6 Ways to Avoid Losing Your Funds to DeFi Scams in 2021
The DeFi industry is booming, and there are no two ways around it. Ever since the summer of 2020, dubbed by many the ‘DeFi summer,’ the total value locked in various protocols is increasing, while the volume on decentralized exchanges and automated market makers is skyrocketing as well.
However, this has also substantially increased the number of exploits in the DeFi space ever since.
In 2021 alone, we saw an array of various scams, ranging from hacks, exploits, and rug pulls.
The infographic above speaks for itself, and it shows that even some of the most reliable protocols are subjected to potential exploits. However, as Vitalik Buterin put it during the 2019 Ethereal Summit of 2019, there’s a non-zero chance of failure when it comes to DeFi protocols.
Nevertheless, while there are some inherent risks associated with every protocol, there are blatant scams, exploits, and rug pulls, which can be avoided en masse with the necessary due diligence.
With this in mind, we take a look at a few things you should consider before investing in any DeFi-based project, regardless of whether it’s on Ethereum, Binance Smart Chain, or any other blockchain out there.
Which Are The Most Common Scams to Look Out For?
Before we dive into how to know a project is scammy, let’s have a look at the most common types of scams that you should look out for.
- Hacks and Exploits
This is without a doubt something to be aware of. The DeFi space is a playground for avid hackers who’re looking for every tiny loophole in various protocols to exploit and make off with as much money as they can.
We’ve seen plenty of examples. For instance, one of the most recent hacks was that of the decentralized exchange DODO.
As CryptoPotato reported, several V2 crowd pools that belonged to the exchange were exploited, and the hacker managed to steal $3.8 million.
- Exit Scams
Exit scams are also something to be aware of. They take place when the team behind a certain project disappears, taking the money of the investors with them, leaving nowhere to be seen.
These scams happen most commonly during the early investment rounds. For example, a project might be promoting a private sale where investors get a great deal before their token hits the public market. Unfortunately, in certain cases, the project never reaches that stage because the team pulls an “exit scam” and makes off with the money they’ve received from early investors.
These could also arguably classified as exit scams. However, they differ in that the team doesn’t get away with the money users invest in a presale round but rather list the token on a decentralized exchange (such as Uniswap, SushiSwap, PancakeSwap, etc.) and then waits for enough people to jump on board, providing liquidity to the pool.
Once they’ve gathered enough people and, respectively, funds, the team would “pull” the liquidity out of the DEX, collecting everyone’s stake in it.
We saw plenty of rug pulls taking place on Uniswap last year, and this year, and now PancakeSwap, the largest DEX on Binance Smart Chain, has also become a playground for scammers of this sort. The latest example comes from a project called TurtleDex, which made off with $2.5 million in BNB.
6 Ways to Avoid Investing in DeFi Scams
Now that we’ve identified the most popular types of DeFi heists let’s see how to protect ourselves from them to the best of our abilities.
Keep in mind that, as stated above, regardless of how perfect your research is, DeFi protocols carry an inherent non-zero chance of failure. Hence, even if you’ve done your homework, the project might still be jeopardized. Nevertheless, you owe it to your investment to reduce this risk to the bare minimum.
Research the Team
Before you consider investing in a project, one of the first things you need to look at is who’s behind it. Of course, there are quite a lot of nuances to this.
First, if you see that the project has an “about us” page where the core team members are unreliable or have provided fake LinkedIn profiles created a couple of weeks back with no connections or previous history, this should be a major red flag. Always try to find out as much as you can about the people behind the project – what kind of work they’ve been doing before that? Can their identity be verified? Have they been involved in previous projects? There are all sorts of answers you should get before jumping in and throwing your money.
Now, there’s a growing trend in the DeFi space where developers remain anonymous. There’s a debate in the cryptocurrency industry as to whether this is good or not. Nevertheless, even if the team is anonymous, there are still plenty of things you can and to conduct proper research.
For instance, you can join their community channels on Telegram and start asking questions. If you see that they start answering with commonly dubious answers like “this information will be made available after the token sale,” or they start acting aggressively, do yourself a favor and stay away. Sure, you might miss out on potential gains, but 9 times out of 10, you’ll be taking an unnecessary risk that’s just not worth your time nor your investment.
Advisors and Known Funds – Less Risk
Another thing to consider is the list of advisors and investors in the early rounds. Projects with well-known advisors are generally a lot more reliable, and the same goes for their investors.
If the project fails to disclose its list of early investors and doesn’t provide any information about its advisors – it might be a red flag. This, coupled with a completely anonymous team, should definitely sound an alarm.
Keep in mind that every DeFi protocol might get hacked. However, if it has serious backing by reliable investors and a proper, well-known team, the chances of refunding its users or undertaking other initiatives to compensate their losses are substantially higher.
Research the Product
Investing in DeFi projects should be justified by the same merits as in any other investment. You need to look into the product and determine whether you see a path where this product actually works.
You should also take a look at the overall materials that the team has provided so far. If you only see a basic website coded in WordPress in a few hours with a 1-page whitepaper and no clear roadmap, walk away.
Anyone asking for a serious investment should go through the trouble of preparing professional deck materials, clearly explaining the benefits of the product, the challenges of the market, and how they plan to tackle them.
Is the Smart Contract Public?
Every DeFi-based project comes with a smart contract. You should take a look if the team has made their smart contract public. This allows you (or experts) to verify its authenticity, as well as to explore potential loopholes and attack vectors.
Now, there’s a point to be made that a team won’t make their smart contract public out of forking considerations where someone else might pick it up and monetize it quicker.
However, the general rule of thumb for you should be to only invest in projects with private smart contracts, so long as the team behind them is fully verified, reputable, and reliable with a proven track record. If you see that the team is completely anonymous, their product is dubious, and their smart contract is not public, you’re better off walking away.
Look for a Smart Contract Audit
This is absolutely imperative. Never, I repeat, never invest in projects that haven’t had their smart contracts audited yet. This, again, has nuances to it.
If you’re a tech-savvy person with a sound understanding of Solidity and other programming languages used to code smart contracts and are fully capable of examining them on your own and you’ve done your homework – this shouldn’t be a concern.
However, if you’re an average Joe, just like most of us when it comes to complex coding, you need to trust the work of experts with proven track records in the industry – a.k.a, auditors, and auditing companies.
If a reliable auditing entity has determined that the code is free of loopholes, you can justify an investment in it. Otherwise – steer clear. The risk is not worth it.
Token Distribution & Initial Market Cap
Before investing in a nascent DeFi project, make sure to check out how the tokens are distributed.
If you see that the team behind it will remain in possession of huge portions of the tokens in circulation, this should sound an alarm.
Needless to say, if the token distribution chart isn’t public – you should probably consider skipping it altogether.
Also, you should make sure to check out the vesting periods. If there are none and all tokens are unlocked during the token generation event, you should probably consider the possibility of an exit scam since nothing is stopping the team from dumping their coins on the market.
This is why reputable projects have different vesting schedules where the team, as well as seed and private sale investors, have their tokens unlocked periodically and not all at once.
In terms of the initial market cap – projects with smaller initial market valuation have greater chances of providing higher returns. Of course, the bigger the market cap is the smaller its potential for disproportional returns. In 2021, a project with a starting market capitalization below $50 million could be considered reasonable.
These are some of the things you should look out for when investing in DeFi-based projects. The important thing to remember is that all of the above should be checked out in conjunction.
As long as you have done all the research and determined that you can reliably put your investment in a said project with minimal risks for some of the above scams, you can justify it.
However, if one or more of the above sound the alarm, you should proceed with caution.