Slow response gives DeFi hackers free rein

Decentralized finance (DeFi) hacks cost crypto investors more than $2 billion in the first six months of the year alone. That’s more than all of 2021, so why aren’t regulators and politicians focusing more on them?

Those numbers could get a lot worse, according to crypto security firm CertiK. Losses are forecast to more than triple 2021 numbers by the end of this year.

And yet, even the recent attempts to create a US regulatory framework for cryptocurrencies have largely ignored DeFi, as has Europe’s fully-agreed Crypto Asset Markets Bill (MiCA).

There are a few reasons for this, not the least of which is that regulating DeFi — where projects claim to be so decentralized that there is no central administration at all, just smart contracts — is much harder than regular crypto and stablecoins.

But that’s also where the need is greatest, said Sen. Elizabeth Warren (D-Mass.), who focused her crypto skepticism on decentralized finance in a Senate Banking Committee hearing in December.

Continue reading: Sen Warren calls DeFi the “most dangerous” part of crypto at Senate hearing

It’s “where regulation is effectively absent and — no surprise — this is where the scammers and scammers and the scammers mingle with part-time investors and first-time crypto traders,” she said.

Great need

And yet the costs are devastating – both in the short term, of course, for the tens of thousands of individuals who have lost money to various DeFi hacks, and in the long term, for people’s ability and willingness to make payments for crypto projects and blockchain platforms.

This particularly affects cross-chain payments, which dramatically expand the usefulness and value of these projects and platforms.

This is because most of these stolen funds come from what are known as bridge projects, which facilitate these payments and essentially allow users to deposit a cryptocurrency that can be used on a blockchain and borrow tokens used by and issued on another blockchain and return them to unlock their original assets.

These include the $620 million Ronin hack in March, a $320 million Wormhole hack in February, a $100 million Harmony hack on June 24th and the $190 million Nomad hack on August 1.

See also: Crypto’s $100M Hack and Cross-Chain Payments Problem

It’s hard to say what impact these bridging programs will have, but they rely on users trusting their funds will be available when they want to withdraw them – much like stablecoins, which have had their own problems. And since bridges are getting a bad rap, that plausibly cannot go on.

Then there are these algorithmic stablecoins, which represent a growing corner of the DeFi market. However, the $48 billion run and collapse of the Terra/LUNA stablecoin ecosystem in May has cast doubt on the viability of these projects, although many people would argue that’s a good thing.

In fact, the closest crypto legislation to an actual vote — and which lawmakers still say could pass in the current session — is a stablecoin bill that would effectively ban stablecoins algorithmically tied to dollars.

Related: How the collapse of a $48 billion stablecoin rippled over crypto

Additionally, the crypto lenders that nearly went bankrupt or went bankrupt after the TerraUSD stablecoin collapse were centralized projects, but one of DeFi’s core offerings are lending/borrowing platforms, which come with many risks of their own.

Small action on the horizon

The only fully drafted proposal, the Responsible Financial Innovation Act by Sens. Cynthia Lummis (R-Wyo.) and Kirsten Gillibrand (DN.Y.), largely eschews DeFi.

First, it orders the Secretary of the Treasury, the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) to work with industry participants to “analyze the market position of decentralized finance technologies in relation to digital assets” and report back to Congress on it Year.

Not with political recommendations, mind you, only with facts and figures.

Additionally, it directs the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) Innovation Lab to recommend changes in laws, policies and regulations to “more effectively facilitate the oversight of financial technology,” all digital assets, distributed ledger technology (the basis of the blockchain) and DeFi.

Things are no better in the European Union, either, where the mature and (presumably) soon-to-be-enacted MiCA law has largely “left out” DeFi, wrote Diego Ballon Ossio, a senior associate at global law firm Clifford Chance, in a July 1 blog about the Legislation.

However, he added that “there is a review clause built into the rulebook that will likely result in specific regulatory regimes at a later date”.

Additionally, “crypto assets issued by a DeFi protocol are still considered crypto assets,” so exchanges and other crypto asset service providers (CASP) that list or trade them are breaking the regulations for other digital assets have to comply with .

For all PYMNTS crypto coverage, subscribe to the daily newspaper Crypto Newsletter.



Around: The results of PYMNTS’ new study, The Super App Shift: How Consumers Want To Save, Shop And Spend In The Connected Economy, a collaboration with PayPal, analyzed the responses of 9,904 consumers in Australia, Germany, the UK and the US and showed a strong demand for a single multifunctional super app instead of using dozens of individual apps.

Leave a Comment