- “DeFi is still a giant virtual laboratory of experiments where moving fast and breaking things in the world of finance is still the rule.”
- “Too many people don’t value security” or are willing to throw significant amounts of money in untested DeFi platforms.
- “It’s very risky to hold a leveraged position during such [exchange] outages as such positions can be liquidated fast.”
- “One of the biggest areas of security remains that of private key management.”
Security is integral to crypto.
This is probably unsurprising for something mainly focused on cryptography, but with cryptoassets now exceeding a total market capitalization of USD 2 trillion, security must be a top priority for every exchange, wallet, platform, user, and investor in the business.
This, however, does not always appear to be the case, as seen by the amount of decentralized financing (DeFi) incidents, crypto exchange hacks, and ransomware vulnerabilities witnessed this year. Regrettably, industry insiders interviewed by Cryptonews.com expect that things will get worse before they get better next year, with DeFi, centralized exchanges, cryptoassets, and users all suffering difficulties.
Simultaneously, as the market grows and new tools become available, the security offered by various platforms may increase by the end of 2022.
Fast-moving DeFi problems
Pretty much every commenter we spoke with says that DeFi security issues will continue to be a trend well into 2022.
“Not to sound too dramatic but DeFi is still a giant virtual laboratory of experiments where moving fast and breaking things in the world of finance is still the rule. The level of complexity of new DeFi services built-in ‘Lego’ mode allows more room for either malicious attacks or human error,” Ouriel Ohayon, Co-founder and CEO of mobile-based crypto wallet ZenGo.
DeFi’s multiple internal traits and oddities predispose it to security issues or vulnerabilities, which are likely to persist through 2022.
“One of the possible issues with decentralized banking, in terms of cyber-attacks, is that it is, by definition, unregulated in the same way that traditional financial institutions are.
The fact that some firms lack experience or expertise in dealing with cyber-security concerns exacerbates the problem,” said David Emm, principal security researcher for Kaspersky’s Global Research and Analysis Team.
Emm explains that this lack of experience and lax regulation creates an opportunity for cybercriminals to take advantage of the situation.
“As a result, attacks on the sector will continue,” he warned.
Commentators are split on whether the DeFi security situation will improve or deteriorate in the coming year.
According to Trezor and SatoshiLabs Brand Ambassador Josef Ttek, DeFi applications will continue to be vulnerable to different flaws and attacks.
“This is because DeFi developers prefer to progress quickly and attract as much capital as possible, both invested and value-locked.
Additionally, we have observed problems being discovered in long-running applications such as Compound — the complicated smart contract architecture just provides an excessive attack surface,” he explained to Cryptonews.com.
Similarly, Paul Sibenik of CipherBlade is not optimistic that crypto will improve when it comes to DeFi’s security issues.
“We don’t expect it to improve, if anything the contrary. Too many people don’t value security or are willing to throw significant amounts of money in DeFi platforms that don’t have an extensive battle-tested track record particularly with regard to security,” he told Cryptonews.com.
On the other hand, some industry representatives are optimistic that 2022 will see a steady improvement, with DeFi vulnerabilities becoming less of a concern.
“The good news is that further tools for vetting the security of those projects, as well as assisting investors in protecting themselves against their own errors, are on the way to the market,” said Ouriel Ohayon.
Similarly, Chris Harding, the compliance officer of Civic, tells Cryptonews.com that while the expansion of DeFi may draw bad actors, it will also give industry platforms with additional resources for system strengthening.
“As [hackers] grow more shrewd with their approaches, so do the DeFi project teams! Teams are learning every day and the community is collaborating on how to better protect against bad actors,” he said.
Harding also believes that regulators’ involvement may have a beneficial influence on security within DeFi, by driving platforms to implement stronger user protections.
“With the recent publication of the FATF rules on [virtual asset service providers], we will see many participants committing significant time and work to legal and regulatory problems,” he added.
Exchanges to continue experience outages and technical issues
Numerous cryptocurrency exchanges were hacked in 2021, while another common security issue (at least in terms of preserving the value of your holdings) was the outages and service disruptions that even the largest platforms — such as Binance and Coinbase — encountered on numerous occasions this year.
“The outages at major exchanges speak to the near-exponential surge in trade volume that we saw in 2021 and that will continue in 2022.
This rapid growth in transaction volume should be viewed as a significant validation of the crypto industry, even if the dramatic spikes in transaction volume create operational challenges for exchanges and other [decentralized applications],” said Matt Cutler, CEO and Co-Founder of blockchain data provider Blocknative.
According to industry observers, exchange outages and hiccups will continue to be a pattern in 2022, and, like DeFi issues, will likely improve incrementally at best.
“I believe exchanges will keep on suffering outages in the times of strong price rallies, simply because spikes in demand can outpace every expectation. It’s very risky to hold a leveraged position during such outages as such positions can be liquidated fast,” said Josef Tětek.
Having said that, as the market continues to mature and grow (and as regulation enters the fray), at least some observers believe exchange concerns will steadily improve over the next year.
“Each interruption serves as a necessary precursor to a more robust set of processes and infrastructure.
We believe this cycle is unavoidable and even necessary for the industry to mature into a more stable position,” Ouriel Ohayon stated.
One possible solution, at least in part, is decentralized exchanges (DEXes), according to Futureswap CEO and co-founder Derek Alia.
“DEXes are antifragile against these network outages because you have hundreds of thousands of people incentivized to run the nodes of the network to keep the system up, which is far more resilient than keeping it in one or two large network hubs distributed in a handful of places. This is one reason why you’re seeing crypto applications with almost zero downtime,” he told in an interview.
Platform teething problems
Related to exchange interruptions are the types of outages that have afflicted embryonic platforms this year, such as Solana (SOL) and Arbitrum.
This is another potential important trend for 2022, especially when new networks form and expand.
“Investors continue to pour enormous sums of money into relatively young and/or untested ventures when they believe the price will rise,” stated Paul Sibenik.
This is a position echoed to a significant extent by Josef Tětek, who also believes that the market’s obsession with the ‘next big thing’ results in the launch or release of platforms that are not particularly robust.
“New crypto projects usually adopt the ‘move fast and break things’ mentality, which inevitably leads to, well, things breaking down sooner or later. While this approach is fine for tech startups, it’s reckless for monetary technologies,” he said.
As dangerous when it may be, the money at stake – and its fast growth – has prompted many enterprises to rush to market with untested protocols, a situation that is predicted to deteriorate (at least temporarily) as crypto gains mainstream recognition in 2022.
“Investing in hot coins that are competing with one another, particularly ETH competitors such as SOL, ADA, and DOT, poses an added risk if they are under pressure to provide the most features or the fastest transaction speed without putting stability first.”
As a result, users face a greater risk of meeting a security breach or a technological fault as long as speed is prioritized,” claimed Dave Bitcoin, a cryptocurrency specialist and owner of the walletrecoveryservices.com website.
Ransomware and other security issues
“It’s difficult to predict whether things will improve or deteriorate significantly over the course of a year, but I imagine we’ll continue to see occasional security lapses and technical glitches in 2022 as the crypto market continues to attract significant interest and activity,” Dave Bitcoin explains.
Two additional security concerns will persist in 2022, particularly as an increasing number of inexperienced newcomers dip their toes into crypto for the first time.
“One of the biggest areas of security remains that of private key management and account takeover of password-based systems,” said Ouriel Ohayon.
“We’ve seen thousands of Coinbase accounts compromised by a faulty [two-factor authentication] system, and on a daily basis, investors lose (stupidly) their funds by providing their private key or seed [to a phishing attack], and in those cases, even hardware wallets cannot protect you; maliciously (or not) coded smart contracts can have abusive permissions that can drain your wallets, even with certain NFT formats,” he added.
The fact is that the average layperson is not a cryptographic security expert, and hence may struggle to adapt to bitcoin security’s unforgiving nature.
This has always been a concern with cryptocurrency to some extent, but with increased investor interest, it could get worse in 2022.
Another well-known security concern that could deteriorate is ransomware, which, according to David Emms, could deteriorate even while preventative measures are adopted.
“An emerging (and worrying) trend that relates to cryptocurrency is the payment of ransoms. Ransomware is a problem that taxes the minds not only of organizations, but of governments,” he said.
Emms adds that governments may seek to regulate ransomware in 2022 in order to make it more difficult for ransomware gangs to operate. “The United States currently maintains a blacklist of sanctioned corporations from which US organizations are prohibited from paying,” he observed.
However, given the sector’s relative youth, quick evolution, and complexity, it’s probable that it may take some time before really solid and comprehensive legislation addressing all of the sector’s security concerns is introduced. As such, anticipate a plethora of security difficulties, issues, and, hopefully, answers in 2022.