Good Morning!

Another day, another hack.
The DeFi space still has a long way to go.

This time a Chinese DeFi platform called Lendf.Me was successfully attacked by hackers through an ERC777 smart contract vulnerability. The really bad thing about this is that this vulnerability was well known and actually documented. See here.

The hackers got away with $25 million and even had the nerve to send some money back ($126,014) with a cheeky message: "Better luck next time". Read more about it here.

For you tech people out there, this is the most in-depth code analysis I was able to find.

Business benefit is questionable

But on a more serious note, I was and still am sceptical about the DeFi space. First and foremost, I still have trouble seeing the business case in over collateralising my capital need by 50% or more. The company that borrows money with such a ratio is blocking way too much of their "working" capital. This is not a convincing use case for me. The other use case is to leverage the collateral you pledge by buying more of the token you can pledge as collateral. But this is a purely speculative trade and will not help to grow the crypto and blockchain business space. To me this poses a certain amount of structural risk, which has the potential of blowing up in the future.

The DeFi industry must grow up

In addition to these concerns, the DeFi space faces another threat from the regulatory side. The FSB has not shown great benevolence with their latest report about stablecoins.

I believe this industry needs to take a huge step forward in terms of growing up. These DeFi platforms should undergo more regular code audits. This would then provide any potential DeFi platform customer (non-software developer people) an easy to understand report so that they themselves can assess the risk as to whether or not they want to interact with the respective platform.