Viewpoint | Lightning loan risk may be higher than expected, security is a problem that DeFi boom must solve

For Ethereum, the world's second largest cryptocurrency, finance seems to be its most important use case. Decentralized finance (DeFi) supported by the Ethereum smart contract blockchain can provide valuable benefits to those who currently cannot use traditional forms of finance. However, the topic of DeFi continues to be controversial due to doubts about the degree of decentralization that DeFi has achieved so far and concerns about DeFi's security vulnerabilities.

Source: Pixabay

ConsenSys Diligence co-founder Gonçalo Sá discusses issues related to DeFi security and lightning loan attacks in the latest episode of the Epicenter podcast.

• Viewpoint | Implications of paper currency trading in the epidemic: Stable currency value is very important to circulation value, and privacy coins will replace the anonymity advantage of paper currency
• Opinion | Morgan Creek Founder: Bitcoin was born for the financial crisis, and volatility is its feature
• QKL123 market analysis | Emergency rate cut + quantitative easing again, the dollar fell and gold rose … Bitcoin will welcome the big test (0316)

He emphasized that some security assumptions have been completely broken and that Lightning Loan can be used to atomically break the DeFi protocol. He went on to add:

"In a sense, these may have happened there. Some big whales have the ability to carry out such attacks, but doing so has a reputational risk."

He pointed out that if whale accounts were to carry out attacks, their reputation would be at risk.

"Big whales have an incentive not to disrupt because they also invest in these ecosystems. They invest in the network to achieve success."

However, Gonçalo Sá also pointed out that although such loopholes still exist, the community has responded positively and has taken active measures to prevent such attacks from happening again. He says,

"I think when I first started in this area, Ethereum was very messy. A lot of things were wrong. But then, people from older industries became accustomed to adopting standards and proper methods to ensure a safe life for products and development. cycle.

Although Lightning Loans was initially thought of as an innovative form of unsecured lending, earlier this year, users exploited system vulnerabilities to spark debate within the ecosystem. In the lightning loan attack, users borrowed about 10,000 ETH and could use the loopholes in the protocol to get a profit of $ 350,000.

Crypto analysis company Arcane Research pointed out in a report that DeFi was under tremendous pressure due to the lightning loan attack on bZx in February. The report shows:

"Attackers use the wrong code and poor liquidity in DEX to manipulate various ETH trading pairs, creating considerable profits and giving bZx an outstanding loan. In DeFi applications, the code is always the law. To For DeFi to thrive, code loopholes and restricted feeding based on decentralized exchanges with poor liquidity are a challenge that must be addressed. "

We will continue to update Blocking; if you have any questions or suggestions, please contact us!