The DefiSafety website, created at the end of last year, is dedicated to ranking decentralized finance (DeFi) projects and platforms based on their security levels. The tool has recently gained strength due to the demand of users to verify the security of the platforms they use.
The 5 safest DeFi according to Defi Safety are: Compound (97%), mStable (97%), Synthetix (96%), Bancor (96%) and Gnosis Safe (95%). The latter received this validation recently from the site.
Among other DeFi that according to the website have higher security levels are Ampleforth (93%), Yearn V2 Finance (93%), dydx (92%), AAVE V2 (91%), Gnosis DEX 91%, Kyber 89 %, Maker DAO (85%), Uniswap DEX (86%)
On the other hand, the 5 most insecure DeFi according to data from the same site are: YFFI Finance (2%), Perlin X (3%), YFV Value DeFi (8%), CREAM (8%) and DeFiner (20%).
All the DeFi platforms mentioned above are categorized according to their level of security, regardless of how useful they are.
The DeFi found in DefiSafety are classified into the categories of assets or crypto assets (assets), decentralized autonomous organizations (DAO), derivatives, decentralized exchanges, indexed exchanges (index) and lending platforms (lending).
How DefiSafety works
In an explanatory publication on the website, DeFiSafety details what are the elements that they verify in each audit to make their classification. Using a criterion that seeks to verify quality, they explain that their methods are applicable to all smart contracts, not just those used in DeFi. The process can be summarized in the following steps:
- The first thing is to verify that the address of the smart contracts already deployed on the blockchain are shared or published in a timely manner by their developers.
- Next, we proceed to verify that the published contract address is the same as that indicated in the software repository used to program the contract.
- Also, all documentation about the capabilities of the smart contract and what tasks it can perform should be available .
- The fourth point to verify is that the developers have carried out tests or simulations and show evidence of this, executing the code that they claim corresponds to the smart contract.
- As the fifth aspect, but not least, the smart contract code must be verified by experts outside the project , to avoid any bias in its evaluation.
In this way, through a series of tests and questions, DefiSafety analysts analyze the security of a smart contract. However, they clarify, the code evaluation does not determine if the contract is the most appropriate to coordinate a specific financial scheme or protocol, since they do not focus on evaluating its efficiency in this regard.
Above all, transparency is the most important thing for DefiSafety, they point out in another publication. Although a high level of transparency does not free a smart contract from being vulnerable if an attacker intends to undermine it, it is a desirable practice for the industry as it provides more certainty to all its participants, they say.
Demand for DeFi security increases
The platforms blockchain finance decentralized or DeFi, many based on ethereum protocol, promising massive financial inclusion users worldwide.
The origins of these platforms as Ethereum’s decentralized application concept (dApps) date back to 2017 and 2018, with the rounds of initial funding or initial coin offerings (ICOs) taking place frequently during those years.
Although some did not last and were relegated to the last positions in the market, many times abandoned by their developers, financiers and communities, during 2020 applications such as MakerDAO, Compound, AAVE, Uniswap, SushiSwap and many others have had significant growth.
Being an attractive focus for cryptocurrency users , security has become increasingly important. Not for nothing have been the numerous attacks and incidents that some platforms have received, as we have reported in Cryptoreportage, leaving thousands of users without their money and these projects seriously affected.