- DeFi hacks continue to rob investors of millions of dollars in crypto assets.
- A group of Ethereum community members have devised a solution to backstop losses.
- The solution has its pitfalls.
In the first half of 2023 alone, there have been about 85 exploits in the decentralized finance (DeFi) space accounting for $292 million in losses across the ecosystem, according to data from Beosin, a blockchain security firm.
Amid the continued losses to investors, some members of the Ethereum community have proposed ERC 7265, a new standard to reduce losses from DeFi hacks. But as admitted by its developers, ERC 7265 is not without flaws.
How Does ERC 7265 Work?
Built by a team that includes Hydrogen Labs smart contract developer Diyahir Campos, Dereg founder Phillipe Dumonet, and Fluid Protocol founder Meir Bank, ERC 7265 (or “Circuit Breaker”) is designed to slow down or halt outflows from DeFi protocols when they exceed a set threshold.
A study by these developers concluded that DeFi protocols do not typically record over 25-40% in daily outflows.
In a Twitter thread introducing the “Ethereum Request for Comment” on Monday, June 3, Bank notably argued that the biggest flaw in DeFi security was the “lack of response time to mitigate hacks.” He asserted that it is often too late when an exploit is identified, as treasuries are wiped out in a matter of minutes.
The developer posits that ERC 7265 could solve this by giving ample time for governance to identify and respond to hacks by pausing outflows.
The backstop notably does not work for immutable protocols and, as Bank explained, is designed with upgradeable protocols with governance teams in mind.
The solution, however, has its flaws.
“Not a Silver Bullet”
“CBs [Circuit Breakers] are not a silver bullet,” Hydrogen Lab’s Diyahir contends in a blog post on June 27. As highlighted by the developer, the most obvious reason for this statement is that ERC 7265 does nothing to prevent hacks.
Exploiters can take as much as the circuit breaker allows or carry out small attacks over time that could go undetected.
Another possible drawback is that the ERC 7265 protocol can be triggered by accident, depending on where the threshold is set.
Diyahir explains that in the best case, the proposed standard will only minimize investor losses.
On the Flipside
- It is nearly impossible to totally prevent DeFi exploits as no protocol is 100% infallible.
Why This Matters
ERC 7265 could save DeFi investors millions of dollars, but its loopholes are worth considering.
Read this to learn more about the thrilling Euler Finance hack that initially led to the loss of about $200 million in crypto assets:
The investigation into Binance Australia’s derivatives business continues. Find out more: