Since its early days, the decentralized finance (DeFi) market has attracted all sorts of malicious characters trying to exploit it. They have been drawn by the sheer amount of funds passing hands, the anonymity it provides, and the lack of efficient prevention mechanisms.
Their attacks have cost the DeFi market billions of dollars worth of assets per year. The most common types include:
- Flashloans — loans that have to be paid back in the same block they’re taken can be exploited to extract funds from smart contracts.
- Exchange hacks — hacking centralized and decentralized exchanges to extract funds.
- Wallet hacks — security vulnerabilities can allow hackers to gain access to users’ funds in wallets.
- Token minting — exploiting the minting functionality to create new tokens and sell them.
- International rug-pulls — the token team itself pulling liquidity, minting new tokens, and dumping them.
Sadly, this problem isn’t showing any signs of dissipating. On the contrary, as cryptocurrencies become regulated and banks jump on the bandwagon, hackers are becoming even more incentivized to attack than ever before.
Existing solutions and their questionable efficacy
The existing DeFi market currently doesn’t have entirely effective means in place to battle these exploits. When they occur, the only existing possibilities are hack mitigation (via audits) or post-hack solutions (insurance or money tracking). Unfortunately, these solutions are far from ideal and rarely successful.
When hacks take place, fund tracking and analytical companies try to hunt the offenders by waiting for them to make a mistake of moving the funds somewhere, thus revealing their identity. Relying on this can hardly be called an effective approach. Yes, it does work in certain situations, but hackers are typically more careful than to allow themselves to get caught this way.
Additionally, audit companies work to prevent hacks and audits do happen, but hacks are still frequent due to human or technical error. This was best illustrated by PAID Network which had several successful audits. However, a mint hack on the protocol has allowed an attacker to mint a staggering $100 million worth of the token and dump it, thus instantly bringing the price down by 80%.
Some companies employ a different approach. For instance, Tether can freeze and destroy its tokens (USDT), recovering them if fraud occurs. The company then contacts the user to confirm that the funds were lost and to retrieve the tokens. Finally, it uses a function in its smart contracts to blacklist the ETH addresses that these tokens were directed to. While this sounds more efficient, this approach still isn’t without flaws — it is far too centralized.
To put a stop to exploits and retain the market’s essential quality — decentralization — there has to be an appropriate solution, one that would combine the best of both worlds (centralized and decentralized). Until such a solution is introduced, hacks will continue to happen, turning away investors, hurting token creators, and obstructing mainstream adoption of digital assets.
Lossless to the rescue!
In an effort to minimize these problems, a team of experienced engineers, DeFi experts, finance professionals, and white hat hackers has devised a solution:
a new protocol which would enable safe and reliable DeFi investments, as well as support the development of blockchain technologies.
Making an earth-shattering impact by creating a new industry on its own, Lossless is focused on stopping and reverting hacks as they happen. Its unique structure aims to include game theory mechanics and a decentralized decision-making body that resolves the hacking situation in the most unbiased way.
Lossless takes the Tether model and improves it by allowing anyone to initiate the transaction freezing, while three independent parties decide on the ultimate outcome. This protocol is a piece of code that token creators insert into their tokens. This way, they get a tool that facilitates mitigating any fraudulent transactions based on a set of fraud identification parameters.
Specifically, hack-spotting bots will scan for and identify any unusual activities. They will achieve this by monitoring for:
- on-chain events,
- any unusual token activity (like substantial transactions, liquidity pulls, and the like),
- third-party reports (such as public reports).
After the hack is identified, anyone can freeze the transaction for 24–48 hours, if they stake their LSS (Lossless) tokens.
The next step includes the decentralized Lossless decision-making body, consisting of:
- token creators,
- Lossless Committee,
- Lossless Company.
This decision-making body reviews the frozen transactions and makes a trusted and unbiased decision on the validity of the hack.
If the hack is valid, then further steps are taken, which involve freezing the offending address for 14 days and enacting the decision-making body’s proposal for permanent freezing of the receipt address and reversing the transaction. If the hack isn’t valid, then the finder’s staked tokens are slashed and the address in question is unfrozen.
The hack-spotting bots can be created through the Lossless API and are open-source for contribution from anyone. There’s also a winner-takes-all incentive for token creators and hack spotters, provided to encourage the community to evolve and improve this initial model on a daily basis. Specifically, it includes a fixed percentage fee for token creators from a saved hack, with no upfront cost. The first spotter to take action also gets a reward.
To make all this happen, Lossless will provide:
- an intuitive dashboard that enables manual transaction overview and hack reporting for hack-spotters,
- bot-friendly APIs for community-created hack-spotting bots,
- a transparent reward system that will stimulate high levels of participation and innovation.
Minting a better future for the DeFi market
The existing DeFi mechanisms are only good to a certain point, and law enforcement can’t do much in this very new and still developing market.
This is why, in order to attract mainstream public and investors, a solution like Lossless is of utmost importance. As the Lossless protocol takes hold and hack-spotters compete to create the fastest hack-spotting tool, the efficiency of the system is bound to improve over time.
Are you ready to start contributing to a safer DeFi environment, with minimal losses from hacks, exploits, or social engineering? Then join us and show your support today by visiting our:
