About the Risk in DeFi category

A forum to discuss categorisation of risk in DeFi and on specific protocols.

Risk Framework

Our framework is grounded in established risk management techniques and uses a high level qualitative approach to ratings. To start, we classify risk into 3 main categories.

1. Technical Risk

This is the risk of the smart contracts not behaving as intended by the developers. It is very hard to code error free so there is always some level of technical risk that exists. Audits, extensive testing, formal verification as well as how “battle-tested” the contract are factors that can reduce technical risk.

2. External Risk

This is the risk of external information influencing how the smart contracts operate to the detriment of other users. For example, an oracle could provide malicious data, and administrator could change a system parameter or governance procedures could be co-opted.

3. Economic Incentive Failure Risk

Many smart contract systems, especially in the DeFi space rely on economic incentives to encourage network participants to perform certain actions. These incentives could fail to encourage the right behaviour or not be adequate enough leading to other users being adversely impacted. For example, the incentives in the MakerDAO smart contracts could be too aggressive and the DAI <> USD peg could break if the ETH price drops too far, too quickly.