Decentralized finance (DeFi) is a topic that’s gained relevance over 2020 and 2021 – if considered as an industry, its total value would be around $150 billion (Source: Link).
Before jumping into DeFi, a quick primer on smart contracts is needed, given nearly all applications run exclusively on them.
Smart contracts, as a concept, predate the blockchain, dating back to the mid/late nineties (Szabo, 1994, 1997) when they were defined as a ‘computerized transaction protocol that executes the terms of a contract.’ In other words, they are digital codes or scripts that automatically execute predefined actions based on contractual conditions validated by all parties. A simple analogy is a vending machine: these require a predefined monetary amount to let the user buy an item. No matter how many attempts the user makes, if the payment is less than the predefined price, it won’t work. If an overpayment is inserted, the surplus gets returned. The most straightforward application of smart contracts is Bitcoin, where the contract automatically checks, before transacting, whether the sender has sufficient funds, and if not, cancels the transaction. It’s important to note not all blockchains allow for the same degree of programmability in the smart contracts used.
But what is DeFi?
DeFi is a term with no strict definition since it’s not a technical or legal term (Link), but refers to a rapidly changing ecosystem of applications (Link). These applications, also called decentralized applications (dApps) or protocols, provide “services and applications that are characterized by a detachment from trusted intermediaries, hence, enabling trustless, peer-to-peer transactions” (Link). Common characteristics of these protocols can, however, be used to form a working definition. For example, DeFi products are built on blockchains, use decentralized ledgers, and utilize (multiple) smart contracts – therefore, they’re (1) trustless and permissionless, (2) transparent or openly auditable, (3) interconnected, (4) decentrally governed, and (5) enable self-sovereignty (Link & Link).
The DeFi ecosystem as a whole can be broken down into 6 main layers but the model was initially defined by Fabian Schär, in February 2021, as a 5-layer one. (Link). This DeFi model can be seen as a ‘Money Lego’ (Link) system in which applications are built on top of the previous layer, as shown below.
- Layer 0 (not shown in the 5 layer model) refers to the things necessary to build a blockchain. It comprises hardware, miners, connections, and protocols. Some examples of protocols are Polkadot, Cosmos, and LayerZero Labs, which allow for interoperability (through cross-chain messaging systems) between different Layer 1s. Infrastructure providers, either centralized like Infura and Alchemy or decentralized like Pocket Network, are included in this layer.
- Layer 1, the settlement layer, refers to the blockchain itself and its native coin. In this layer the transactions are settled, the network securely stores information and it ensures any state changes adhere to its rule set. Examples of Layer 1 are Ethereum, Bitcoin, and BNB Chain.
- Layer 2 is the asset layer. It consists of all assets issued on top of Layer 1, plus the native asset. For example, on Ethereum standard tokens are issued under the ERC-20 standard and they can be either meme coins like DOGE, stablecoins like USDC and FRAX, or protocol/governance tokens like AAVE. Another well-known standard is the ERC-721, used for non-fungible tokens (NFTs).
- Layer 3 refers to the protocol layer. This is where protocols exist for specific use cases, such as exchanges, lending, borrowing, derivatives, etc. They use smart contracts and can usually be accessed by anyone, either individuals or another dApp.
- Layer 4 refers to the application layer. Given that most users don’t have the technical knowledge or expertise to interact directly with smart contracts, protocols usually provide an interface so users can interact via a web browser.
- Layer 5, the aggregation layer, can be understood as an extension of the application layer. When users interact with a protocol of layer 5, they’re ultimately interacting with a handful of different protocols on the underlying layer. For example, if a user wants to exchange ETH for USDC, then instead of checking different decentralized exchanges they can instead directly interact with 1inch or Matcha, which will route the exchange transaction to the best rate it can find.
What advantages does DeFi deliver over traditional finance?
Efficient and trustless. Much of the traditional financial system is based on trust between parties and is reliant on centralized institutions. DeFi uses technology, namely smart contracts and blockchains, to replace some of that trust, made possible because the roles of different parties can be replicated by code. If two parties wish to trade digital assets in the form of tokens, for example, there’s no need for a central counterparty clearing house to provide assurances on the trade settlement. Instead, the transactions can be structured in a way that either none or all of the transfers are carried out: risk is reduced and efficiency increased.
Transparency. All transactions in an open blockchain are visible to the public, and smart contract code can be examined on the blockchain. This allows anyone to do their own diligence before interacting with an application (assuming they have the requisite skills). In the event of a crisis, the availability of historical and current data is a significant improvement over traditional financial systems, where most information is distributed among a huge number of private databases or not available at all. But, it’s important to note, this refers to decentralized and permissionless networks – certain blockchains and applications have emerged in recent months that enable better privacy for their users, such as Secret Network (L1), Zcash, and Tornado Cash (L3).
Permissionless. By default, anyone can use and interact with DeFi protocols. As a result, DeFi could potentially develop a truly open and accessible financial system – significant when you consider there are roughly 1.2b adults that remain unbanked (source: Link). In DeFi there’s no need for ‘know your customer’ (KYC) processes yet, and while this could potentially change, the infrastructure needs are reasonably affordable and the possibility of discrimination low.
Composability. Protocols and applications can communicate thanks to the common settlement layer and even cross-chain through Layer 0s. Decentralized exchange protocols or loan protocols can be used by on-chain fund protocols to obtain leveraged positions. Given that smart contract code is generally open source, this allows for anyone to copy and adapt it, as well as make suggestions or improvements. This allows for a growing number of alternatives to emerge every year.
What caveats are there to DeFi?
The efficiency of DeFi comes down to that of Layer 1, in which the protocol is deployed. The transactional costs, the time necessary for a transaction to settle, the maximum number of transactions that can be processed – all this varies widely between different Layer 1s.
While trustless in the sense the number of trusted parties is reduced, DeFi implies (1) the code needs to be trusted, ultimately meaning the developers need to be trusted, and (2) users need funds in their wallet, which implies self-custody. Regarding the first point, developers with bad intentions are not unheard of – consider the ‘rug pull’, where developers abandon a project and run off with investors’ funds. On the second point, in recent months an increase in attacks from social vectors and phishing has been witnessed. Given users are their own custodians, they’re responsible for what transactions or permissions they approve in apps they connect to. A notorious exploitation of this was the Badger DAO hack, where attackers inserted code in the user interface. When users approved transactions they also unwittingly gave hackers permission to access their funds. While it’s true most code (smart contracts) can be found on GitHub, it’s also likely some key parts are hidden to avoid being copied by competitors. In addition, when it comes to malicious developers, a deep knowledge of the technology is necessary to be able to audit them.
This brings us to the next caveat of DeFi. The underlying technology is highly experimental and DeFi protocols hold assets worth billions of dollars, so hacks are unfortunately common. According to Rekt.news (source: Link), more than $3.5b has been stolen since September 2020. Of the hacks that Rekt reports, 36% of the protocols had one or more audits at the time their security was breached. However, of the top 10 protocols by funds lost, only 1 was actually hacked, highlighting the importance of being professionally audited before launch. However, not all faith should be lost since transactions are recorded on the public ledger and so prosecutors can track the funds. A recent example is an arrest in 2022 of two suspects for laundering $4.5b worth of stolen cryptocurrency back in 2016 (source: Link).
The core value proposition of DeFi lies in the top three layers but these remain dependent on the three lower layers. So, while DeFi code is just code, and so permissionless in nature, many protocols are still bound to their local regulations. For example, after the outbreak of the Russia-Ukraine war, a broad range of financial sanctions were imposed on Russia and as a result Matcha, a trade aggregator, and dYdX, a decentralized exchange, were blocking Russian users as of 28.04.2022. Additionally, as noted in a previous newsletter, on 03.03.2022 Infura “accidentally” blocked users in Iran and Venezuela from using Metamask through their nodes. The outage was caused by overly-broad configurations incorporated as part of its sanctions compliance program (Infura is a US-based company). Source: Link.
Will DeFi ever gain mainstream adoption?
DeFi offers an opportunity to change the financial paradigm of this century, ushering in an open and transparent financial system where users are able to verify transactions and data, powered by the financial and legal rules built into blockchains and smart contracts.
While this wave of innovation has yet to reach the majority, DeFi is trying to appeal to a broader audience. On the one hand, some protocols are bringing traditional finance players into DeFi. An example is the deal between MakerDAO, issuer of the stablecoin DAI, and Société Générale, facilitating a EUR 40m loan using tokenized housing bonds as collateral. More detals are in this link. AAVE, a money market for lending and borrowing, launched their Real World Asset (RWA) market with Centrifuge, in which DeFi users can provide liquidity to different lenders, who in turn provide liquidity for different real-world businesses and use cases: Link.
On the other hand, DeFi is trying to reach retail users. For example Chai, powered by Terra Blockchain, has 2.81m users and has moved 8b South Korean won (KRW), roughly $6.2m: Link. However, this particular market segment is where centralized decentralized finance (CeDeFi) shines. Centralized crypto exchanges like Binance and Coinbase offer crypto-enabled credit cards to their users, and according to Visa, crypto-linked cards have moved $2.5 billion in Q1 2022: Link.
While the future looks bright, the road ahead is full of obstacles. One of the biggest barriers to mainstream adoption is the poor user experience. As of today, users need to be their own custodians, to learn about wallets and how to securely manage passwords and seed phrases, to be vigilant with protocols they interact with, and to monitor changes in the networks they operate on. And while CeDeFi helps solve some of these issues, more development is needed.