Everything comes at a price, and DeFi is no exception.
DeFi is still experimental to a great extent, so technological risks of using DeFi are still great.
However, while the technological side is obviously important, economic and legal issues are of comparable importance. No matter how cool the technology might be, neglecting the laws of economy and state deprives it from any future. Even the best code cannot protect one from economical or legal risks, after all.
Risk #1: Single point of vulnerability
While decentralized ecosystems boast themselves on being safer due to the lack of a single point of vulnerability, it might not be the case all the time.
Over 90% of all DeFi apps currently in existence are based on Ethereum. It means that if anything happens to Ethereum, all those apps will follow like dominoes.
It all comes down to Ethereum’s well-known troubles with scalability and security. A network overload would make the transaction confirmation speed unpredictable, and fees unbearable. Any vulnerability may cost millions. No matter how you look at it, it’s hardly a reliable basis for a next-gen global financial ecosystem.
Risk #2: Open-source code
Aside from the failure risk for a public blockchain, each DeFi app has its own set of specific risks related to the code of the app in question. No matter how good of a coder you might be, there are always bugs. And as long as your app is open source, they are visible to anyone. That includes both benevolent auditors and malicious hackers who can use your vulnerability to bring you down. Some DeFi projects even offer insurance against a hack of a smart contract, though it’s hard to tell whether it will become really efficient.
Risk #3: Mutual dependability
It’s not rare that one DeFi app is built on top of another. As a result, if an underlying app goes south, it can cause a domino effect and disrupt the operation of related apps.
Risk #4: Oracles
If an oracle provides faulty price feeds for whatever reason, it can cause the app’s users to lose money, panic, and even flee. Moreover, the panic will distribute across wider audiences of other apps and lead to more devastating effects.
Risk #5: Depreciation of collateral
ETH in DeFi apps are often used as collateral for different loans. If the price of the collateral abruptly drops, the borrower has no time to refill their collateral before the margin call. As ETH price abruptly drops, the associated smart contract cannot sell the collateral to effectively redeem the loan. As a result, the creditor and the borrower will both lose money.
That is even more hurtful considering the volatility of ETH price that can theoretically skyrocket the day after that.
If collateralized ETH are being sold at a massive scale, the price will plummet even faster. This will cause even more loans to become uncollateralized. Their collaterals will be sold. This in turn will push the ETH price further down. It would be a negative feedback loop.
Deposits in DeFi apps are not insured by the government or the FDIC so nobody will cover the user’s losses if anything like that happens.
On top of that, interest rates can also be volatile. That creates an additional economic risk for the users of DeFi apps.
Risk #6: Regulation
Some say that code is the law. However, it’s the law that does not replace traditional laws or law enforcement. Even the most orthodox crypto-anarchists have to live with that.
If a digital asset is considered a security, i.e. it can bring passive income to its holder, there’s always a chance the regulator will consider it unregistered security. And unregistered in this case means illegal.
It doesn’t involve just tokens. DeFi apps themselves are in the danger zone: today they can function without any licenses but it’s doubtful this will remain like that forever. The experience of cryptocurrencies suggests that regulators will notice DeFi and try to take it under their control as soon as the apps become popular enough. Stablecoins like DAI have already attracted some regulatory attention.
Risk #7: Law enforcement
DeFi is pseudonymous. You don’t know who you lend your money to or borrow it from. There’s always a chance there are some really bad guys on the other end. In that case, law enforcement will have all the reasons to visit you and, in the best case scenario, ask you a few questions. Pseudonymity of public blockchains is no longer a problem for the authorities thanks to projects like Chainalysis, and one should never forget about that.
DeFi is still nascent, which means that it brings about high risks and proportionally high rewards (or losses). Early adopters accept higher risks in the hopes of a higher reward while conservative users wait for the technology to mature. They will lose potential high rewards but will keep themselves safe from most risks associated with new technologies.
But whichever category you fall into, remember: DeFi is not only risks. It also is an opportunity.