Decentralized finance (DeFi) is rapidly evolving, but insufficient transparency, a lack of shared awareness about its risks, and methods to measure and mitigate those risks continue to pose challenges to its users, according to a report by international risk assessment firm Moody’s.
Prepared in cooperation with financial modeling platform Gauntlet, Moody’s analysis identifies three risks typical for traditional lending relationships:
- valuation risk, or changes in the valuation of the loaned funds and the loan amount, including interest;
- opportunity risk, or the likelihood of a more profitable offer appearing in the future;
- counterparty risk which results from informational asymmetry between the borrower and lender who each could have better knowledge of their side of the bargain.
In general, this third gap shows up in two ways — the first being adverse selection. “A company issuing a new bond, for instance, has better insight into its financial and strategic positioning than those buying the bond,” the report said.
They argued that adverse selection in DeFi looks similar, though not identical. On the borrower side, interest rates are public, open source and verifiable, given that lending code exists immutably on the blockchain. On the lending side, due to the current DeFi state, only overcollateralized loans are possible; said the report, adding that:
“Adverse selection largely becomes a function of proper collateral valuation, which is less of a concern with sufficiently liquid collateral.”
The second conflict is principal-agent, and it arises in DeFi through the mismatch in incentives between investors in the platform, such as liquidity providers or lenders, and those who govern it.
MakerDAO, for example, which oversees the stablecoin DAI, uses the competing DAI Savings Rate and platform stability fees as its primary methods to regulate loan supply and demand, explains the report — creating and destroying their MKR governance token to “satisfy platform treasury discrepancies.” This, according to Moody’s and Gauntlet, “directly impacts the price of MKR, often to the detriment of investors.”
The analysis recognizes that, taking into consideration the rapid evolution and rise in popularity of DeFi, it is difficult to properly quantify risk.
They argue that they can identify several “critical dimensions” of risk which tend to impact all DeFi protocols, though not equally. These dimensions can then be “segregated” into:
- Systemic risks, or risks that impact a large part or all of the DeFi ecosystem – they comprise currency, regulatory and blockchain risks. Exposure to these risk factors may differ substantially per platform.
- Idiosyncratic risks, or risks that impact a single protocol or group of protocols – they consist of security contract, governance, cooperative, and oracle risks. They by nature tend to be unique to a specific platform.
“This leads to the most important factor in understanding platform risk exposure: mitigation techniques,” Moody’s and Gauntlet said, explaining that:
“While all DeFi platforms may depend on similar primitives – namely the existence of a smart contract-supporting blockchain and crypto-accessible collateral – the economics coded into the protocol’s design, the quality of the smart contracts and continued maintenance by developers, and the dynamic tweaking of key parameters by governance holders dramatically impact risk quantification.”
The analysis concludes that consistent risk modeling for DeFi must consider all of the identified sources of risk for protocols: contract, market/currency stability, oracle/external dependencies, governance, regulatory, as well as cooperation.
– DeFi Trends in 2022: Growing Interest, Regulation & New Roles for DAOs, DEXes, NFTs, and Gaming
– 2022 Crypto Regulation Trends: Focus on DeFi, Stablecoins, NFTs, and More
– The TradFi-DeFi Tug of War: Is a DeFi-Only Utopia Possible?
– DAOs, Token Holders Could Face New Tax Liabilities, PwC Report Warns
– Centralization Caused Most Decentralized Finance Hacks in 2021
– Santa Hackathon? Visor Finance Marks 7th Hack in December