A short history of Ethereum hacks

Dear Bankless Nation,

This is the wild west—hacks and exploits happen all the time.

It’s important to know the history of exploits on Ethereum. From TheDAO to the Parity hacks, these protocol-level events shaped Ethereum’s social contract. And as more apps are built, the surface area for attacks increases.

This is especially true in DeFi.

We don’t have to trust people with our money, but we do have to trust code.

We have to trust that the code was designed without flaws—whether that includes bugs, economic risks, oracle manipulation, or even centralization risks. This is hard. We’re human—we make mistakes. (Read more on the 3 types of DeFi risk)

Here’s our saving grace: the longer the code is out in the wild and the more value locked within, the stronger it gets. We call this the Lindy effect. Every day without incident is another day closer to the vision of trustless finance.

Hugh Karp is someone deep down the rabbit hole of hacks and exploits. (He’s even been hacked himself!)

The early Ethereum exploits inspired him to build Nexus Mutual—a decentralized alternative to insurance.

So we brought him in to give us a quick history lesson.

- RSA

WRITER WEDNESDAY

Guest Writer: Hugh Karp, Founder of Nexus Mutual

A Short History of Risks in DeFi

DeFi offers a land of opportunity. Riches can be found and made despite all the traditional finance folks calling them “scams” at double digit yields. Meanwhile, those on the frontier are consistently making bank.

There is risk to be sure, but the market is still very inefficient and in a world where banks offer 0% interest rates, it’s worth putting old prejudices aside, at least for a moment, and delving deeper.

In traditional finance, most risk emanates from having to trust people with your money.

While many people say DeFi eliminates trust, it actually shifts trust from individuals, institutions and the surrounding legal systems to code. Theoretically this means if we can trust the code to operate as intended then we can “remove” trust. Unfortunately, it is very hard to code at 100% accuracy (even if it’s audited). Most long-term Ethereum users have experienced this pain point at least once on their journey.

To give you an idea on the accuracy of coding, here are the number of errors per line of code:

• Industry average 15-50 per 1000
• Delivered software 1-25 per 1000
• NASA 0.1 per 1000

Coding isn’t easy. Humans make mistakes all the time. The problem is that this is where a significant amount of risks lies in Ethereum and decentralized finance.

Is it better than trusting other people? Sure, but it’s still early.

Here’s some history to give you context…

The Early Era

One of the first major instances of coding errors on Ethereum was TheDAO. It highlighted the issue and was so divisive in how it should be “fixed” that it resulted in the fork of Ethereum and spawned Ethereum Classic.

This was soon followed by the Parity bugs where a widely used multi-sig suffered two separate events that caused millions of dollars to be lost, as well as further fallout from a philosophical perspective.

Together, these errors were the first major security events in Ethereum’s history. We look back on them now as contained logic errors where code simply didn’t work as intended.

These two events were the primary inspiration for Nexus Mutual’s first product: Smart Contract Cover.

The Oracle Era

The second major wave of attacks resulted from on-chain oracle manipulation, often fuelled by a flash loan.

While quite complex in their execution, the attacks have a similar pattern where systems relying on a price feed had the feed temporarily manipulated to distort the protocol’s internal accounting. Funds were then deposited at favorable rates and then immediately extracted in a different currency, or alternatively, in the same currency after resetting the oracle to normal values.

While in most cases an underlying logic bug may have also been triggered, this was not always the case. Community discussion followed: are these hacks or just economic exploits?

Generally speaking though, these types of issues need to be avoided if DeFi is to be more broadly successful.

• Harvest Finance: A skilled farmer used flash loans to reap $33.8 million from the FARM_USDT and FARM_USDC pools
• Value DeFi: Exploited for $7,000,000. Another harsh lesson from the flash loan family.
• Cheese Bank: Lost $3.3m via flash loan AMM oracle attack
• Origin Protocol: $8m via flash loan and faketoken re-entrancy.

Courtesy of REKT!

The Money Lego Era

Over the last few years more and more DeFi protocols have been launched and continue to rely on each other. This is the beauty of open finance and composability—we can use existing protocols to build new applications. The drawdown is that this naturally starts to widen attack surfaces.

Protocols are increasingly built on top of each other taking advantage of one of DeFi’s great strengths but this also exponentially increases risk.

This third wave of attacks have tended to focus on yield aggregators where the aggregator is built on top of many other DeFi protocols.

These protocols tend to be riskier than the base protocols simply because their attack surface is much greater and one chink in the armor is all that’s required to be exploited. As a developer it’s easy to make assumptions about how another protocol works but sometimes nuance at the edges of integrations can cause issues.

Centralised risks

This short but interesting history focuses on the coding risks which would encompass the vast majority of risk assuming DeFi was entirely decentralised. But it’s not. Many protocols still have some way to go on that front as many of the risks in DeFi are not just from smart contract bugs, but from centralised aspects.

The broadest risks across all of DeFi are probably related to stablecoin failure. This could include either USDT losing it’s peg or USDC being forced to seize funds by governments. A failure with MakerDAO’s DAI peg would also cause major issues but that’s more likely caused by economic incentive failure or risk management oversight.

If you’re participating in DeFi, a widespread failure of any of the major stablecoins would likely be quite catastrophic. It’s probably the major risk the entire sector faces, especially in it’s still nascent phase.

Returning to DeFi protocols, high centralisation risks tend to exist when interacting with most of the newer protocols as there’s usually the potential for the team to upgrade contracts or in the worst cases “rug pull” and effectively steal protocol liquidity for themselves. So be mindful of this! Try to understand if there are any built in time delays or other protections before depositing funds.

Lower levels of centralisation risk still exist in some of the major DeFi protocols as well. There’s always the potential for a governance attack where the system can be upgraded by a malicious group of attackers. We’ve haven’t seen many of these cases yet, but it’s entirely possible.

The more diverse and widespread the holders of the token, the better.

Economic Incentive Risks

The other major category to be wary of is economic incentive failure. Several DeFi protocols are testing out new economic games to achieve some outcome, and this usually requires balancing incentives to encourage the right user behavior.

Many of these incentive games are unproven with some much more risky than others, I’m looking at you algorithmic stablecoins. So be aware of how much the protocol relies on economic incentives to work correctly.

An Opportunity

While this may all sound very scary, there are large rewards in DeFi for those willing to take on higher risk. Not only is the risk vs. rewards spectrum in DeFi extremely large, the market is still very inefficient.

The good thing is that inefficiency corresponds to opportunity for those willing to venture further.

One major attraction of DeFi is the ability to earn yield on either stablecoins or existing crypto holding like BTC or ETH.

Focusing on this use case, at the lower end of the risk spectrum are what I call the base protocols themselves: Uniswap, Compound, Aave, MakerDAO and Balancer.

These protocols are much further along the decentralised end of the spectrum than others so risk tends to be more confined to smart contract risks, economic incentive failures and potential governance attacks. These protocols have been on mainnet for quite some time and hold billions in value, meaning they have been battle-tested to a reasonable degree indicating they are relatively secure from most of these risks, with the potential governance attack yet to be fully tested.

This is probably the best place to start if you’re shifting from earning virtually 0% in your bank account to something significantly higher eg, in the 4-10% range.

If you’re looking to protect your money in DeFi, Nexus Mutual also offers cover against smart contract risk. Better yet, starting on April 26th, Nexus Mutual is expanding into a new product called “Protocol Cover” which covers smart contract risks, oracle manipulation, economic incentive failure as well as governance attacks. This is one of the safest ways to start earning yield in DeFi.

There is a lot to learn and entire books could be written on risk management in DeFi.

The key is to start with amounts you can afford to lose and learn gradually over time. Avoid risks that are too extreme, insure when you want to take larger positions and manage exposure to any one protocol or risk.

DeFi is a journey requiring full self responsibility, it’s both dangerous and potentially very rewarding. Managing your risk well will put the odds in your favor.

Action steps

• Learn the history of Ethereum hacks
• Listen to the Bankless episode on Nexus Mutual
• Protect your DeFi deposits with Nexus Mutual (Protocol Cover coming soon!)
• Bonus: read how Hugh got hacked for $24m!

Author Bio

Hugh Karp is the founder of Nexus Mutual, a decentralized alternative to insurance built on Ethereum. He’s also an active contributor to MetaCartel Ventures, a decentralized venture fund investing into early stage projects.