulatory oversight is the clearest of all the attributes of trust-users either have little or no legal protection or are strongly protected by law.
The agreements with the least legal and regulatory protection are those that are currently located in jurisdictions without any protective regulation. If something goes wrong, the user does not know which law enforcement agency or regulator should handle it (if there is such an agency).
Although open financial agreements haven't been tested by the courts, companies-even those located in less-judicial jurisdictions such as Seychelles-are subject to some laws. We give these exchanges two points because there are some judicial systems that deal with the loss of funds.
In the far right column of the map, the companies that provide the strongest regulatory protection are usually located in developed economic regions such as the United States, Europe, South Korea, China, and Japan.
The insurance in the crypto industry includes what we are very familiar with-the Federal Deposit Insurance Corporation (FDIC) guarantees most banks in the United States, and there are also very novel-such as decentralized insurance against the loss of user assets due to smart contract loopholes.
Coinbase is the benchmark in cryptocurrency exchanges. In addition to FDIC cash deposit insurance of up to $ 250,000 per user, Coinbase also provides crypto deposit insurance for users' hot wallets.
Although most cryptocurrency exchanges do not have insurance like FDIC for deposits, some offer other unique forms of insurance. For example, Binance's SAFU fund. Founded in July 2018, the SAFU Fund deposits 10% of Binance's transaction fees into a wallet to compensate users for losses caused by extreme events (such as hackers). So far, Binance's SAFU Fund has been used once in the May 2019 Binance hacking of 7,000 BTC. After the hacking, Binance used SAFU funds to make up for user losses.
The SAFU fund protects users' deposits from hackers and other unexpected loopholes, while BitMEX's insurance fund provides insurance to traders in the event of excessive leveraged counterparty defaults. The BitMEX insurance fund is essentially a Bitcoin account. As a product of BitMEX clearing income, the balance of this account has been growing slowly for many years. With the advent of BitMEX insurance funds, other exchanges (including Binance, FTX, OkEx, etc.) have also set up similar insurance funds. However, most, if not all, of these insurance funds are escrow, so it may be a matter of opinion-maybe one day the exchange will use its SAFU fund to support its clearing fund!
It should be noted that some decentralized protocols also have insurance mechanisms to deal with extreme situations. For example, in the Maker system, for whatever reason, if the mortgage pool is in a state of insufficient mortgage, the agreement will release MKR to compensate for these losses. In the short term, this approach has resulted in the dilution of MKR holders' tokens, but it guarantees the agreement's ability to repay.
But most DeFi agreements (including those like Synthetix and dYdX) and small offshore exchanges do not provide any form of formal insurance. If the user's funds are encountered unexpectedly, the user's funds will not be compensated. In this case, users can insure against third parties who are willing to bear the risk of smart contracts. Although few of these services (such as Nexus Mutual and Opyn) are experimental, they are all experimental. We will mention them but will not take into account the ratings.
Our ratings for insurance are as follows:
- No insurance. This situation includes almost all DeFi projects and some exchanges.
- Some areas have insurance (such as excessive leveraged bankruptcy). Exchanges that provide margin trading (such as BitMEX) often set up insurance funds for this particular form of risk.
- Some kind of semi-formal insurance. Some exchanges have non-standard insurance, such as Bakkt's $ 125 million policy against BTC assets; BlockFi's asset structure prioritizes user compensation during liquidation.
- Partial insurance (such as FDIC). For example, Coinbase provides a certain amount of insurance for fiat currencies and crypto assets.
- Full coverage insurance. None of the companies in our sample provide comprehensive insurance, and we do not believe that this situation will change in the foreseeable future.
Overall, the crypto market currently offers very little insurance.
At the far right of the map is deposit insurance. From guarantees for cash deposits only (such as FDIC insurance) to comprehensive insurance for cash and crypto deposits. The middle section includes some informal or extreme insurance coverage.
At the other extreme, users don't have any formal insurance. This situation includes DeFi products and services native to smart contracts, as well as some customized crypto financial products (such as USDT).
Although DeFi products may not provide native insurance, it is worth noting that with the development of the crypto industry, third-party smart contract insurance may play a greater role. Since its launch in 2019, demand for Nexus Mutual has grown significantly.
It is also worth mentioning that even if there is no clear insurance on many things, when things go wrong, many exchanges still genuinely compensate their customers. In particular, Coinbase and Binance have kept user assets intact in the event of a system failure (such as a flash memory crash) or a hacker attack.
Most users are accustomed to the insurance of traditional financial products and services, but the crypto market is not yet mature enough, so users cannot take it for granted. And the vast majority of economic activity was born from the lack of strong, traditional insurance.
When trying to draw conclusions from these assessments, it is important to know that different users have different needs. So instead of giving an overall score (such as using a simple or weighted average), we focus on considering each individual attribute. The figure below uses a radar chart to visualize the trust model of each protocol and enterprise.
We specifically show four items: 0x (blue), BitMex (orange), Coinbase (yellow), and Compound (green). 0x occupies most of the area on the right side of the image, while Coinbase occupies most of the area on the bottom left corner. Compared to Coinbase, Compound is more similar to 0x (this is easy to understand because they are both "DeFi") but occupy a smaller area because the current Compound requires more trust than 0x. BitMEX seems to need more trust than other crypto products or services.
In addition, we can think that different users prefer different dimensions of trust. For example, a decentralized advocate may value hosting, immutability, and verifiable security more than legal and regulatory protection. So if they can choose, they would prefer to use a protocol (such as 0x) instead of Coinbase. Institutional investors, on the other hand, may prioritize insurance, legal and regulatory protection and verifiable security, while preferring escrow services and variability. Their ideal product looks more like Coinbase.
Finishing thoughts: bZx attack
On February 15, 2020, bZx (a "decentralized" margin lending and trading platform) savers lost a total of $ 620,000. In this incident, an attacker exploited the vulnerability of the bZx platform smart contract, opened a low-collateralized position, and manipulated the decentralized exchange order book with insufficient depth, and finally made a profit of $ 370,000 (minus the Uniswap slip Point loss after some potential gains). This post by Korantin Auguste explains the mechanics of this attack.
So although the bZx protocol is considered to be decentralized, the user's funds are actually lost. The bZx agreement is "unmanaged" and requires no license (as they advertise on their website).
So let's evaluate the scores of the five attributes of bZx (shown in bold):
- Hosting: 2 points. Unmanaged, with management keys, no time locks, and no verified operational security for management keys.
- Immutable: 1 point. Decisions are made unilaterally by the bZx team. Although the platform issues a native token for governance, so far the token has never been used for any decision.
- Verifiable security: 3 points. The bZx platform is open source and has been audited by an independent auditor. But after the audit, the code was modified several times, which also explains why there are still loopholes in smart contracts. The importance of recent audits is also emphasized.
- Legal and regulatory protection: 2 points. The company appears to be registered in the United States and may be protected by law, but there is no precedent for such incidents.
- Insurance: 1 point. There is an insurance fund, but in reality the reserves are zero.
bZx's trust radar chart is as follows:
First, let's understand the background of this attack. In order to implement this bZx attack, the attacker must keep some wBTC collateral in the bZx loan with a low pledge rate. The bZx team believes that the best option is to immediately liquidate these collateral and then repay interest based on the depositor's principal. At the time of bZx's Postmortem Analysis, the market value of those wBTC collaterals was 1,902.26 ETH, meaning that 202 years of interest could be paid on the lost principal loan.
By 2222, the entire borrowing pool would need to collectively bear a loss of 4,698.02 ETH. However, such a long period of 202 years has been sufficient for the bZx insurance fund to grow significantly. When the loss really needs to be settled, the bZx team expects the insurance fund to fully cover the loss.
This leads us to our first observation: the bZx team can minimize losses by using management keys. With the management key, they can terminate the agreement and liquidate the collateral to pay interest to depositors. Although managing keys reduces the unmanaged nature of the system, it also allows the team to intervene when problems occur.
Our second observation is that although bZx has an insurance fund designed to deal with excessive leverage defaults, it has no insurance on user deposits or smart contract vulnerabilities. If users are dealing with smart contract vulnerabilities, they can go through a third-party insurance provider (such as Nexus Mutual). A few users did this, and Nexus Mutual compensated policyholders for a loophole in the bZx agreement. This is the first time in history that a decentralized insurance pool has compensated users who have lost funds due to loopholes in smart contracts.
Finally, and most importantly: Although bZx scores high on verifiable security (transparent and at least one independent security audit), the team upgraded the system thousands of times after the audit. The importance of considering the timeliness of security audits was emphasized.
The final loss of this bZx event is relatively small (about $ 1 million in total), but it is easy to think that there are more malicious participants in a larger system, which may cause more serious losses.
Limitations and future work
We show a high-level framework and market analysis in this article. To achieve this, we must choose complex and subtle themes and simply rate them 1-5. Although we believe that the approach taken in this article can successfully outline the general outline of the market, there are many topics that are beyond the scope of our research and are worth analyzing in the future.
Specifically, our method:
- Provides a framework for thinking about "trust", but does not directly provide users with tools to compare products across the board.
- It does not take into account the "predictor risk" or some kind of risk caused by a product or service due to an error in the predictor.
- It does not solve the problem of centralization of the product due to the concentration of token holdings.
- Focus only on security audits and ignore other forms of auditing such as financial, procedural, and economic.
- Regarding law and regulation as a homogeneous subject, in practice, law and regulation are very complicated, and there are many nuances based on factors such as geography.
Over time, we will gradually improve our research methods and welcome your feedback.
The purpose of this article is to start a conversation about what trust really means to users of crypto financial products and services. Obviously, putting a one-on-one label on decentralization or centralization is not enough to let users know the risk level of their funds. A more complete picture is provided by evaluating custody, immutability, verifiable security, legal and regulatory protection, and insurance. Today's protocols cover a wide range of trust models, but users are unlikely to understand the risks these models pose to their funds.
On the escrow side, we found that because of the management keys that allow operators to freeze or withdraw user funds, many unmanaged services actually expose users to significant escrow risks. In many cases, this risk can be eliminated through time locks and verifiable security operations, but it is important to keep users aware of such risks without blindly trusting unmanaged products and services.
In terms of immutability, we found that the rules of the system can be modified in most cases. So the guarantees for the other four attributes also change. For the most part, we believe these changes will benefit users. But in some cases, operators will abuse this trust (such as exiting a scam), so users need to know how the rules of the system can change and how it will change.
In terms of verifiable security, we found that DeFi projects naturally earn high scores because of their inherent transparency and their multiple independent security audits. Interestingly, we found that with the large-scale specialization of exchanges in the past few years, centralized products can also get high scores.
Regarding the law, we found that users either have strong protections or no protection at all. Unless a product or service is provided by a U.S., European, Chinese, Japanese, or Korean company that has comprehensive protection, users should assume that they are not protected by law.
Finally, regarding insurance, we were surprised to find that even the largest exchanges have only a few insurances. Of these, only Coinbase insures crypto and fiat deposits. Except for "insurance funds" that deal with excessive leverage defaults, the DeFi agreement has no native insurance. This may bring some opportunities for third-party insurance companies such as Nexus Mutual and Opyn, but we need more practical examples to understand the feasibility and practicality of such services.
In summary, this article makes a multi-dimensional observation of trust, and shows how difficult it is for users to fully evaluate the trust model and its risks. We hope that the framework of this article can provide users with a way to evaluate trust, while allowing developers to think critically about the design of their systems and the room for improvement (in fact, the protocol development team has been improving regularly to reduce user risks, such as MakerDAO adds a time lock; the Compound team moves towards centralized governance). In addition, we sincerely welcome the industry to provide valuable feedback on this article with a view to working together to promote the development of the crypto industry.
Thanks to Calvin Liu, Nic Carter, and Cyrus Younessi for their valuable comments on this article.
Disclosure: Multicoin Capital invests in Bakkt and holds both BTC and USDC tokens.
Source link: multicoin.capital