SoK: Decentralized Finance (DeFi)

Authors:
Sam Werner

Imperial College London, London, United Kingdom

Imperial College London, London, United Kingdom
View Profile

,
Daniel Perez

Imperial College London, London, United Kingdom

Imperial College London, London, United Kingdom
View Profile

,
Lewis Gudgeon

Imperial College London, London, United Kingdom

Imperial College London, London, United Kingdom

https://orcid.org/0000-0002-4992-4795
View Profile

,
Ariah Klages-Mundt

Cornell University, Ithaca, USA

Cornell University, Ithaca, USA

https://orcid.org/0000-0002-5577-1000
View Profile

,
Dominik Harz

Interlay, London, United Kingdom

Interlay, London, United Kingdom
View Profile

,
William Knottenbelt

Imperial College London, London, United Kingdom

Imperial College London, London, United Kingdom
View Profile

AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial TechnologiesSeptember 2022Pages 30–46https://doi.org/10.1145/3558535.3559780

Published:05 July 2023Publication History

AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial Technologies

Pages 30–46

ABSTRACT

Decentralized Finance (DeFi), a blockchain powered peer-to-peer financial system, is mushrooming. Two years ago the total value locked in DeFi systems was approximately 700m USD, now, as of April 2022, it stands at around 150bn USD. The frenetic evolution of the ecosystem has created challenges in understanding the basic principles of these systems and their security risks. In this Systematization of Knowledge (SoK) we delineate the DeFi ecosystem along the following axes: its primitives, its operational protocol types and its security. We provide a distinction between technical security, which has a healthy literature, and economic security, which is largely unexplored, connecting the latter with new models and thereby synthesizing insights from computer science, economics and finance. Finally, we outline the open research challenges in the ecosystem across these security types.

References

1inch: Balancer pool with sta deflationary token incident (2020), https://1inch-exchange.medium.com/balancer-hack-2020-a8f7131c980eGoogle Scholar
AAVE: Aave: Protocol whitepaper v1.0 (2020), https://github.com/aave/aave-protocol/blob/master/docs/Aave_Protocol_Whitepaper_v1_0.pdf, accessed: 13-08-2020Google Scholar
Angeris, G., Chitra, T.: Improved price oracles: Constant function market makers. Proceedings of the 2nd ACM Conference on Advances in Financial Technologies (2020)Google Scholar
Angeris, G., Evans, A., Chitra, T.: When does the tail wag the dog? Curvature and market making. arXiv preprint arXiv:2012.08040 (2020)Google Scholar
Angeris, G., Evans, A., Chitra, T.: Replicating market makers. arXiv preprint arXiv:2103.14769 (2021)Google Scholar
Angeris, G., Kao, H.T., Chiang, R., Noyes, C., Chitra, T.: An analysis of uniswap markets. Cryptoeconomic Systems Journal (2019)Google Scholar
Annenkov, D., Spitters, B.: Towards a smart contract verification framework in coq. arXiv preprint arXiv:1907.10674 (2019)Google Scholar
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (sok). In: International conference on principles of security and trust. pp. 164--186. Springer (2017)Google ScholarDigital Library
Babel, K., Daian, P., Kelkar, M., Juels, A.: Clockwork finance: Automated analysis of economic security in smart contracts. arXiv preprint arXiv:2109.04347 (2021)Google Scholar
Baker, P.: Defi lender bzx loses $8m in third attack this year. CoinDesk (2020), https://www.coindesk.com/defi-lender-bzx-third-attackGoogle Scholar
Baker, P.: Defi project bzx exploited for second time in a week, loses $630k in ether. CoinDesk (2020), https://www.coindesk.com/defi-project-bzx-exploited-for-second-time-in-a-week-loses-630k-in-etherGoogle Scholar
Baker, P.: Miners trick stablecoin protocol pegnet, turning 11 into almost 7m hoard. CoinDesk (2020), https://www.coindesk.com/miners-trick-stablecoin-protocol-pegnet-turning-11-into-almost-7m-hoardGoogle Scholar
Balancer Labs: BAL - balancer governance token (2020), https://docs.balancer.finance/protocol/bal-balancer-governance-token, accessed: 20-08-2020.Google Scholar
Bano, S., Sonnino, A., Al-Bassam, M., Azouvi, S., McCorry, P., Meiklejohn, S., Danezis, G.: Sok: Consensus in the age of blockchains. In: Proceedings of the 1st ACM Conference on Advances in Financial Technologies. pp. 183--198 (2019)Google ScholarDigital Library
Bartoletti, M., Chiang, J.H.y., Lluch-Lafuente, A.: Sok: Lending pools in decentralized finance. arXiv preprint arXiv:2012.13230 (2020)Google Scholar
Beck, R., Müller-Bloch, C., King, J.L.: Governance in the blockchain economy: A framework and research agenda. Journal of the Association for Information Systems 19(10), 1 (2018)Google Scholar
Beneš, N.: Introducing the dutchx (2017), https://blog.gnosis.pm/introducing-the-gnosis-dutch-exchange-53bd3d51f9b2Google Scholar
Benhamouda, F., Halevi, S., Halevi, T.: Supporting private data on hyperledger fabric with secure multiparty computation. IBM Journal of Research and Development 63(2/3), 3--1 (2019)Google ScholarDigital Library
bertcmiller: Tweet (2 April 2022), https://twitter.com/bertcmiller/status/1510249220967739398?t=Cf2PvmdsWyraKHNqOzYhwQ&s=19Google Scholar
Biais, B., Bisiere, C., Bouvard, M., Casamatta, C.: The blockchain folk theorem. The Review of Financial Studies 32(5), 1662--1715 (2019)Google ScholarCross Ref
Bitcoin, W.: Wbtc wrapped bitcoin an erc20 token backed 1:1 with bitcoin (2020), https://wbtc.network/Google Scholar
BitMEX: Bitmex perpetual contracts guide (2020), https://www.bitmex.com/app/perpetualContractsGuideGoogle Scholar
Blocknative: Evidence of mempool manipulation on black thursday: Hammerbots, mempool compression, and spontaneous stuck transactions (2020), https://www.blocknative.com/blog/mempool-forensicsGoogle Scholar
Bloomberg: How $60 Billion in Terra Coins Went Up in Algorithmic Smoke. https://www.bloomberg.com/graphics/2022-crypto-luna-terra-stablecoin-explainer/ (20 May 2022)Google Scholar
Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J.A., Felten, E.W.: Sok: Research perspectives and challenges for bitcoin and cryptocurrencies. In: 2015 IEEE symposium on security and privacy. pp. 104--121. IEEE (2015)Google ScholarDigital Library
Breidenbach, L., Daian, P., Tramèr, F., Juels, A.: Enter the hydra: Towards principled bug bounties and exploit-resistant smart contracts. In: 27th {USENIX} Security Symposium ({USENIX} Security 18). pp. 1335--1352 (2018)Google Scholar
Buterin, V.: A next-generation smart contract and decentralized application platform. white paper 3(37) (2014)Google Scholar
bZx Network: bZx, The most powerful open finance protocol (2020), https://bzx.network/Google Scholar
Carlsten, M., Kalodner, H., Weinberg, S.M., Narayanan, A.: On the instability of bitcoin without the block reward. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. pp. 154--167 (2016)Google ScholarDigital Library
CertiK: Yam finance smart contract bug analysis & future prevention (2020), https://certik.io/blog/technology/yam-finance-smart-contract-bug-analysis-future-preventionGoogle Scholar
Chen, X., Park, D., Roşu, G.: A language-independent approach to smart contract verification. In: International Symposium on Leveraging Applications of Formal Methods. pp. 405--413. Springer (2018)Google ScholarDigital Library
Claburn, T.: Single-line software bug causes fledgling yam cryptocurrency to implode just two days after launch (2020), https://www.theregister.com/2020/08/13/yam_cryptocurrency_bug_governance/Google Scholar
Clark, J.: The replicating portfolio of a constant product market. Available at SSRN 3550601 (2020)Google Scholar
Coinbase: Coinbase (2020), https://www.coinbase.com/Google Scholar
Cointelegraph: Compound liquidator makes $4m as oracles post inflated dai price (2020), https://cointelegraph.com/news/compound-liquidator-makes-4m-as-oracles-post-inflated-dai-priceGoogle Scholar
Compound: Compound finance (2019), https://compound.finance/Google Scholar
Compound: Open price feed (2020), https://compound.finance/prices, accessed: 06-12-2020.Google Scholar
ConsenSys: Mythril (2021), https://github.com/ConsenSys/mythrilGoogle Scholar
Consensys: Mythx: Smart contract security service for ethereum (2021), https://mythx.io/Google Scholar
Cooper, T.: imbtc uniswap pool drained for ~$300k in eth (2020), https://defirate.com/imbtc-uniswap-hack/, accessed: 20-01-2021.Google Scholar
Cousaert, S., Xu, J., Matsui, T.: Sok: Yield aggregators in defi. arXiv preprint arXiv:2105.13891 (2021)Google Scholar
Cronje, A.: yEARN (2020), https://yearn.financeGoogle Scholar
CryptoCompare: Cryptocompare exchange review, march 2022 (2022), https://www.cryptocompare.com/media/40124872/cryptocompare_exchange_review_2022_03_vf2.pdfGoogle Scholar
Curve Finance: Curve.fi (2020), https://www.curve.fi/, accessed: 20-08-2020.Google Scholar
Dafflon, J., Baylina, J., Shababi, T.: Eip-777: Erc777 token standard (2017), https://eips.ethereum.org/EIPS/eip-777Google Scholar
Daian, P., Goldfeder, S., Kell, T., Li, Y., Zhao, X., Bentov, I., Breidenbach, L., Juels, A.: Flash boys 2.0: Frontrunning, transaction reordering, and consensus instability in decentralized exchanges. arXiv preprint arXiv:1904.05234 (2019)Google Scholar
DeFi Pulse: What is defi? (2019), https://defipulse.com/blog/what-is-defi/Google Scholar
DeFi Pulse: The decentralized finance leaderboard at defi pulse (2020), https://defipulse.com/Google Scholar
Defiant: Iron Finance Implodes After 'Bank Run'. https://thedefiant.io/iron-finance-implodes-after-bank-run (17 June 2021)Google Scholar
Defiant, T.: Bsc's venus protocol left with bad debt after liquidations (May 20, 2021), https://thedefiant.io/bscs-venus-protocol-left-with-bad-debt-after-liquidations/Google Scholar
dForce: dforce (2020), https://dforce.network/Google Scholar
Dubovitskaya, A., Ackerer, D., Xu, J.: A game-theoretic analysis of cross-ledger swaps with packetized payments (2021)Google Scholar
dYdX: dydx (2019), https://dydx.exchange/Google Scholar
Egorov, M.: Stableswap - efficient mechanism for stablecoin liquidity (2019), https://www.curve.fi/stableswap-paper.pdfGoogle Scholar
Eskandari, S., Moosavi, S., Clark, J.: Sok: Transparent dishonesty: front-running attacks on blockchain. In: International Conference on Financial Cryptography and Data Security. pp. 170--189. Springer (2019)Google Scholar
ETH Tx Decoder: Transaction analysis (2020), https://ethtx.info/mainnet/0x9d093325272701d63fdafb0af2d89c7e23eaf18be1a51c580d9bce89987a2dc1, accessed: 13-01-2021.Google Scholar
Evans, A.: Liquidity provider returns in geometric mean markets. arXiv preprint arXiv:2006.08806 (2020)Google Scholar
Feist, J.: Slither - a solidity static analysis framework (2018), https://blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/Google Scholar
Feng, F., Weickmann, B.: Set: A protocol for baskets of tokenized assets (2019), https://www.setprotocol.com/pdf/set_protocol_whitepaper.pdfGoogle Scholar
Finance, B.: Tweet (14 February 2022), https://twitter.com/finance_build/status/1493223330685591558Google Scholar
Flashbots: Flashbots Docs: Understanding Bundles. https://docs.flashbots.net/flashbots-auction/searchers/advanced/understanding-bundles (2022)Google Scholar
Foundation, E.: Solidity v0.8.0 documentation (2020), https://docs.soliditylang.org/en/v0.8.0/index.html, accessed: 12-01-2020.Google Scholar
Foxley, W.: $10.8m stolen, developers implicated in alleged smart contract 'rug pull'. CoinDesk (2020), https://www.coindesk.com/compounder-developers-implicated-alleged-smart-contract-rug-pullGoogle Scholar
Foxley, W., De, N.: Weekend attack drains decentralized protocol dforce of $25m in crypto. CoinDesk (2020), https://www.coindesk.com/attacker-drains-decentralized-protocol-dforce-of-25m-in-weekend-attackGoogle Scholar
Foxley, W.: Exploit during ethdenver reveals experimental nature of decentralized finance. CoinDesk (2020), https://www.coindesk.com/exploit-during-ethdenver-reveals-experimental-nature-of-decentralized-financeGoogle Scholar
Frangella, E.: Crypto black thursday: The good, the bad, and the ugly. https://medium.com/aave/crypto-black-thursday-the-good-the-bad-and-the-ugly-7f2acebf2b83 (2020), accessed: 20-01-2021.Google Scholar
Gnosis: API3 IDO incident - post mortem (2020), https://hackmd.io/@n6YCqowrQduQ5u25wSoRXw/Hylnk7SjDGoogle Scholar
Gnosis: Introduction to gnosis protocol (2020), https://docs.gnosis.io/protocol/docs/introduction1/Google Scholar
Godbole, O.: Defi flippening comes to exchanges as uniswap topples coinbase in trading volume. CoinDesk (2020), https://www.coindesk.com/defi-flippening-uniswap-topples-coinbase-trading-volumeGoogle Scholar
Gudgeon, L., Perez, D., Harz, D., Livshits, B., Gervais, A.: The decentralized financial crisis. In: 2020 Crypto Valley Conference on Blockchain Technology (CVCBT). pp. 1--15 (2020)Google ScholarCross Ref
Gudgeon, L., Moreno-Sanchez, P., Roos, S., McCorry, P., Gervais, A.: Sok: Off the chain transactions. IACR Cryptol. ePrint Arch. 2019, 360 (2019)Google Scholar
Gudgeon, L., Werner, S.M., Perez, D., Knottenbelt, W.J.: Defi protocols for loanable funds: Interest rates, liquidity and market efficiency. In: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies. p. 92--112 (2020)Google ScholarDigital Library
Hanson, R.: Combinatorial information market design. Information Systems Frontiers 5(1), 107--119 (2003)Google ScholarDigital Library
Harper, C.: Defi degens hit hard by eminence exploit will be partially compensated. CoinDesk (2020), https://www.coindesk.com/eminence-exploit-defi-compensatedGoogle Scholar
Harvest Finance: Harvest flashloan economic attack post-mortem (2020), https://medium.com/harvest-finance/harvest-flashloan-economic-attack-post-mortem-3cf900d65217, accessed: 29-12-2020.Google Scholar
Harz, D., Gudgeon, L., Gervais, A., Knottenbelt, W.J.: Balance: Dynamic adjustment of cryptocurrency deposits. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. pp. 1485--1502 (2019)Google ScholarDigital Library
Harz, D., Knottenbelt, W.: Towards safer smart contracts: A survey of languages and verification methods. arXiv preprint arXiv:1809.09805 (2018)Google Scholar
Hull, J., et al.: Options, futures and other derivatives/John C. Hull. Upper Saddle River, NJ: Prentice Hall, (2009)Google Scholar
Huo, L., Klages-Mundt, A., Minca, A., Munter, F., Wind, M.: Decentralized Governance of Stablecoins with Closed Form Valuation. In Mathematical Research for Blockchain Economy. https://arxiv.org/abs/2109.08939 (2022)Google Scholar
IDEX: Idex 2.0: The next generation ofnon-custodial trading. URL: https://idex.io/document/IDEX-2-0-Whitepaper-2019-10-31.pdf (2019)Google Scholar
Index: Index: A comprehensive list of decentralized exchanges (dex)., https://distribuyed.github.io/index/Google Scholar
Jones, S.P., Eber, J.M., Seward, J.: Composing contracts: an adventure in financial engineering. ACM SIG-PLAN Notices 35(9), 280--292 (2000)Google ScholarDigital Library
Judmayer, A., Stifter, N., Zamyatin, A., Tsabary, I., Eyal, I., Gazi, P., Meiklejohn, S., Weippl, E.: Pay to win: Cheap, crowdfundable, cross-chain algorithmic incentive manipulation attacks on pow cryptocurrencies. Cryptology ePrint Archive, Report 2019/775 (2019), https://eprint.iacr.org/2019/775Google Scholar
Kaleem, M., Shi, W.: Demystifying pythia: A survey of chainlink oracles usage on ethereum. arXiv preprint arXiv:2101.06781 (2021)Google Scholar
Kalodner, H.A., Carlsten, M., Ellenbogen, P., Bonneau, J., Narayanan, A.: An empirical study of namecoin and lessons for decentralized namespace design. In: WEIS. Citeseer (2015)Google Scholar
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18--21, 2018. The Internet Society (2018), http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdfGoogle ScholarCross Ref
Kao, H.T., Chitra, T., Chiang, R., Morrow, J.: An analysis of the market risk to participants in the compound protocol. In: Third International Symposium on Foundations and Applications of Blockchains (2020)Google Scholar
Khatri, Y.: Dai price increase led to a massive $88 million worth of liquidations at defi protocol compound (2020), https://www.theblockcrypto.com/post/85850/dai-compound-dydx-liquidations-defi, accessed: 14-01-2021.Google Scholar
Klages-Mundt, A.: Vulnerabilities in maker: oracle-governance attacks, attack daos, and (de)centralization (Nov 14, 2019), https://link.medium.com/VZG64fhmr6Google Scholar
Klages-Mundt, A., Harz, D., Gudgeon, L., Liu, J.Y., Minca, A.: Stablecoins 2.0: Economic foundations and risk-based models. In: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies. pp. 59--79 (2020)Google ScholarDigital Library
Klages-Mundt, A., Minca, A.: (in) stability for the blockchain: Deleveraging spirals and stablecoin attacks. Cryptoeconomic Systems (2021)Google Scholar
Klages-Mundt, A., Minca, A.: While stability lasts: A stochastic model of noncustodial stablecoins. Mathematical Finance (2022)Google Scholar
Koeppelmann, M.: Tweet (18 July 2020), https://twitter.com/koeppelmann/status/1284502534208528385Google Scholar
Lee, B.E., Moroz, D.J., Parkes, D.C.: The political economy of blockchain governance. Available at SSRN 3537314 (2020)Google Scholar
Lee, J.: Nubits (2014), https://nubits.com/NuWhitepaper.pdfGoogle Scholar
Lee, L., Klages-Mundt, A.: Governance extractable value (Apr 23, 2021), https://ournetwork.substack.com/p/our-network-deep-dive-2Google Scholar
Leshner, R., Hayes, G.: Compound: The money market protocol (2019), https://compound.finance/documents/Compound.Whitepaper.pdfGoogle Scholar
Limited, T.: Tether: Fiat currencies on the bitcoin blockchain (2016), https://tether.to/wp-content/uploads/2016/06/TetherWhitePaper.pdf, accessed: 08-06-2020Google Scholar
Lin, L.X., Budish, E., Cong, L.W., He, Z., Bergquist, J.H., Panesir, M.S., Kelly, J., Lauer, M., Prinster, R., Zhang, S., et al.: Deconstructing decentralized exchanges. Stanford Journal of Blockchain Law & Policy (2019)Google Scholar
Liu, B., Szalachowski, P.: A first look into defi oracles (2020)Google Scholar
Liu, M.: Urgent: Ousd was hacked and there has been a loss of funds (2020), https://medium.com/originprotocol/urgent-ousd-has-hacked-and-there-has-been-a-loss-of-funds-7b8c4a7d534c, accessed: 29-12-2020.Google Scholar
LongForWisdom: [urgent] flash loans and securing the maker protocol (2020), https://forum.makerdao.com/t/urgent-flash-loans-and-securing-the-maker-protocol/490Google Scholar
Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. pp. 254--269 (2016)Google ScholarDigital Library
Maker: The maker protocol: Makerdao's multi-collateral dai (mcd) system, https://makerdao.com/en/whitepaper/, accessed: 08-06-2020Google Scholar
MakerDAO: Makerdao (2019), https://makerdao.com/en/Google Scholar
Martinelli, F., Mushegian, N.: Balancer whitepaper: A non-custodial portfolio manager, liquidity provider, and price sensor. (2019), https://balancer.finance/whitepaper/, accessed: 26-08-2020.Google Scholar
McCorry, P., Hicks, A., Meiklejohn, S.: Smart contracts for bribing miners. In: International Conference on Financial Cryptography and Data Security. pp. 3--18. Springer (2018)Google Scholar
Nadler, M., Schär, F.: Decentralized finance, centralized ownership? an iterative mapping process to measure protocol token distribution. arXiv preprint arXiv:2012.09306 (2020)Google Scholar
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008)Google Scholar
Narayanan, A., Bonneau, J., Felten, E., Miller, A., Goldfeder, S.: Bitcoin and cryptocurrency technologies: a comprehensive introduction. Princeton University Press (2016)Google Scholar
Niemerg, A., Robinson, D., Livnev, L.: Yieldspace. https://yield.is/YieldSpace.pdf (2020)Google Scholar
OpenCollective: cadcad (2020), https://cadcad.org/Google Scholar
Opyn: Opyn (2020), https://opyn.co/#/Google Scholar
opyn: Opyn eth put exploit (2020), https://medium.com/opyn/opyn-eth-put-exploit-c5565c528ad2Google Scholar
Panja, S., Roy, B.K.: A secure end-to-end verifiable e-voting system using zero knowledge based blockchain. IACR Cryptol. ePrint Arch. 2018, 466 (2018)Google Scholar
PeckShield: 88mph incident: Root cause analysis (2020), https://peckshield.medium.com/88mph-incident-root-cause-analysis-ce477e00a74dGoogle Scholar
PeckShield: bzx hack full disclosure (with detailed profit analysis) (2020), https://medium.com/@peckshield/bzx-hack-full-disclosure-with-detailed-profit-analysis-e6b1fa9b18fcGoogle Scholar
Peckshield: Value defi incident: Root cause analysis (2020), https://peckshield.medium.com/value-defi-incident-root-cause-analysis-fbab71faf373, accessed: 13-01-2021.Google Scholar
Percent Finance: Important announcement (2020), https://percent-finance.medium.com/important-announcement-d35f9a0df112Google Scholar
Perez, D., Livshits, B.: Smart contract vulnerabilities: Does anyone care? arXiv preprint arXiv:1902.06710 (2019)Google Scholar
Perez, D., Livshits, B.: Broken metre: Attacking resource metering in EVM. In: 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23--26, 2020. The Internet Society (2020), https://www.ndss-symposium.org/ndss-paper/broken-metre-attacking-resource-metering-in-evm/Google ScholarCross Ref
Perez, D., Werner, S.M., Xu, J., Livshits, B.: Liquidations: Defi on a knife-edge. arXiv preprint arXiv:2009.13235 (2020)Google Scholar
Perez, D., Xu, J., Livshits, B.: Revisiting transactional statistics of high-scalability blockchains. p. 535--550. IMC '20, Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3419394.3423628 Google ScholarDigital Library
Permenev, A., Dimitrov, D., Tsankov, P., Drachsler-Cohen, D., Vechev, M.: Verx: Safety verification of smart contracts. In: 2020 IEEE Symposium on Security and Privacy, SP. pp. 18--20 (2020)Google ScholarCross Ref
Peterson, J., Krug, J.: Augur: a decentralized, open-source platform for prediction markets. arXiv preprint arXiv:1501.01042 (2015)Google Scholar
Pirus, B.: Cheese bank's multi-million-dollar hack explained by security firm (2020), https://cointelegraph.com/news/cheese-bank-s-multi-million-dollar-hack-explained-by-security-firm, accessed: 29-12-2020.Google Scholar
Qin, K., Zhou, L., Livshits, B., Gervais, A.: Attacking the defi ecosystem with flash loans for fun and profit (2020)Google Scholar
Raman, R.K., Vaculin, R., Hind, M., Remy, S.L., Pissadaki, E.K., Bore, N.K., Daneshvar, R., Srivastava, B., Varshney, K.R.: Trusted multi-party computation and verifiable simulations: A scalable blockchain approach. arXiv preprint arXiv:1809.08438 (2018)Google Scholar
Rate, D.: Cream finance partially delists ftt amidst governance contention (2021), https://defirate.com/cream-ftt-delisting/Google Scholar
Reijers, W., O'Brolcháin, F., Haynes, P.: Governance in blockchain technologies & social contract theories. Ledger 1, 134--151 (2016)Google ScholarCross Ref
Rekt: Harvest finance - rekt (2020), https://rekt.ghost.io/harvest-finance-rekt/Google Scholar
Rekt: Warp finance - rekt (2020), https://rekt.eth.link/warp-inance-rekt/Google Scholar
Rekt: The big combo (growth defi - rekt) (2021), https://rekt.eth.link/the-big-combo/Google Scholar
Rekt: Dodo - rekt (2021), https://rekt.eth.link/au-dodo-rekt/Google Scholar
Rekt: Meerkat finance - bsc - rekt (2021), https://rekt.eth.link/meerkat-finance-bsc-rekt/Google Scholar
Rekt: Paid network - rekt (2021), https://rekt.eth.link/paid-rekt/Google Scholar
Rekt: Yearn - rekt (2021), https://rekt.eth.link/yearn-rekt/Google Scholar
Reynolds, K., Pan, D.: Cover protocol attack perpetrated by 'white hat,' funds returned, hacker claims. CoinDesk (2020), https://www.coindesk.com/cover-protocol-attack-perpetrated-by-white-hat-all-funds-returned-hacker-claimsGoogle Scholar
Robinson, D.: Etherum is a dark forest (2020), https://medium.com/@danrobinson/ethereum-is-a-dark-forest-ecc5f0505dff, accessed: 24-11-2020.Google Scholar
Rodler, M., Li, W., Karame, G.O., Davi, L.: Sereum: Protecting existing smart contracts against re-entrancy attacks. In: Proceedings of 26th Annual Network & Distributed System Security Symposium (NDSS) (February 2019), http://tubiblio.ulb.tu-darmstadt.de/111410/Google ScholarCross Ref
Roughgarden, T.: Algorithmic game theory. Communications of the ACM 53(7), 78--86 (2010)Google ScholarDigital Library
Roughgarden, T.: Transaction fee mechanism design for the ethereum blockchain: An economic analysis of eip-1559. arXiv preprint arXiv:2012.00854 (2020)Google Scholar
samczsun: Escaping the dark forest (2020), https://samczsun.com/escaping-the-dark-forest, accessed: 24-11-2020.Google Scholar
Schär, F.: Decentralized finance: On blockchain-and smart contract-based financial markets. FRB of St. Louis Review (2021)Google Scholar
Swende, M.: Blockchain frontrunning (2017), https://swende.se/blog/Frontrunning.htmlGoogle Scholar
Synthetix: Litepaper (2020), https://docs.synthetix.io/litepaper/, accessed: 06-12-2020Google Scholar
Synthetix: Synthetix | decentralised synthetic assets (2020), https://www.synthetix.ioGoogle Scholar
Tarasov, A.: Millions lost: The top 19 defi cryptocurrency hacks of 2020 (2020), https://cryptobriefing.com/50-million-lost-the-top-19-defi-cryptocurrency-hacks-2020/Google Scholar
Thompson, P.: Defi project pickle finance exploited for $20 million (2020), https://coingeek.com/defi-project-pickle-finance-exploited-for-20-million/Google Scholar
Thurman, A.: Value defi protocol suffers $6 million flash loan exploit (2020), https://cointelegraph.com/news/value-defi-protocol-suffers-6-million-flash-loan-exploit, accessed: 29-12-2020.Google Scholar
Tokenlon: imbtc (2020), https://tokenlon.im/imBTC#/Google Scholar
Tolmach, P., Li, Y., Lin, S.W., Liu, Y.: Formal analysis of composable defi protocols. arXiv preprint arXiv:2103.00540 (2021)Google Scholar
Tornado: Tornado (2021), https://tornado.cash/Google Scholar
Torres, C.F., Schütte, J., State, R.: Osiris: Hunting for integer bugs in ethereum smart contracts. In: Proceedings of the 34th Annual Computer Security Applications Conference. p. 664--676. ACSAC '18, Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3274694.3274737 Google ScholarDigital Library
Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Buenzli, F., Vechev, M.: Securify: Practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. pp. 67--82 (2018)Google ScholarDigital Library
Uniswap: Uniswap (2020), https://app.uniswap.org/#/swapGoogle Scholar
Uniswap: Uniswap whitepaper (2020), https://hackmd.io/@HaydenAdams/HJ9jLsfTz#%F0%9F%A6%84-Uniswap-Whitepaper, accessed: 26-08-2020.Google Scholar
von Wachter, V., Jensen, J.R., Ross, O.: Measuring asset composability as a proxy for ecosystem integration. arXiv preprint arXiv:2102.04227 (2021)Google Scholar
Wallet, W.: Wasabi wallet (2021), https://wasabiwallet.io/Google Scholar
Wang, Y., Kogan, A.: Designing confidentiality-preserving blockchain-based transactionprocessing systems. International Journal of Accounting Information Systems 30, 1--18 (2018)Google ScholarCross Ref
Warren, W., Bandeali, A.: 0x: An open protocol for decentralized exchange on the ethereum blockchain. URL: https://github.com/0xProject/whitepaper (2017)Google Scholar
Werner, S.M., Pritz, P.J., Perez, D.: Step on the gas? A better approach for recommending the ethereum gas price. arXiv preprint arXiv:2003.03479 (2020)Google Scholar
Wintermute, M.: Hegic: On-chain options trading protocol on ethereum powered by hedge contracts and liquidity pools (2020), https://ipfs.io/ipfs/QmWy8x6vEunH4gD2gWT4Bt4bBwWX2KAEUov46tCLvMRcME, accessed: 13-11-2020.Google Scholar
Winzer, F., Herd, B., Faust, S.: Temporary censorship attacks in the presence of rational miners. In: 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). pp. 357--366. IEEE (2019)Google ScholarCross Ref
Wood, G., et al.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper 151(2014), 1--32 (2014)Google Scholar
Wright, T.: Akropolis defi protocol 'paused' as hackers get away with $2m in dai (2020), https://cointelegraph.com/news/akropolis-defi-protocol-paused-as-hackers-get-away-with-2m-in-dai, accessed: 29-12-2020.Google Scholar
Xu, J., Ackerer, D., Dubovitskaya, A.: A game-theoretic analysis of cross-chain atomic swaps with htlcs (2020)Google Scholar
YAM: Yam finance (2020), https://yam.finance/Google Scholar
YAM Finance: Yam post-rescue attempt update (2020), https://medium.com/@yamfinance/yam-post-rescue-attempt-update-c9c90c05953fGoogle Scholar
yearn: Incident disclosure 2021-10-27. https://github.com/yearn/yearn-security/blob/master/disclosures/2021-10-27.md (Oct 27, 2021)Google Scholar
Zamyatin, A., Al-Bassam, M., Zindros, D., Kokoris-Kogias, E., Moreno-Sanchez, P., Kiayias, A., Knottenbelt, W.J.: Sok: communication across distributed ledgers. IACR Cryptol. ePrint Arch. (2020)Google Scholar
Zamyatin, A., Harz, D., Lind, J., Panayiotou, P., Gervais, A., Knottenbelt, W.: Xclaim: Trustless, interoperable, cryptocurrency-backed assets. In: 2019 IEEE Symposium on Security and Privacy (SP). pp. 193--210. IEEE (2019)Google ScholarCross Ref
Zcash: Zcash (2021), https://z.cash/Google Scholar
Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: An authenticated data feed for smart contracts. In: Proceedings of the 2016 aCM sIGSAC conference on computer and communications security. pp. 270--282 (2016)Google ScholarDigital Library
Zhang, R., Xue, R., Liu, L.: Security and privacy on blockchain. ACM Computing Surveys (CSUR) 52(3), 1--34(2019)Google Scholar
Zhang, Y., Chen, X., Park, D.: Formal specification of constant product (xy= k) market maker model and implementation (2018), https://github.com/runtimeverification/verified-smart-contracts/blob/uniswap/uniswap/x-y-k.pdfGoogle Scholar
Zhao, W., Li, H., Yuan, Y.: Understand volatility of algorithmic stablecoin: Modeling, verification and empirical analysis. arXiv preprint arXiv:2101.08423 (2021)Google Scholar
Zhou, L., Qin, K., Cully, A., Livshits, B., Gervais, A.: On the just-in-time discovery of profit-generating transactions in defi protocols. arXiv preprint arXiv:2103.02228 (2021)Google Scholar
Zhou, L., Qin, K., Torres, C.F., Le, D.V., Gervais, A.: High-frequency trading on decentralized on-chain exchanges. arXiv preprint arXiv:2009.14021 (2020)Google Scholar

Recommendations

Disentangling Decentralized Finance (DeFi) Compositions
We present a measurement study on compositions of Decentralized Finance (DeFi) protocols, which aim to disrupt traditional finance and offer services on top of distributed ledgers, such as Ethereum. Understanding DeFi compositions is of great importance, ...
Read More
An empirical study of DeFi liquidations: incentives, risks, and instabilities
IMC '21: Proceedings of the 21st ACM Internet Measurement Conference

Financial speculators often seek to increase their potential gains with leverage. Debt is a popular form of leverage, and with over 39.88B USD of total value locked (TVL), the Decentralized Finance (DeFi) lending markets are thriving. Debts, however, ...
Read More
Atomic Bonded Cross-chain Debt
ICBTA '20: Proceedings of the 2020 3rd International Conference on Blockchain Technology and Applications

Inspired by the recent boom in decentralized finance (DeFi) and the unprecedented success of flash loan projects in this ecosystem, we introduce a decentralized debt derivative named atomic bonded cross-chain debt (ABCD) to bridge the gap between the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial Technologies
September 2022
330 pages
ISBN:9781450398619
DOI:10.1145/3558535
Chair:
Maurice Herlihy,
Program Chair:
Neha Narula
Copyright © 2022 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 5 July 2023
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
decentralized finance
DeFi
ethereum
blockchain
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 1,999
  Total Downloads
- Downloads (Last 12 months)1,999
- Downloads (Last 6 weeks)249
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

SoK: Decentralized Finance (DeFi)

AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial Technologies

ABSTRACT

References

Cited By

Recommendations

Disentangling Decentralized Finance (DeFi) Compositions

An empirical study of DeFi liquidations: incentives, risks, and instabilities

Atomic Bonded Cross-chain Debt