Decentralized Finance: 2022 Overview, 2023 Outlook
2023-02-22 08:51:17 UTC
Eden Au
A look at decentralized finance, including: lending, decentralized exchanges, derivatives, decentralized stablecoins, exploits, and more.
Quick Take
The DeFi space contracted in 2022 as metrics including total value locked, volume, and revenue dwindled. The collapse of a flawed algorithmic stablecoin had a ripple effect throughout the crypto industry.
The amount of funds stolen in DeFi exploits increased by half in 2022, with more cross-chain bridges getting attacked. Most stolen funds were unable to be recovered.
Regularity clarity will expand the total addressable market for DeFi, but certain parts of DeFi could be marginalized, such as privacy-preserving protocols.
State of DeFi in 2022
DeFi refers to the open and composable financial system facilitated by immutable public ledgers and smart contracts, acting as an alternative to the traditional opaque financial system. It gives users permissionless and borderless access to financial instruments without relinquishing asset custody to centralized intermediaries.
While the DeFi space experienced an expansionary phase in 2021, TVL in DeFi contracted throughout 2022 from $166 billion to $42.1 billion, which corresponded to a 74.6% decline. DEXs and lending platforms remained two of the most popular venues in DeFi by TVL.
The most drastic plunge in TVL was recorded in May when the entirety of the Terra ecosystem collapsed within days, as discussed in the Algorithmic Stablecoins subsection. Smaller scales of decline were also witnessed in June and November, seemingly driven by the fallout of Celsius Network and FTX, respectively, as discussed in the State of the Market section.
Figure 178: Value locked in DeFi by categories in 2022 Source: The Block Data Dashboard
Using DEX trading activities as a proxy for DeFi activities, DeFi users were less active in 2022. DEXs monthly active addresses and the ratio of that to Ethereum active addresses were both in decline in H1 2022 before a partial recovery in the second half. 8.9% of Ethereum transactions were DEX trades in November, up from 5.6% in July but down from 11.5% in January.
Figure 179: DEX monthly active addresses in 2022 Source: Dune Analytics (@drod729)
The dominance of DeFi tokens in the crypto market cap revealed a similar pattern as it bled in H1 2022, before bottoming at 0.78% in mid-June and slowly ascending back to pre-Terra collapse levels. Its dominance currently sits at 1.11%, down from 1.47% at the beginning of the year.
Figure 180: DeFi dominance in 2022 Source: The Block Data Dashboard
Revenue generated by DeFi protocols also took a massive hit amid a more challenging economic environment. While Uniswap remained the leading protocol by revenue, with an annual revenue of $792 million in 2022, its monthly revenue sank from $134 million in January to $53.3 million in November.
Figure 181: Monthly DeFi revenue in 2022 Source: The Block Data Dashboard
Nevertheless, Uniswap's revenue was supply-side captured by LPs, while the protocol captured none. Curve generated the most protocol-side revenue with an annualized protocol revenue of $36.5 million despite only cornering 9.6% of the DEX market by volume. Unlike Uniswap, Curve's gross revenue is equally split between protocol token holders with tokens in escrow (protocol) and LPs (supply-side).
Figure 182: Annualized DeFi revenue by protocol (30-day sample) in 2022 Source: The Block Data Dashboard
Decentralized Exchanges
Despite a revenue drop, decentralized spot exchanges generated a total of $1.1 trillion volume from January to November 2022, corresponding to a mere 8.2% decrease compared to the same period in 2021. DEX volume was more concentrated in the first five months of the year. BNB chain-based PancakeSwap was the second most popular DEX by volume in 2022, behind the Ethereum-based Uniswap v3.
The extent of the decline in volume in H2 2022 was more significant on PancakeSwap than on Uniswap. Uniswap v3 demonstrated resilience during the bear market and consolidated a DEX market share of 59.0% by volume, growing from 43.2% in January.
Figure 183: Share of DEX volume in 2022 Source: The Block Data Dashboard
AMMs continued to be the prevalent DEX mechanism, as the most common decentralized trading venues on most blockchains are forks of Uniswap, a constant-product market maker. The volume share of order book-based DEXs dropped from 4.1% to 0.48% in 2022.
Figure 184: DEX volume in 2022 Source: The Block Data Dashboard
Figure 185: DEX mechanism volume share in 2022 Source: The Block Data Dashboard
As the largest DEX by volume extended its dominance in 2022, the demand for DEX aggregators reduced. Looking into Uniswap's volume, the share of traffic originating from aggregators dropped from 42.1% in January to 19.5% in November. 1inch surpassed 0x API in the DEX aggregator space with a current market share of 49.4% in November, rising from 33.3% in January.
Figure 186: Share of DEX aggregator volume in 2022 Source: Dune Analytics (@jhackworth)
The DEX-to-CEX spot volume ratio seeped throughout most of 2022 until showing signs of recovery from Q4 2022, reaching a high of 25.5% in February and a low of 10.8% in September. The collapses of multiple centralized custodians might have driven the potential resurgence of DEX trading activities in the final quarter.
Figure 187: Ratio of DEX to CEX spot trade volume in 2022 Source: The Block Data Dashboard
In terms of TVL, Uniswap v3 had less TVL than PancakeSwap in most of 2022 despite generating more than triple volume, as it enables LPs to provide concentrated liquidity that significantly improves capital efficiency.
Curve, a stableswap exchange, remained the most popular venue for LPs since providing liquidity to assets pegged to the same underlying index incurs a minimal impermanent loss. Still, its TVL shrunk from $23.3 billion to $3.7 billion, a staggering 84.2% decrease in a year. The de-pegging of UST, Terra's native algorithmic stablecoin, as discussed in the Algorithmic Stablecoins subsection, had an enormous direct impact on Curve's TVL in May.
Figure 188: Value locked in DEXs in 2022 Source: The Block Data Dashboard
The UST-USDC/USDT/DAI pool on Curve became one of the primary means for UST holders to exit in size as the algorithmic stablecoin became worthless. Over $600 million worth of other stablecoins in the pool was depleted by UST sellers in a matter of days, leaving LPs with huge losses.
Figure 189: UST-USDC/USDT/DAI Curve pool balance in 2022 Source: Dune Analytics (@mhonkasalo)
Lending
TVL in over-collateralized lending protocols had a trend similar to DEXs as crypto assets depreciated throughout 2022. Aave v2 remained the top lending protocol despite a 76.4% reduction in TVL, shrinking from $14.0 billion to $3.3 billion in a year. Aave v3 did not take off as it has yet to be deployed on Ethereum, where most liquidity resides.
The only major over-collateralized lending protocol that defied this downward trend in TVL was JustLend, a Tron-based lending protocol that benefited from the creation of USDD, a Tron-native algorithmic stablecoin, which will be discussed in the Algorithmic Stablecoins subsection. JustLend currently ranks second in TVL among lending protocols, with a TVL of $2.8 billion, up from $1.8 billion in 2022.
Figure 190: Value locked in lending in 2022 Source: The Block Data Dashboard
The evolution of Aave's outstanding debt paints a picture of a shift in market sentiment. The borrowing demand for stablecoins, including USDC, USDT, and DAI, plunged from $5.61 billion to a mere $779 million in a year. In contrast, such demand for ETH soared from $105 million to $581 million suggesting users seeking leverage had gradually turned bearish throughout 2022.
Figure 191: Aave outstanding debt in 2022 Source: The Block Data Dashboard
On the other hand, the total outstanding debt of under-collateralized lending protocols took a slightly different trajectory, plateauing in Q2 2022 before facing its eventual reality of a credit crunch in H2 2022. While it registered a YoY decline of 68.5% in outstanding debt, it marginally outperformed its over-collateralized lending counterpart, which had a staggering plunge of 74.1% in outstanding debt in 2022.
TrueFi conceded its top position to Maple, as the latter currently possesses a market share of 30.8% with an outstanding debt of $107.9 million. Both protocols suffered numerous loan defaults amid a distressed economic environment, and it is unclear when or if lenders will be fully compensated. That said, the advantage of under-collateralized lending in capital efficiency cannot be understated.
NFT lending is a new entrant in the lending space due to the persistent hype around NFTs. NFT lending refers to utilizing NFTs as collateral in securing a loan, usually denominated in a more liquid asset.
The main challenge of NFT lending is the inherent illiquid nature of NFTs, such that liquidating debt positions that are about to go under-collateralized can be difficult. With the reduction of trading fees and the removal of mandatory royalty payments enforced on most NFT marketplaces due to a more competitive landscape, liquidity in major NFTs is expected to improve gradually, which can mitigate the existing challenges faced by NFT lending protocols.
Crypto-backed stablecoins, also known as "exogenously collateralized stablecoins," refer to decentralized stablecoins that are over-collateralized by assets that derive value external to the stablecoins in question.
Maker's DAI remained the largest crypto-backed stablecoin, although its market cap shrunk from $8.95 billion to $5.18 billion in 2022. It now has a near-monopoly in the crypto-backed stablecoin space with a dominance of 90.5%, up from 60.4% a year ago. In contrast, Abracadabra's MIM, the second-largest crypto-backed stablecoin in January, lost 98.1% of its market cap within a year.
Despite DAI's superiority within the decentralized stablecoin territory, its share in the total Ethereum stablecoin supply diminished from 8.03% to 5.03%, as users increasingly favored centralized stablecoins with deeper liquidity.
Figure 193: DAI share in total Ethereum stablecoin supply in 2022 Source: The Block Data Dashboard
DAI's collateralization ratio decreased from 195% to 128%. Such an improvement in capital efficiency came with the cost of worsened censorship resistance, as the protocol increasingly relies on other centrally-issued assets for collateralization. 68.8% of DAI generated is collateralized by centralized stablecoins, including USDC, GUSD, and USDP, whereas another 9.5% is collateralized by tokenized real-world assets (RWAs).
Figure 194: Market cap of crypto-backed stablecoins in 2022 Source: CoinGecko
Figure 195: DAI collateral composition as of November 30, 2022 Source: Dai Stats
TVL in Maker dwindled from $17.5 billion to $6.7 billion due to the reduction in DAI demand and the improvement in capital efficiency, as mentioned above. Even so, it stands as the largest DeFi protocol by TVL.
Figure 196: Value locked in Maker in 2022 Source: DefiLlama, The Block Research
Algorithmic Stablecoins
2022 was a defining moment for algorithmic stablecoins that experienced rapid growth followed by catastrophic destruction, with contagion still rippling through every corner of the crypto space. Algorithmic stablecoins, also known as "endogenously collateralized stablecoins," are assets reliant on endogenous collateral to maintain their peg to a fixed value. Endogenous collateral refers to assets that derive value primarily from the stablecoins they back.
UST, now known as USTC, was the largest algorithmic stablecoin before its collapse, with a market cap of $10.1 billion in January and $18.8 billion at its peak in May. UST operated with an "elastic seigniorage" model where 1 UST could be created (or destroyed) by burning (or minting) $1 worth of LUNA, which was UST's endogenous collateral.
Figure 197: Algorithmic stablecoins market cap in 2022 Source: CoinGecko
The rise of UST was fueled by the unsustainable yield on Anchor, a Terra-based lending protocol. UST depositors on Anchor could earn up to 19.5% annualized yield, which was heavily subsidized by Terraform Labs. Such a high-yield product on a seemingly "stable" asset incentivized many retail and institutional participants to be exposed to UST prior to the catastrophe.
Figure 198: Anchor total deposits in 2022 Source: The Block Data Dashboard
This seigniorage mechanism was tested to an extreme degree from May 9 when the UST selling pressure started to mount. While the system allowed the redemption of UST for LUNA without slippage, a redemption threshold was in place that restricted the amount of LUNA that could be created within a time window, intending to flatten the selling pressure of LUNA. Ironically, such limitation intermittently halted the redemption process designed to stabilize the UST price, which meant that the only way to offload UST was to sell it on the secondary market, causing UST to de-peg.
As the market lost confidence in UST's seigniorage mechanism in light of its de-pegging, more UST holders rushed to exit, causing a death spiral where LUNA was hyperinflated more than 20,000x to fulfill constant streams of redemption requests. Such an extent of inflation over a short time undoubtedly crashed LUNA's and, subsequently, UST's valuation as LUNA no longer carried sufficient economic value to back UST.
Figure 199: LUNA price and supply Source: CoinGecko, The Block Research
The price of UST never recovered from the flash crash, and the Terra ecosystem had moved on to Terra 2.0, a new blockchain without a native algorithmic stablecoin, as mentioned in the Layer-1 section. See the Macro section for a detailed timeline of events pre- and post-UST collapse.
Other algorithmic stablecoins with similar designs, such as USDD and USDN, also experienced occasional de-pegging, albeit in smaller amplitude. It is likely due to their smaller sizes in market cap where their pegs were much easier to defend in a capital sense, but they could face the same scaling issue in the future.
Figure 200: Algorithmic stablecoins price in 2022 Source: CoinGecko
The latest draft stablecoin bill in the US House proposed a two-year ban on the issuance of new algorithmic stablecoins, which, if passed, could introduce further obstacles in the development and adoption of such capital-efficient decentralized stablecoins.
FRAX is the biggest algorithmic stablecoin after the collapse of UST, with a current market cap of $1.0 billion. Its price action was relatively more stable than others because FRAX is also fractionally backed by exogenous collateral such as USDC. Its exogenous collateral ratio currently sits at 93.3%.
Figure 201: FRAX exogenous collateral ratio Source: Frax Finance
Liquid Staking
PoS consensus has become a widely adopted mechanism for decentralized blockchains to achieve distributed consensus, following Ethereum's successful transition toward PoS during The Merge, as discussed in the Layer-1 section.
Validators in PoS blockchains stake native tokens to participate in validating transactions and, in return, receive a higher share of said tokens when they behave honestly. While staking can be a lucrative business, running validator nodes requires sufficient technical know-how and upfront capital.
Liquid staking facilitates the tokenization and "liquidization" of staked tokens, with liquid-staked tokens acting as a tokenized representation of the underlying stake. Token holders can utilize them in other DeFi protocols while simultaneously earning staking yield and delegating the responsibility of node running to token issuers.
Lido is the largest liquid staking protocol on Ethereum with a TVL of 4.77 million ETH, almost a threefold increase since the beginning of the year. It is also the second-largest DeFi protocol by TVL, just behind Maker. Lido's dominance in Ethereum liquid staking hovered around the 90% mark in 2022 until Coinbase entered the market in late August. Lido now has a market share of 76.1%, whereas Coinbase is at 6.1%.
Figure 202: Ether locked in Ethereum liquid staking in 2022 Source: DefiLlama
Lido controls 30.9% of all ETH staked, which concerns some decentralization advocates as it might bring systemic risks to the network and enables the protocol to monopolize and cartelize MEV extraction.
However, since liquidity begets liquidity, some might believe that a monopoly (or a duopoly) in the liquid staking field is inevitable. It could be a lesser evil to tolerate such dominance by a transparent, decentralized organization than to empower a centralized actor. Lido is controlled by decentralized governance and comprises multiple independent validators.
Figure 203: Ethereum validators by pool as of November 30, 2022 Source: The Block Data Dashboard
Lido also operates on Solana, albeit dwarfed by Marinade in TVL. Other notable liquid staking solutions on other networks include Benqi on Avalanche, Ankr on BNB chain, and Folks on Algorand, all with no less than $30 million in TVL.
On the other hand, various Polkadot parachains have native liquid crowdloan tokens. Crowdloans on Polkadot enable blockchains to crowdsource DOT for bidding parachain slots on the Polkadot relay chain. Parachains that won the slot auctions would have their crowdsourced DOT locked until the slot leases expire. Liquid crowdloan DOT tokens represent the underlying crowdsourced DOT and are redeemable after the leasing period.
Parallel and Acala both have their own versions of liquid crowdloan DOT tokens, with a TVL of $157 million and $132 million, respectively.
Figure 204: Value locked in non-Ethereum liquid staking and liquid crowdloan in 2022
Source: DefiLlama
Derivatives
The volume generated by decentralized perpetual futures exchanges mostly followed the movement of the overall crypto market. StarkEx-based dYdX has been the kingpin of decentralized perpetuals exchanges as it generated $446 billion of volume in 2022, although much of it was heavily incentivized by token rewards. Meanwhile, Arbitrum- and Avalanche-based GMX, as well as Ethereum- and Optimism-powered Synthetix, produced $62.6 billion and $7.7 billion in annual volume, respectively
GMX was one of the outperformers in DeFi with positive growth in TVL, amassing $445 million worth of assets and up from $108 million at the beginning of the year. It surpassed dYdX and Synthetix, which have a TVL of
$416 million and $295 million, respectively.
Figure 206: Value locked in decentralized perpetuals exchanges in 2022 Source: DefiLlama
Note that TVL across various perpetuals exchanges does not indicate their relative performance as they have vastly different mechanisms. dYdX is order book-based (i.e., peer-to-peer) and is, therefore, more capital efficient but requires active market-making participants to maintain deep liquidity.
In contrast, GMX is pool-based (i.e., peer-to-pool), meaning it leverages idle liquidity as the counterparty of all trades and is, therefore, relatively more liquidity-hungry. Being the counterparty of GMX traders, GMX LPs had an outstanding year as traders as a whole had a net loss of $31.8 million. Nonetheless, it is unclear how GMX could scale without being impeded by the toxicity of informed flow, which would take advantage of GMX's low-slippage design at the expense of LPs.
Figure 207: GMX traders cumulative profit and loss in 2022 Source: GMX
Synthetix is a debt pool-based synthetic asset issuance protocol, whereas Kwenta builds atop Synthetix to facilitate perpetuals trading with account margin management. 50% of synthetic assets issued are in sUSD, the base asset for trading synthetic assets on the Synthetix platform. Besides USD and major cryptocurrencies such as ETH and BTC, many synthetic assets are pegged to non-dollar fiat currencies, such as EUR, JPY, and CHF, filling the void of the lack of forex trading in DeFi.
Figure 208: Synthetix synthetic assets dominance as of November 30, 2022 Source: Synthetix
2022 also saw the advancement of some decentralized exotic derivatives. Power perpetuals provide options-like leveraged exposure without the need for strikes or expiries, thus consolidating market liquidity into a single instrument. Opyn Squeeth is a power perpetual contract that tracks the square of the price performance of ETH, which has a cumulative volume of $447 million since its inception in January.
On the other hand, Lyra is an options protocol that relies on Synthetix for settlement and delta hedging purposes. Lyra generated $13.2 million in premium volume and $295 million in notional volume since its latest upgrade six months ago.
DeFi has become increasingly sophisticated, with complex instruments emerging on a regular basis. Numerous structured products have sprung up that abstract away the complexity to maximize risk-adjusted returns while minimizing the time and effort required in portfolio management.
Yield optimizers are the most popular type of structured products in DeFi. They sort to maximize yield with minimal loss of principal and usually come with an auto-compounding feature. There are three types of yield optimizers, and the earliest iteration is aggregators that tap into multiple principal-protected yield venues and adjust positions frequently to maximize yield.
Yearn is the biggest yield aggregator with a TVL of $372 million, down 91.0% in 2022, which made it one of the worst-performing DeFi protocols with a significant TVL. Other notable aggregators include Beefy and CoinWind, with a TVL of $235 million and $192 million, respectively.
The most popular sort of yield optimizers is yield-boosting protocols. Some DeFi protocols reward LPs with a higher share of revenue or token reward if they lock up a sufficient amount of the protocol token. However, token lockers are exposed to the token's long-term price risk. Yield-boosting protocols match two groups of participants, loss-averse LPs with no tokens locked and non-LP token lockers, to maximize and split the boosted reward between these two groups.
Convex is the largest yield-boosting protocol that increases the capturable yield for Curve LPs, whereas Aura and Wombex operate in a similar fashion for Balancer and Wombat LPs, respectively. Convex's TVL was down from $19.9 billion to $3.04 billion in 2022, whereas Aura was launched mid-year and amassed $353 million in TVL.
There are also variants of yield optimizers that provide leverage to depositors with higher risk tolerance, meaning depositors could earn a higher yield by risking a portion of their principal. Notable examples include Alpaca and Alpha Homora, with a TVL of $279 million and $59.2 million, respectively.
Figure 210: Value locked in Yield Optimizers in 2022 Source: DefiLlama
Another type of structured products is automated strategy vaults which blossomed in 2022. They are smart contracts that employ specific transparent trading strategies, and depositors can select whichever suit their risk appetite and market view. Vaults would actively manage positions on behalf of depositors for a fee.
For example, the invention of concentrated liquidity by Uniswap v3 gave birth to protocols specializing in liquidity provisioning management. While concentrated liquidity gives LPs flexibility in fine-tuning parameters of market-making strategies, passive LPs lose their edges to those actively rebalancing their narrow liquidity positions. LP vault managers aim to maximize LP earnings by automatically adjusting liquidity positions and widths when certain market conditions are satisfied. The biggest LP manager is Arrakis, with a TVL of $505 million.
Another type of strategy vaults emerging is options vaults. Options are relatively complex financial instruments to some retail participants, and these vaults aim to simplify and streamline the process of getting continuous options-like exposure with curated strike prices and automatic rollover. Ribbon is the largest options-related strategy vaults protocol with a TVL of $48.1 million.
Figure 211: Value locked in automated strategy vaults in 2022 Source: DefiLlama
Nonetheless, many other structured products have fallen out of favor, including indices and yield tranching protocols. They could make a comeback in the foreseeable future when DeFi matures and attracts institutional capital.
Privacy
2022 was a critical juncture for privacy protocols. OFAC-sanctioned cryptocurrency mixers such as Bitcoin-based Blender.io and Ethereum-based TornadoCash for their roles in allegedly facilitating money laundering for North Korean-linked Lazarus Group. This hacking organization was allegedly the culprit behind the $600 million thievery on Axie Infinity's Ronin sidechain in March, the joint-largest DeFi exploit to date, as stated in the DeFi Exploits subsection.
The Tornado Cash sanction in early August marked a local top in TVL as depositors fled shortly after the announcement. It currently has a TVL of $111 million, a whopping 78.0% decrease within a year.
Figure 212: Value locked in Tornado Cash in 2022 Source: The Block Data Dashboard
Metrics such as monthly active addresses also indicated the effectiveness of the sanction against the largest privacy protocol.
Figure 213: Tornado Cash monthly active addresses in 2022 Source: The Block Research
Insurance Coverage
While most DeFi sectors flourished in 2021, DeFi insurance coverage was one of the very few categories that diminished. This downfall carried on throughout 2022 with no signs of recovery. Nexus Mutual, the leading insurance coverage protocol, saw active coverage bleed from $393 million to $168 million.
Figure 214: Nexus Mutual active insurance coverage in 2022 Source: The Block Data Dashboard
DeFi Exploits in 2022
Hacks and exploits continued to plague DeFi participants as protocols became increasingly complex and composable. The total amount of funds stolen from DeFi exploits in 2022 reached $2.05 billion, a 48.1% YoY increase. Only 7.6% of funds stolen were able to be recovered.
Figure 215: Funds stolen in DeFi exploits 2020 - 2022 Source: The Block Research
Out of the ten largest exploits in 2022, six were bridge-related amid growing cross-chain activities, as bridges became the custodians of huge sums of assets, as shown in the Layer-1 section. Surprisingly, none of these exploits were caused by faulty middleware infrastructure but rather by software bugs or human errors.
In general, most exploits were caused by faulty codes that created backdoors for exploiters to bypass certain essential verifications. Other causes include compromised private keys, governance attacks, price manipulation, etc. While stolen funds were usually unable to be recovered, a few landmark projects with tremendous venture capital backing were able to make victims whole.
Figure 216: Largest DeFi exploits in 2022 Source: The Block Research
The Ronin bridge exploit in March marked the largest exploit in 2022. The bridge wrapped Ethereum-native assets to Axie Infinity's Ronin sidechain and was secured by nine selected validators. Any bridging transaction required approval by at least five of these nodes. A hacker managed to gain control of five of them and stole 173.6 thousand ETH and 25.5 million USDC, worth around $600 million at the time.
Despite being the joint-largest DeFi exploit in history, the other being the Poly Network exploit in 2021, the attack went under the radar until a user attempted but failed to withdraw 5 thousand ETH from the bridge six days later. Sky Mavis, the developer behind Ronin and Axie Infinity, raised $150 million from venture capital firms in April, and the capital was used to reimburse the victims in June. The bridge has since re-opened, and the number of validators increased from 9 to 17.
It was believed that the North Korean-linked Lazarus Group was behind the attack, which ultimately led to the sanction of Tornado Cash mentioned in the Privacy subsection, which was one of the tools used by the hacker to launder stolen funds.
Wormhole Portal bridge was the de facto Solana bridge that ported Ethereum-based assets into the Solana ecosystem. The bridge program failed to conduct proper signature verification due to the use of a deprecated function, which allowed an attacker to spoof guardian signatures and mint 120 thousand unbacked Wormhole-wrapped ETH on Solana in February, worth $320 million at the time, which was used subsequently to steal 93.75 thousand ETH on Ethereum.
Jump Crypto later replenished the deficit to make victims whole after the vulnerability had been patched. Jump is the parent company of Certus One, the developer behind Wormhole.
A bug was introduced in a routine smart contract update in June with an improper initialization, which bypassed the essential measures of proving the validity of messages before processing withdrawals from the Nomad bridge. Anyone could fabricate a bogus withdrawal request, and the message would be erroneously accepted as valid.
The vulnerability remained undetected until August. Unlike most other exploits, it was exploited by hundreds of lone wolves seemingly imitating one another by sending messages in similar formats to the Nomad contract. It resulted in a loss of $190 million worth of assets, $35 million of which was later recovered from whitehat exploiters. It was theorized that many exploiters returned the funds because their addresses involved had transactions linked to withdrawals from CEXs that likely possessed their personal information from their know-your-client (KYC) onboarding processes.
The recovery process is ongoing, and victims could soon claim the recovered funds pro-rata after completing KYC checks. Unlike previous bridge exploits where institutions backstopped the bridges and made users whole, victims in the Nomad bridge exploit would take a sizeable haircut.
Beanstalk was an Ethereum-native algorithmic stablecoin with on-chain governance. It was exploited in April when an attacker managed to leverage flash loan to swap a significant amount of BEAN tokens. It temporarily granted the attacker over two-thirds of voting power, which was sufficient to unilaterally approve and immediately execute a malicious emergency governance proposal that drained the protocol.
$181 million worth of assets were stolen, $105 million of which were donated to the Ukraine donation address. Beanstalk was relaunched in August.
Mango was a Solana-based perpetuals exchange with lending and borrowing capabilities. In October, a group led by Avraham Eisenberg manipulated the price of MNGO, Mango's native token, on Mango's illiquid books and artificially inflated MNGO's valuation. It allowed them to use MNGO as collateral and borrow an abnormally large amount of other crypto assets on another account, leaving the protocol with a deficit of $129 million.
Eisenberg asserted that he operated a "highly profitable trading strategy" where no foul play was involved. The community voted to allow Eisenberg to return $67 million while keeping the rest, which he accepted on the condition that the returned funds would be used to pay back users affected.
BNB chain token hub was a bridge between BNB beacon chain and BNB smart chain. In October, an attacker forged arbitrary messages and maliciously minted 2 million BNB into circulation by exploiting a bug within a module of the bridge contract. The attacker managed to withdraw $127 million of non-BNB assets out of the BNB chain by tapping into multiple liquidity venues before chain validators agreed to pause the chain until the vulnerability was patched via a hard fork.
The faulty module was also used by numerous Cosmos sidechains as part of the IBC implementation. All affected chains have since fixed the bug.
Harmony Horizon bridge was the official bridge for porting assets elsewhere to Harmony, and was secured by a 2-of-5 multi-sig. A hacker gained illegal access to two of them and stole $100 million worth of assets in June. The team has since revised the multi-signature scheme required to approve transactions to a 4-of-5 setting.
The team proposed minting additional ONE, Harmony's native token, to compensate the victims, which the community generally opposed. The new plan suggested utilizing funds from Harmony Foundation to make victims whole.
Qubit was a BNB chain-based lending protocol with a native bridge that enabled users to deposit assets into lending pools directly from Ethereum. A legacy function remained in the smart contract even when its functionality was replaced by a new function. Obsolete parameters relating to the legacy function were initialized, which unknowingly created a vulnerability where Qubit-wrapped ETH could be minted out of thin air by calling the legacy function that was supposed to be made unavailable.
It was exploited in January when an exploiter minted unbacked Qubit-wrapped ETH and used it as collateral to borrow $80 million worth of assets. Protocol profits were used to compensate the victims, but only 2% of their losses were covered. The team left the project and transferred control to decentralized governance a month after the incident.
Rari Fuse was a fork of Compound, a lending protocol, but with more customizability attached by having multiple lending pools with different risk parameters. Re-entrancy attacks have plagued numerous Compound forks that adopted the old version of Compound smart contracts.
This vulnerability was spotted in March, but the patch did not cover all impacted functions on Rari. In April, an exploiter was able to use flash loan to post collateral on Rari lending pools, borrowed assets, and made a re-entrant call to withdraw the collateral before their borrowing record was reflected in the contract. $80 million worth of assets were stolen and victims were fully compensated in FEI, a decentralized stablecoin issued by Fei, which merged with Rari in 2021.
Cashio was a Solana-native decentralized stablecoin protocol that suffered from an infinite mint exploit in March. An exploiter was able to mint 2 billion CASH, Cashio's stablecoin, by supplying fake collateral. The unbacked CASH was sold on the market for $48 million worth of assets. The exploiter returned 29% of the funds stolen to holders of less than 100 thousand CASH and selected victims at their discretion.
Outlook on DeFi in 2023
DeFi-optimized Blockchains
While having DeFi applications deployed on the same chain is advantageous for composability, blockspace-demanding applications would degrade the user experience for every user on the chain. DeFi application-specific blockchains can enhance user experience as protocol users do not have to compete in blockspace with other users on the same generic chain.
For example, a perpetuals exchange on an application-specific blockchain can be customized with high speed, throughput, and liveness so as to enable low-fee, high-frequency trading and proper account margin management. Besides, it can enable affordable, high-granularity, and low-latency price feeds from oracle networks such that liquidation is timely executed to avoid bad debts.
Another example is Sei, a DeFi-focused Cosmos sidechain with optimistic block processing, a native order-matching engine, and a canonical liquidity aggregator. These features would ensure that order matching can be finalized quickly and securely via a canonical platform connecting to multiple liquidity venues on Sei.
On the other hand, DeFi-focused blockchains can create synergies between DeFi applications and the base layer with optimizing capital efficiency in mind. Berachain adopts a proof-of-liquidity consensus where the validators' stake is simultaneously deployed into providing liquidity in the native DEX and lending market, as well as maintaining the peg of the native stablecoin. Such a design makes DeFi an integral part of the base layer, drawing stark contrast from Ethereum's neutral and minimal narrative.
Liquidity Bootstrapping Structured Products
Methods for bootstrapping passive liquidity have constantly been evolving, from classical liquidity mining programs to novel concepts like protocol-owned liquidity. However, how to effectively bootstrap active liquidity remains an open question.
Directly incentivizing trading and market-making activities with token rewards can be ineffective and unsustainable as it often leads to wash trading by a few opportunistic individuals. On the other hand, many retail participants have limited spare time and suboptimal execution abilities in actively managing their positions, leading many to shy away from deploying capital into complex products.
Therefore, protocols that require deep active liquidity need to attract capital by abstracting away complexity and avoiding being too reliant on token incentives. Structured products can remove some barriers for retail participants and potentially provide more sustainable returns.
For instance, Opyn Squeeth is a power perpetual contract that tracks the square of the price performance of ETH, as explained in the Derivatives subsection. Squeeth strategy vaults are a collection of automated trading strategies for trading the Squeeth contract. Different vaults enable users to bet on different market conditions. Users can simply deposit funds into a vault which automatically executes a predetermined trading strategy on behalf of all depositors.
For example, the crab strategy vault on Opyn lets users bet on a sideway price movement of ETH. This is done by simultaneously shorting Squeeth and longing ETH to create almost delta-neutral positions to the ETH price and collect funding payments made by long positions of the Squeeth contract. The vault algorithmically deals with leverage management and position rebalancing such that depositors do not need to manage their positions actively.
Asset Tokenization
Crypto, as an emerging asset class, remains disconnected from other traditional markets with total addressable markets (TAMs) in trillions. As the token-based economy advances, there is rising interest in leveraging existing blockchain and DeFi technology to enhance the supply chain visibility of RWAs and provide a variety of businesses with easier access to credit.
The nascent RWA market currently has a gross value locked (including the amount borrowed) of $193 million. Centrifuge Tinlake is the leading RWA tokenization protocol where real-world financial instruments such as invoices and mortgages are tokenized. Some of these tokenized instruments are currently deployed as collateral to borrow DAI on Aave RWA market and Maker.
Figure 217: Gross value locked in asset tokenization in 2022 Source: DefiLlama
Other RWA tokenization protocols include RealT which fractionalizes real estate and unlocks similar DeFi use cases; Toucan which tokenizes carbon credits; etc. By tokenizing physical assets and IPs that carry significant financial value, it can foster organic growth and immensely expand the TAM for DeFi.
Non-dollar Stablecoins
Fiat-backed stablecoins are technically the most successful example of asset tokenization so far, with solid demand both off-chain and on-chain. Most existing stablecoins are pegged to USD as they are popular choices for trading and cross-border settlement purposes. Fiat-backed USD stablecoins are the base assets for most significant trading pairs on CEXs, whereas their on-chain volume remained stable throughout the bear market in 2022 with an average monthly volume of $565 billion.
Figure 218: Adjusted on-chain volume of stablecoins in 2022 Source: The Block Data Dashboard
Stablecoins pegged to non-USD fiat currencies remained niche. The largest group of non-USD stablecoins is Euro-pegged, with a total market cap of €581 million (~$605 million). Nevertheless, with regulatory clarity, non-USD stablecoins will likely gain adoption in the coming years.
Figure 219: Total Euro stablecoin supply on Ethereum in 2022 Source: The Block Data Dashboard
Material efforts have been made in 2022 to establish reasonable regulatory frameworks for fiat-backed stablecoins in multiple jurisdictions outside the United States. The European Union's Markets in Crypto Assets bill has passed most legislative processes and is expected to be approved by the European Parliament and take effect in 2024. The bill places a daily transaction cap on non-Euro-denominated stablecoins within the Union, intending to protect Euro's monetary sovereignty.
On the other hand, the United Kingdom's FinancialServices and Markets bill would grant the Financial Conduct Authority powers to regulate stablecoins. Authorities in Singapore and Hong Kong also published consultation papers on stablecoin regulation proposals and are seeking input from the public.
Institutional DeFi
Institutions are still hesitant to embrace distributed ledger technology due to compliance and regulatory uncertainties. Some advocates are cultivating the notion of "permissioned DeFi," while oxymoronic, could overcome such regulatory barriers.
Even though permissioned DeFi is not decentralized by any means, it can usher in a new era of open finance that facilitates industry-grade, near-instant, cross-border settlement and brings more transparency to all parties involved. Business logic can be codified in the form of smart contracts that automate settlement and enforce adherence to rules, reducing the cost of doing business through clearing intermediaries.
In November, DBS Bank, J.P. Morgan, and SBI Digital Asset Holdings conducted foreign exchange andgovernment bond transactions on Polygon under the pilot scheme supervised by the Monetary Authority of Singapore. A modified version of Aave Arc was utilized that allowed finer control over parameters and supported on-chain verifiable credentials.
This event was believed to be the first time a major bank had tokenized deposits on a public blockchain. We can expect to see an increasing number of government-led initiatives collaborating with industry giants to explore the potential of adopting DeFi and blockchain technology on a broader scale in the coming years.
