- SymBytes
- Posts
- WTF is Economic Security in Web3? 📉
WTF is Economic Security in Web3? 📉
We asked the question to a bunch of experts in a recent X Space, here are the takeaways
Saurav
March 11, 2024
Did you know that >55% of DeFi hacks are due to economic attacks (& not code exploits) ???💸
But this crucial area remains under the radar in DeFi - and most protocols continue to focus only on smart contract audits.
This leaves the door open to many more exploits in the future, which is a HUGE risk given the increasing complexity and magnitude of the attacks.
Economic Security is a critical - but not so understood - aspect of risk management in DeFi
In a recent Twitter space, economic security experts Chainrisk co-hosted a twitter Space with us on the topic. (Read Chainrisk’s story - from hackathon afficionados to economic risk whizzes)
We had some phenomenal speakers join in - and some surprise guests as well.
A nice long chat about everything around the Gauntlet drama and Economic Risk in general
All in all we wanted to tackle three broad topics - a) why did Gauntlet leave Aave, b) WTF actually is Economic Risk, and c) is Economic Security geared up for the future of DeFi
Here’s a summary of what was discussed 👇
( You can listen to the entire Spaces audio here : https://x.com/chain_risk/status/1763232186898235404?s=46 )
What Caused AAVE to Part Ways With Gauntlet..? 🤔
Gauntlet’s post on AAVE DAO, parting ways
Gauntlet's departure from Aave reflects the nuanced landscape of DeFi partnerships and strategic alignments.
📌 Throughout their collaboration, Gauntlet provided invaluable insights and risk management strategies to bolster Aave's protocol resilience. However, whispers of potential conflicts of interest emerged, suggesting that Gauntlet's involvement with multiple DeFi protocols could create tensions or biases.During the Spaces, speakers delved into the complexities surrounding Gauntlet's departure. The debate revolved around differing visions and strategic directions between Gauntlet and Aave.
While Gauntlet's departure was characterized by amicable terms, it underscored the challenges of maintaining symbiotic relationships in the dynamic DeFi ecosystem.
Here’s what caused Aave to lose confidence in Gauntlet 👇️
⬛️ A black box model: To start with, Gauntlet’s risk model was opaque and gave no confidence to the community
🤺 A competitor emerges: In Sep22, a real competitor in the form of Chaos Labs came up, and offered to share seats at Aave’s risk management table. Their involvement was initially challenged by Gauntlet, Chaos offered to work for free for the first 6 months of the engagement. They did that - and continued on. Fast forward to Nov23, when Gauntlet proposed a renewal of their contract, it received backlash. This was centred around-
⌛️ Slow response time: In Nov23, when Gauntlet proposed a renewal of their contract, it received backlash. One of the primary things stated was their slow response time compared to Chaos & others. Their community engagement was also found lacking compared to the others.
💻️ Inferior dashboard: Risk parameter settings were lacking in depth, among other features which were provided by Chaos
💸Unjustified pricing premium: Given the above, the community questioned the pricing premium that Gauntlet was charging over competitors, in relation to its impact on AAVE.
And Gauntlet says they faced these 3 major issues while working with AAVE 👇️
😕 Difficulty navigating inconsistent guidelines and objectives of AAVE DAO, resulting in duplicate proposals like the "AIP-371 fiasco" during TUSD off-boarding.
📊 Criticism for distributing ARB emissions to Aave users, seen as free money.
📑 Criticism for the economic audit by their Applied Research team, viewed as competing with Aave, especially after partnering with Aave forks like SeamlessFi, RDNTCapital, and ZeroLendxyz.
Due to these issues favoring Chaos Labs, Gauntlet decided to step down from their involvement with AAVE.
📌 Here is a much more detailed take on this story by Sudipan, cofounder of Chainrisk. Give it a read! 👇leaves @aave : A behind the scenes thread 🧵
21 Feb 2024 has been a shocking day for the entire DeFi Industry.
Let's breakdown the series of events that led to this.
Also, where is DeFi Economic Risk Management heading post the aftershock ?
— Sudipan | Chainrisk 🛡️| Token2049 Dubai 🇦🇪 ✈️ (@SudipanSinha)
12:24 PM • Feb 25, 2024
WTF is Economic Risk Management? 📉
Economic risk management is related to safeguarding DeFi protocols against market volatility, liquidity crises, and protocol exploits. From stress testing to parameter optimization, economic risk management encompasses a spectrum of strategies aimed at fortifying protocol resilience.
In the current situation, most DeFi protocols do get smart contract audits done but sadly that is not enough, as >55% of major exploits are due to complex economic situations.
Economic Security is a HUGE part of risk mangement…yet most protocols ignore it.
Speakers emphasized the importance of economic risk management in navigating the turbulent waters of DeFi. They cited examples of stress testing protocols and optimizing parameter configurations to mitigate potential vulnerabilities.
By implementing robust monitoring and alert systems, protocols can proactively identify and address emerging risks, ensuring the stability and sustainability of the DeFi ecosystem.
Chainrisk recently published a paper on Economic Security which has been accepted at ETHBelgrade. Check out the paper, or a summary of it in the thread below 👇️
📢Introducing @chain_risk 's Economic Security Research, focusing on @MakerDAO and the broader stablecoin ecosystem !🛡️
We strive to solve an open research problem on @ethereum - " Formal Verification of Game Theoretic Models "
Find the full paper here - arxiv.org/abs/2402.15037
— Sudipan | Chainrisk 🛡️| Token2049 Dubai 🇦🇪 ✈️ (@SudipanSinha)
10:56 AM • Mar 1, 2024
How is Economic Security Gearing Up for the Future of DeFi?🔒
As the DeFi landscape continues to evolve, economic security emerges as a critical frontier.
One of the speakers highlighted the imperative of collaborative efforts among protocols, auditors, and risk management firms to enhance economic security.
They emphasized the need for transparent communication and shared best practices to fortify the resilience of DeFi protocols.
With regulations ramping up rapidly in DeFi, economic risk could soon start becoming mandated & not be optional anymore, which is how it is in TradFi
📌 Drawing inspiration from Gauntlet's departure and subsequent discussions, stakeholders are reevaluating their approach to economic security. By embracing innovative solutions and fostering a culture of collaboration, the DeFi community can pave the way for a more secure and resilient decentralized financial future.
About Symbiote
The Web3 ecosystem is plagued by funding gaps and a dearth of tailored support. Symbiote aims to be the antidote 💉
Here are the key differentiators in Symbiote’s program.
12-week tailored program designed for individual project needs.
Sprint-based model for high-paced, measured results.
Focus on instilling confidence in startups to navigate the dynamic crypto market.
Real-time project insights via cutting-edge analytical tools.
Knowledge center providing detailed connections, past performance, and future plans.
Access to an extensive ecosystem with 50+ Mentors, 450+ Partners, 150+ Investors and a fast growing 110k+ Global Community
👀 We just announced our first cohort, check it out below 👇️
