In an unregulated ecosystem, with an overwhelming level of innovation, we can expect no less from malicious actors looking to make their own profit. It is a must for every user to be able to identify fraud in DeFi and thus protect their funds. For those who have been in this ecosystem for a few years, the number of frauds, scams or outright thefts they have witnessed may be a number they have lost track of. Although no user is free from falling prey to these malicious actors, it is essential for those who are taking their first steps in this world to be informed and alert. Without further introduction, let’s review the details to keep in mind to avoid these unfortunate situations.
When we talk about fraud in DeFi, we encounter a wide variety of events. But, for the purposes of this article we can summarize that “rug pulls”, seed phrase thefts and hacks suspected to have been generated by the team itself, are the most common ones we encounter. Let us briefly analyze each of these frauds, so that we all know them better.
A “rug pull” is when those behind a project run off with the project funds. There are several methodologies to carry out this type of fraud and their executions are perfected daily, making them less predictable and, therefore, avoidable. Let’s understand how a RugPull works:
Another common practice is the following:
This method of fraud is undoubtedly the one that causes the greatest impact due to the amount of funds that disappear from the hands of crypto-users. Perhaps now it is clearer why it is called “rug pull”. Imagine crypto-users standing on a rug and, suddenly, the developers violently pull it out. Just like their finances, they will be left on the ground… In this article, you can learn more about what it is and how to identify a RugPull.
This is an extremely common practice, by means of which a large number of new users of the ecosystem tend to lose their holdings. To avoid this fraud, it is necessary to engrave the following commandment:
Upon entering this ecosystem, one hint we get right away is “the seed phrase is not shared with anyone”. And, boy, is that a great piece of advice. The only time we should use it is to retrieve our wallet on a device. This fraud operates as follows:
2 tips to avoid this fraud:
The DeFi universe has had the, oddly enough, privilege of witnessing a lot of “hacks” in which thieves try to teach developers a lesson and end up giving back some of what they stole. Yes, I can imagine your surprise when reading this, but we pile up cases of this kind. The suspicion, when faced with this type of event, is that it is a simulation that comes from the bowels of the project itself. Undoubtedly, by entrusting our funds to a decentralized platform, we are assuming that those behind it will behave honestly. In the next section, I will develop some guidelines to be alert and try to avoid this complex situation, which in too many occasions, we only become aware of once it has been consummated.
It is not easy to have a history free of fraud or scams when we interact with this ecosystem on a daily basis. However, there are certain rules and points on which we should focus our inevitable research on the applications to which we entrust our money.
Estas simples reglas, te ayudarán en tu camino por el “lejano oeste” de DeFi:
In order to avoid falling prey to malicious actors in our ecosystem, we should be able to confidently answer the following questions about each of the protocols in which we choose to invest.
This is a key question. The tokenomics of the projects can give us a sense of the intentions behind them. When the total amount of the issue has a large percentage dedicated to the founding team, it can be a red flag.
Although we are not facing an infallible indicator, the fact of the anonymity of those who develop a project can facilitate the escape routes, of course, with the users’ money in their wallets.
Much has been discussed about the validity of audits. We have seen cases of non-exhaustive audits, carried out in a testimonial or light manner, with the sole purpose of having that seal. On the other hand, we have seen cases in which, after a “reliable” audit, contracts are modified and frauds are perpetrated.
Key point for a community that favors transparency. If the code of a project is not shared publicly, we are facing a warning that may indicate that there is something to hide…
Generally, DeFi frauds come from platforms that are nothing more than a quasi-exact copy of existing protocols. Innovation, although not a guarantee, usually gives us another peace of mind.
When we encounter exaggerated movements in the price of a platform’s token, crypto-signs pucker up. Generally, suspicious movements indicate price manipulation, prior coordination or centralization in distribution.
Do those who support the platform in question through social networks have a reliable track record? It is important to verify that those who are within the community of a project are users who do it on their own initiative and do not pursue an extra interest.
In order to prevent and identify fraud at DeFi in time, there is no better practice than the famous “DYOR”. This acronym condenses the phrase “do your own research”, which translated into our language, means “let’s do our own research”. However, when researching a DeFi project or platform, we must take into account the speed with which they proliferate. Therefore, the use of tools that facilitate our research is always welcome. Let’s briefly review some of them:
Blockchain explorers, those that allow us to observe all the transactions that take place in them, are also a great ally when it comes to anticipating fraud. If we have doubts about a platform or its token, here we can:
Armed with this data, we can draw important conclusions about a project. On the other hand, there is a section for user comments, which can contribute to our research. Examples of blockchain explorers are:
In any case, a google search for the name of the network plus the word explorer should return the expected result.
Using this tool, we can analyze tokens from Ethereum and Binance Smart Chain networks. By simply pasting the token’s contract address, we will obtain a list of all the orders executed in relation to it. In case we find that there are no sales, it is probably a token programmed with the impossibility of sale, thus when buying it the user’s funds are trapped. Of course, the only one able to sell them is the holder of the address that gave birth to them, so he will be able to get the money from his creation. You can also use Coindix, which allows us to verify features of DeFi applications such as:
Undoubtedly, a tool to always have at your fingertips when it comes to avoiding fraud in DeFi.
It is a simple platform, adapted to the analysis of Ethereum and Binance Smart Chain networks. After copying and pasting the token’s contract address into the search bar, TokenSniffer will provide an analysis of important points to consider about the contract in question. Another highlight of this tool is that it has a list of known frauds and hacks. The platform we are investigating may not be found, but it can save us time in the future or provide us with information to warn other users. As we already know, in the crypto-metaverse information is shared and we are all empowered by each other.
Far be it from the objectives of this article to discourage new users from entering the DeFi ecosystem, due to the risks to which we expose ourselves here. The intention is just the opposite. Knowing the common types of frauds in DeFi and having tools to prevent them, we will be able to dive with greater confidence. The reality is that an unregulated environment based on programming and finance is the perfect context for the birth of fraud. Comparisons between the DeFi ecosystem and the famous “Wild West” at times materialize in front of astonished crypto-eyes. Either way, by conducting our own research and being careful with our movements, we will be able to successfully surf this “no man’s land”. It is said ad nauseam that the greater the risk, the greater the benefit. Let’s mitigate the risks through research in order to come out on top by accumulating profits.