Centralisation risks caused DeFi hacks to cross $1.3 billion in 2021, says report

The security of decentralised finance (DeFi) platforms have come under increasing scrutiny in the recent months, with multiple studies and market audits noting billions of dollars being lost to various security lapses and scams on DeFi platforms and decentralised exchanges (DEX). As per a new report by blockchain security firm CertiK, over $1.3 billion was lost due to security issues on DeFi platforms in 2021. 

The key perpetrators behind this, CertiK’s study notes, are centralisation issues on these platforms. Developer lapses lead to single points of vulnerabilities, which are subsequently exploited by attackers to steal cryptocurrency funds and investments made by users. 

“The DeFi protocol bZx was exploited for more than $55 million in November as the result of private key mismanagement. This was an example of privileged ownership (found 76 times in audits) that allowed the attacker to gain complete control of all contracts the key controlled,” the CertiK study said. 

DeFi platforms offer cryptocurrency and other decentralised finance avenues for investments, and are built on blockchains such as Ethereum and Binance Smart Chain (BSC). CertiK said that the latter’s growth has been a key factor behind the rapid expansion of DeFi products in 2021. BSC’s compatibility with the Ethereum Virtual Machine (EVM), a platform for developers to build smart contracts for decentralised applications (Dapps), has been a key factor behind the growth of DeFi adoption through the previous year. 

Also read: Another DeFi hack adds $120mn to stolen crypto tally, BadgerDAO launches investigation

According to CertiK, BSC’s low transaction fees in comparison to the Ethereum blockchain has also been a contributing factor towards its growth. 

Other findings of the study stated that DeFi hacks and scams grew from around $500 million in 2020 to the $1.3 billion figure cited for 2021. Interestingly, despite this growth, the ratio of total amount lost to hacks against the total market capitalisation of the cryptocurrency industry stood at 0.05 per cent -- down by 17 per cent over 2020. This suggests that while hacks are on the rise in terms of volume, adoption of cryptocurrency and decentralised financial instruments are growing at a faster pace. 

2021 saw a host of notable DeFi hacks, including a $120 million exploit of DeFi platform BadgerDAO in December. In October, data from The Block Research stated that the month alone accounted for over $680 million in hacks across DeFi platforms. It’s important to note that the net amount of crypto hacks is often higher than the eventual lost amount cited in reports, because a chunk of them are also eventually recovered by cyber security agencies.