DeFi Summer was a landmark period for decentralized finance (DeFi). Marked by rapid growth and innovation, it demonstrated the potential for DeFi to disrupt traditional financial systems. But more importantly, it was a watershed moment that reminded people of the crucial role risk management plays in any successful investment market.
DeFi accounted for around half of all crypto hacks in 2020. This, combined with the rug pulls and collapses demonstrated that while massive yields are attractive, safety and sustainability are more important. Their strength determines the risk of using a platform as well as the consistency and reliability of said returns, something that is increasingly valued as more and more traditional investors enter the space.
So, ever since, risk and safety have become key metrics for analyzing the viability of a DeFi project. This has led to the development of a pseudo-classification system that categorizes DeFi projects into tiers based on their relative safety.
How Do Users Recognize Safe Protocols?
DeFi participants have two tools at their disposal to determine the safety of a protocol. These are audits and code reviews.
Audits
One way to tell the risk level of a protocol is to examine its audit reports. An audit is a formal process during which the project conducts a review of its protocol’s code and mechanisms. It is usually done by an internal team and/or an independent third party.
At the end of the process, the auditor writes a report detailing their findings. This, hopefully, reveals all flaws and vulnerabilities for the project to fix.
However, the mere presence of an audit doesn’t guarantee security. A 2022 study by Chainalysis found that 30% of code exploits and 73% of flash loan attacks took place on DeFi protocols that had been audited the previous year. This implies that a good number of DeFi audits are either not done properly or are falsified.
This is why some users prefer code reviews.
Code reviews
A code review is like an informal audit. It involves going through a protocol’s codebase searching for bugs and vulnerabilities that an audit may have missed. Since DeFi projects are open source, any user is free to do this on their own.
Code reviews are a task that many knowledgeable members of the crypto community take upon themselves to do. They go through a project’s code and then relay any interesting or alarming findings to the project’s developers and other community members.
There are other metrics that, when combined with audits and code reviews, provide an accurate estimation of how safe and reliable a project is.
One of these is a team’s experience. Conventional wisdom suggests that a team with a proven track record of experience building successful projects is more likely to build a more sustainable platform.
The other metric is regulatory compliance. This is only relevant to certain types of protocols but is nonetheless becoming increasingly more prevalent.
In an effort to protect users, governments and regulatory bodies around the world are now putting a lot of effort into creating regulatory frameworks for cryptocurrencies, making regulatory compliance one of the hallmarks of safe DeFi projects.
With all this in mind, DeFi protocols can be broadly categorized into three tiers; degen, safu, and blue chip projects.
The Three Tiers of Safety
In 2023, we can identify three layers of stability and security in cryptocurrency applications, i.e. “Degen”, “Blue-chip”, and “SAFU” ones.
“Degen”
“Degen” crypto projects provide the lowest tiers of safety. They are typically new and experimental projects featuring high-risk, high-reward opportunities.
Their focus isn’t on providing consistent, long-term rewards, but offering the highest yield around. As a result, they typically attract highly speculative investors with a high tolerance for risk. These investors have been aptly nicknamed ‘DeFi degens.’
Unfortunately, concepts of risk management barely exist in degen projects, making them unsustainable in the long run. They’re often not sufficiently audited, which creates a higher risk of fatal bugs and vulnerabilities. Thus, they are highly unstable. Many protocols that rose and fell in the DeFi Summer were degen projects.
Yam Finance is a good example. It introduced a novel approach to governance and yield farming that made it popular, only to collapse shortly after launch. The project’s critical failure was down to a code vulnerability due to a hasty launch, a situation made worse by governance challenges arising from its experimental governance model.
Blue-Chip
On the other end are blue-chip projects, those with the highest level of safety. Blue Chip projects have had time to establish themselves in the market and their founders typically have a good reputation.
Such protocols aim for sustainability. Thus, they actively manage their risk and are well-audited, which makes them less vulnerable to hacks and bugs. Popular blue chip projects include Uniswap, Aave, Compound, and Synthetix.
“SAFU”
“SAFU” projects are not as established as blue chip projects. They can be new and experimental projects as well as older projects that haven’t reached blue chip status yet. However, they carry significantly lower risk than degen. This is because they are well-audited for security vulnerabilities and are often built by teams with impressive track records.
The relatively low-risk nature of “SAFU” projects is because they put more effort into providing reliable returns over massive yields. Thus, they tend to provide stable investment opportunities with consistent returns.
A good example is the Kuma protocol, a recently launched protocol that tokenizes real-world assets to create interest-bearing stablecoins. Since these stablecoins are backed by low-risk assets, like sovereign bonds, their yield should be much more consistent and reliable.
Aware of the changing regulatory landscape, the creators of Kuma have worked with industry experts, government officials, and regulators across different jurisdictions to create a product that complies with all applicable laws and regulations.
Wrapping up: On risks and benefits of DeFis
Whether a project is a “Degen”, “SAFU”, or blue-chip depends on how much risk it exposes investors to. The first tends to be very risky and highly speculative, while the remaining two tone down the risk in favor of long-term sustainability. They may not provide the same level of yield as degen, but their stability means that for many investors, they are the best tier to put money into.
Arman Shirinyan
Godfrey Benjamin
