As a hacker and cryptocurrency liker, I have been hearing for a while about "DeFi" stuff going on in Ethereum without really knowing what it was. I own a bunch of ETH, so I finally decided that enough was enough and spent a few evenings figuring out what was going on. To my pleasant surprise, a lot of it was fascinating, and I thought I would share it with LW in the hopes that other people will be interested too and share their thoughts.
Throughout this post I will assume that the reader has a basic mental model of how Ethereum works. If you don't, you might find this intro & reference useful.
Why should I care about this?
For one thing, it's the coolest, most cypherpunk thing going. Remember how back in 2012, everyone knew that Bitcoin existed, but it was a pain in the ass to use and it kind of felt weird and risky? It feels exactly like that using all this stuff. It's loads of fun.
For another thing, the economic mechanism design stuff is really fun to think about, and in many cases nobody knows the right answer yet. It's a chance for random bystanders to hang out with problems on the edge of human understanding, because nobody cared about these problems before there was so much money floating around in them.
For a third thing, you can maybe make some money. Specifically, if you have spare time, a fair bit of cash, appetite for risk, conscientiousness, some programming and finance knowledge, and you are capable of and interested in understanding how these systems work, I think it's safe to say that you have a huge edge, and you should be able to find places to extract value.
In broad strokes, people are trying to reinvent all of the stuff from typical regulated finance in trustless, decentralized ways (thus "DeFi".) That includes:
Making anything that has value into a transferable asset, typically on Ethereum, and typically an ERC-20 token. A token is an interoperable currency that keeps track of people's balances and lets people transfer it.
Making liquid exchanges where you can swap all of those tokens at market prices.
Making schemes for moving those tokens over time, like borrowing, futures, etc.
Making elaborate scams and arbitrages to obtain other people's tokens.
It's not completely clear to me what the main value proposition of all of this is. It's easy to generate things about it that seem somewhat valuable, but hard to say how each stacks up. Some possible value includes:
Evading regulation, like securities laws, money laundering laws, sanctions, capital controls, laws against online gambling, etc. etc.
Allocation of capital among projects that can raise money using cryptocurrency tokens (because somehow they have a scheme to tie the success of their project to the value of the token, making it a kind of virtual equity.)
Having less middlemen than existing financial systems, making it more trustworthy and cheaper. (It is not currently more trustworthy or cheaper than mainstream American institutions, but it plausibly could be in a few years.)
The first step is to make everything into an ERC-20 token. This will let all the other products work with everything, because they will interoperate with ERC-20 tokens.
Stablecoins and pegs
It's common for someone to want to own an Ethereum version of some other asset that is not Ethereum, so that they can use it on Ethereum. The most typical example of this is US dollars. A token whose price is designed to be pegged to an external thing like this is called a stablecoin.
There are a few techniques people use to accomplish this. The most popular one is to have a giant pile of US dollars somewhere under someone's control, and have that person act as a counterparty for anyone who wants to buy or sell 1 US dollar for 1 token. This is what Tether and USDC do.
A more complicated version is to have a giant pile of something that is not US dollars, but is worth something, and then be willing to trade 1 US dollar worth of whatever, for 1 token. This seems like what Reserve does. In a way it's also what MakerDAO does; I'll discuss this later when I get around to talking about loans.
Another asset people really like to own on Ethereum is bitcoin. This is accomplished by WBTC ("wrapped bitcoin") using a giant-pile-of-bitcoin technique, with a few useful twists; firstly, there's a cryptographic scheme by which you can trustlessly mint the WBTC tokens on Ethereum and send the BTC to the custodian on Bitcoin atomically. (This is a general mechanism for cross-blockchain transfers.) Secondly, you can go look at the Bitcoin balance of the custodian, so you know they actually have some collateral somewhere.
There are some other schemes for doing this that are trying to get around the requirement of having a giant pile of assets, by making it so that more of the coin is minted when the value of the coin goes above the peg, and the coin is burnt somehow when the value goes below the peg. Basis kind of tried to do this. It seems like nobody quite knows yet whether or not this is possible.
Governance tokens, i.e. tokenized equity
It's extremely common for new cryptocurrency projects to want to essentially give out equity in their project as a way to make money. In particular, a very common way to do it seems to be to mint "governance" tokens representing equity, give some of them to investors, and also give a bunch to early users, as a way of establishing a big userbase and attaining some network effects.
Frequently these tokens have a profit sharing component. Almost always, they let the owners of the tokens make some kinds of decisions relevant to the project -- parameter values, future redistribution of profits, development direction, project mergers, and so on, under the assumption that they will do so in a self-interested way as the stakeholders in the project.
I've found that governance tokens seem surprisingly valuable on the market, even when there is no explicit profit sharing component. For example, the Uniswap governance token has a market cap of $6B. Like companies that don't issue dividends or buy back shares, it's slightly puzzling at first glance where so much value is coming from. Expectation of future profit sharing mechanisms? The ability to control the future direction of the project in other ways? Maybe people just like the stock. A lot of how people are making money right now on these platforms is by taking advantage of aggressive governance token rewards for using new and speculative projects.
Once everything is a token, you want to be able to trade the tokens. The old cryptocurrency model of having centralized, NYSE-style exchanges hasn't gone away; you can still trade lots of tokens on Coinbase and so on. However, a totally new variety of trustless, decentralized exchanges have popped up in the past few years. I will explain Uniswap, which is just about the simplest possible one, and then talk about some variations on a theme.
Automated market making
Uniswap is a constant function market maker. More specifically, it's a constant product market maker. This means it is an Ethereum contract that manages a giant pool of two tokens, and anyone can trade one token for the other against the pool as long as their trade preserves the product of the two token quantities in the pool.
The main reason you would do this is if you wanted one instead of the other. But even if you didn't, you would do it anyway, if the current rate being offered (i.e. the ratio of the two token quantities in the pool, times the constant) is different than the rate you can get on another liquid market. If it's better, you trade one way on the pool and the other on the market. If it's worse, vice versa. As a result of this arbitrage, Uniswap's rate will always magically be at the prevailing market rate.
Well, not quite. It will always magically be somewhere inside the prevailing market spread, plus or minus transaction fees, for the first epsilon quantity you're trading. After that, it will slip to a worse rate. The slippage will depend on how giant the pool of tokens is compared to your trade.
There are a number of appealing properties about this compared to a centralized exchange with an order book:
All the machinery for making new pools is all automated and anyone can do it. My understanding is that you can invent two new ERC-20 tokens right now, mint a bunch of them, and make your very own Uniswap pool, without asking anyone's permission.
The trade I described is way less computationally expensive than keeping track of an order book, so it costs way less gas. This is a huge concern right now in Ethereum land.
The software is quite simple. That means there probably aren't many bugs.
You only need to trust the software; you don't have to put your money into a questionable cryptocurrency exchange platform.
As a result of these properties, a lot of people are making similar kinds of automated market makers for different purposes. For example, Curve is a CFMM which uses a function that has less slippage when the two tokens have very similar value; it's used for trading stablecoins and tokens that are pegged against each other. Balancer is a CPMM that works with a set of more than two tokens and maintains the constant product invariant for all of them, so you can trade any of them for the rest of them.
All of these automated market makers operate on the same model of incentivizing people with money ("liquidity providers") to make a really giant pool of tokens for them, so that they can support lots of trade volume with minimal slippage. There are typically two incentives: one is that you get transaction fees on the trades proportional to your portion of the pool, the other is that you get governance tokens for the exchange platform.
These frequently add up to what looks like a really good APR on your money. The shallower the pool and the more the trading volume, the more of the transaction fees you are making. So a lot of people spend their time looking for AMM pools with attractive yields, buying whatever tokens that pool supports, and depositing them in the pool. Then later you can take your tokens back out plus whatever profits you made in the meantime. This is called "yield farming".
At a glance this sounds like a relatively safe way to make money, but there are a few non-obvious risks. One is your exposure to the tokens you bought and put in the pool. If the pool is so shallow, it's probably because one or the other of those tokens is new or has questionable value, so you might not be thrilled to own them. Another is systemic risk based on smart contract hacks, malicious governance, and so on. Another is impermanent loss; it turns out that for many AMMs, liquidity providers will not be indifferent to price movements of the tokens. So it's a way to make money, but not necessarily a very safe way to make money.
There seems to be a lot of demand for loans of cryptocurrency. Like a lot of this technology, it's not totally clear to me where the demand is coming from. Some possibilities:
Borrowing for the purposes of shorting this or that token.
Borrowing as a way to invest on margin.
Because it's supposed to be trustless and decentralized, all loans are necessarily at least fully collateralized (except for flash loans, which I describe later.) I'll explain two prominent lending systems.
MakerDAO & the DAI stablecoin
MakerDAO is one of the oldest Ethereum projects. It has a mechanism that not only results in a way to borrow with collateral, but also results in a stablecoin just sort of popping out as a consequence, which is cool.
The way it works is, you can send some stuff to a Maker "vault" contract. The stuff can be any token that has value according to a big list that Maker manages collectively. The USD value (per some governance-approved oracle) of the stuff acts as your collateral. Once you have some stuff in there, you can mint a token called DAI proportional to the amount of your collateral (everything is somewhat overcollateralized, because most of the stuff has a lot of price variance) and do whatever you like with the DAI. Later, you can pay back the DAI to get your collateral back.
What if a loan becomes insufficiently collateralized, because the market value of the collateral went down? Maker solves this problem by making it profitable for other people to liquidate you in this case; other people can bid DAI in an auction to pay off your loan and take your collateral. Naturally, this should happen basically instantaneously.
There are some other mechanisms in play; as usual, there's a governance token MKR that shares profits from a fee you pay on your loans. There's also a kind of emergency shutdown lever that MKR holders can pull to liquidate everyone and redistribute the collateral to everyone who owns DAI, presumably in case Maker becomes self-aware.
Why is DAI stable? Well, if DAI got much more expensive than $1, you can make more DAI, sell the DAI on the market, and then default. If DAI got much less expensive than $1, people with outstanding loans could buy DAI off the market and pay off their loans with it. If DAI really tanked, DAI holders could invoke the emergency shutdown and reclaim the collateral. And when DAI starts drifting a bit, Maker governance tries to nudge it using a familiar central bank tool -- the interest rate on Maker loans. All of these things help peg DAI to the dollar and they seem to mostly work.
Whereas Maker is basically a way to "lend to yourself", or take out leverage, Compound is an interpersonal lending system.
You start by putting a bunch of stuff into Compound, which will serve as collateral. Hopefully, other people have also put some stuff into Compound that you would like to borrow. If so, you can borrow it -- like Maker, you can borrow $1 of stuff for every $1.50 of collateral. Interest will accrue at some rate, and you can repay the loan and get your collateral back any time you choose. Meanwhile, the other people who put the stuff you borrowed there get the interest you paid.
What's the interest rate? Each token you can lend or borrow (e.g.) has an "interest rate model", chosen by platform governance (I don't know how they decide what it ought to be) which defines the interest rate as some function of the supply and demand for loans of that token. So if the demand for loans is high, but there isn't much of that token sitting around, lenders will get a high rate when they put that token into the pool.
Compound has a different approach to liquidating positions that have dipped below their collateral requirements due to market movements. If a loan is not sufficiently collateralized, any random person can call a function on the contract to steal some of the collateral and pay back some of the loan, at a better than market rate; so they will. It's a kind of "whoever notices it first" situation rather than Maker's slow auction. To me this seems simpler and effective -- I wonder why Maker didn't do it.
It turns out if you create a bunch of interoperable software that lets you transfer utility around, the software sometimes has unanticipated problems. It's very common for people to notice some way to Dutch book some combination of these services and pump money out until someone figures out how to do something about it.
Recently, someone created an amazing new invention which is like the Low Orbit Ion Cannon of arbitrage, called a flash loan. A micro loan is a very small loan; a flash loan is a very fast loan. You can borrow the money -- with zero collateral required, and with a very small fee -- if and only if you can repay it at the end of the same Ethereum transaction. I find this quite remarkable.
Aave (how do you pronounce this?) is the leading flash loan service. To use it, you have to deploy a contract that calls the loan contract, does whatever you wanted the money for, and calls the loan contract again to repay it. I guess there are also some other use cases for flash loans. For example, if you have a collateralized loan on Compound, and you don't want to repay the loan, but you wish the collateral were something else, you could (as I understand it) take a flash loan of the other thing, deposit it, withdraw your old collateral, and sell the old collateral to repay your flash loan.
But the really sweet use case is incinerating slightly imperfect systems made of Ethereum contracts and taking out all the money. Check out some of these autopsies.
The origin account of the transaction starts with nothing, then borrows and moves a pile of cash, causes two huge Uniswap orders (in both directions) in the course of the same transaction, and ends up with 65 ETH. That definitely looks fishy.
The attacker repeatedly exploited the effects of impermanent loss of USDC and USDT inside the Y pool on Curve.fi. They used the manipulated asset value to deposit funds into the Harvest’s vaults and obtain vault shares for a beneficial price, and later exit the vault at a regular share price generating a profit...The value lost is about $33.8 million, which corresponded to approximately 3.2% of the total value locked in the protocol at the time before the attack.
The attacker returned $2 million to the protocol and pocketed $6 million — and with it left one audacious message stating, “do you really know flashloan?”
Value Defi said it suffered a “complex attack that resulted in a net loss of $6 million.”
You get the idea.
Should I really send my money to this computer program?
Good question. After a few evenings of looking at this I haven't been able to easily quantify the risk involved in using any of these tools to actually attempt to make money. If you go look at being a liquidity provider for stablecoin pairs on Curve -- which "should" be a very low risk investment when everything works -- you're getting a rate of a few dozen percent APR. But the potential, hard-to-quantify costs and risks abound:
Is there a bug in Curve's contracts? Maybe. Maybe not, if nobody has found it yet? But who knows?
Will you screw up in the process of moving your money onto the platform, or get owned by malware that nabs your keys?
Will the underlying tokens, like DAI or USDC, lose their value for a hard-to-understand reason, even though they are not supposed to?
What will the APR be like three months from now? You're getting rewarded in CRV governance tokens, and it's expensive in gas to sell them instantly -- are those going to hold their value? Who exactly is on the other side of this trade?
Speaking of gas, given current prices, if you don't put a lot of money in, you're probably not looking at an attractive proposition.
Doing US taxes on this is ridiculous. There's software that is supposed to help build your return, but it's hard to keep the tax implications in your head and take them into account.
So... a few dozen percent APR is a lot. And it's not designed to be a scam. To paraphrase Eliezer, "The contract does not hate you, nor does it love you, but you have deposited ERC-20 tokens which it can use for something else."
I advise the emptor to caveat. But I also advise you to check this stuff out, if you independently value exploring an exciting new land of nonsense.
One of the things I appreciate about this community is posts like this, where a smart person gets the itch to learn all about something interesting, then writes it up in a way that effectively conveys their synthesis.
I work in Bitcoin professionally, have not spent a lot of time looking at Ethereum/DeFi stuff, and found this surprisingly educational.
I will make one broken-record comment, which I always repeat when the topic of DeFi comes up. These things typically require you to lock up some collateral, in a way that subjects you to the price fluctuations of some cryptocurrency on top of whatever DeFi thing you're doing. Your ultimate return may have a lot more more to do with those price fluctuations, than with the DeFi stuff itself.
That may be fine, but make sure you account for it. In the easiest case, you're already holding whatever cryptocurrency you'd be exposed to. In the hardest case, you are using money that was previously in the stock market / your bank account, and exposing it to changes in the market value of some obscure token that nobody's ever heard of. Making 25% APR on your investment in that token is probably meaningless.
(This is VERY not investment advice, but: if you want to go long on "crypto-mania", my first suggestion would be that you (1) buy some Bitcoin, and (2) don't sell it. It's a lot less effort than DeFi, and so far the return has been pretty good. Future returns may not be so good! But the correlations between cryptocurrencies are pretty high, so if Bitcoin does badly, whatever token your DeFi thing uses probably will also do badly, over the medium term at least.)
I remember Peter Thiel saying that buying Google stock is about betting against innovations in search. Bitcoin might be a bet against the DeFi stuff being useful. If the DeFi stuff is useful then the token of the platform where the DeFi stuff is housed has a good potential to get higher value then bitcoin and if it gets higher value, Bitcoin is likely falling in value for not being the primary currency anymore.
With it's 30 transactions per second on Ethereum 1.0 the amount of DeFi that can be done currently is a lot less then what could be done with 100,000 per second on Ethereum 2.0 in the future.
This is a really good response and it made me think, thanks.
I should disclose (I wasn't meaning to hide it before, but in retrospect it's clearly relevant) that I do have a position in ETH, much smaller than my position in BTC, as a hedge against a scenario like this.
Historically, the correlation between the two has been pretty strong, as has the correlation among all the cryptocurrencies. But if they successfully switch to Ethereum 2.0, that could have a major effect here.
Overall, my sense is that Ethereum has a weaker foundation, engineering-wise, than Bitcoin; but it also obviously has a LOT more features (some of which can be footguns.) And there's no inherent reason that Ethereum can't gradually improve the engineering while retaining the features, and it's definitely been working on doing that. On the other hand, Bitcoin has a fundamental philosophical conservatism that I think makes it a better long-term bet in some ways. Assuming it survives, you can bet that it will still be recognizably Bitcoin well into the future. Who really knows what Ethereum will be -- the governance model allows for a lot more change, which can be good or bad.
One of them is really more about governance than engineering, although it mixes both. The Bitcoin model is "this thing exists, it has to work, we're not going to screw with it unless there is overwhelming consensus to do so." And in fact it is structurally pretty hard to screw with it, absent overwhelming consensus to do so; if you screw it up, you fork the chain. (Realistically, the core devs could probably force something through once, at great reputational cost; but both the core devs themselves, and the user community, are philosophically opposed to that kind of thing.)
Meanwhile, the Ethereum model seems to be "you run what the devs tell you to run." If we want to change the rules, we change the rules. Most people don't even run full nodes; they use a small number of major service providers. And incidents like this are scary: https://www.coindesk.com/ethereum-service-providers-experiencing-issues-after-reported-blockchain-split . The devs released new software that changed the rules; major service providers were not given advance notice and did not update; this broke a ton of stuff. Since the devs define the protocol, those service providers were then forced to update.
The last accidental hard fork of the Bitcoin chain, and the only one I'm aware of, was in 2013. https://github.com/bitcoin/bips/blob/master/bip-0050.mediawiki . It was due to a bug, and unlike the Ethereum scenario, the clear Bitcoin community consensus was to roll back to the version before the accidental break. Nobody in Bitcoin has the mandate to roll out a breaking change and force everybody to adopt it. (You can definitely argue about the various community splits on breaking change proposals in the past, but IMO this underscores that the community's view of a change IS the critical determining factor; the devs can't just release a breaking change and expect everybody to go along, whereas in Ethereum that's the norm.)
From a more engineering-oriented and less governance-oriented view, I guess my main concern is that Ethereum's scripting model is very complicated compared to Bitcoin's. I'm not aware of a Bitcoin script ever being hacked, granted that this is because Bitcoin scripts are much less capable than Ethereum scripts! Meanwhile, here is a list of Ethereum smart contract postmortems: https://forum.openzeppelin.com/t/list-of-ethereum-smart-contracts-post-mortems/1191 . It's a long list.
The worst one I'm aware of is https://www.parity.io/security-alert-2/ . Parity was/is one of the first-party, supported, officially-sanctioned Ethereum nodes/wallets. (It's hard for me to tell whether it's currently the recommended full node to run yourself, because the Ethereum website does not recommend ANY full node software to run yourself, that I can see; only light wallets and third-party hosted wallets. One of the recommended open-source Bitcoin wallets, Bitcoin Core, is a full node.)
In the linked incident, ALL PARITY MULTISIG WALLETS AND THEIR CONTENTS WERE DESTROYED. (And I had forgotten, but that site reminds me, that this was actually the SECOND issue with Parity multisig wallets, and was introduced in the fix to a previous issue. The link to the previous issue is dead, so I don't know whether that also resulted in loss of all funds.)
This isn't a detailed or exhaustive investigation, and of course not all of this can be blamed on Ethereum itself. But generally I would say that my impression is that Ethereum has lower engineering standards than Bitcoin does.
For an example of good engineering on the Bitcoin side: Some Bitcoin devs did exhaustive testing of some of Bitcoin's cryptograpy against OpenSSL, in order to check for bugs in the Bitcoin code. Instead, they found a bug in OpenSSL: https://www.openssl.org/news/secadv/20150108.txt (search-in-page for "squaring".) Obviously there could be stuff like this in the Ethereum camp, too, and I wouldn't necessarily know since I mostly only deal with Bitcoin.
The Bitcoin model is "this thing exists, it has to work, we're not going to screw with it unless there is overwhelming consensus to do so." And in fact it is structurally pretty hard to screw with it, absent overwhelming consensus to do so;
With the majority of the mining power concentrated in China I don't think that's really true. China could just pass a law that says: "It's illegal to sign blocks that contain transfered funds of terrorist entities, the Chinese government is able to decide to freeze certain addresses so that Chinese miners are not allowed to accept blocks (optionally: that are newer then two days) or create blocks that move funds out of those addresses".
Without a fork that would mean that the Chinese miners are able to have the longest blockchain and thus the official one. I don't see an easy way to fork and invalidate the ability for the Chinese miners to do that either. You would likely need to do things like changing the underlying signing algorithms to invalidate the ASICs.
From a more engineering-oriented and less governance-oriented view, I guess my main concern is that Ethereum's scripting model is very complicated compared to Bitcoin's. I'm not aware of a Bitcoin script ever being hacked, granted that this is because Bitcoin scripts are much less capable than Ethereum scripts!
You need the complicated scripts to do the complex DeFi stuff. If a substantial amount of the value of cryptocurrency comes out of the DeFi stuff that will likely mean that a crypto network that allows that stuff will move to the top.
That makes it sound like nobody lost Bitcoin in hacks either. I don't see much difference between Binance losing 40$ million worth of Bitcoin in a hack of their software to a smart contract on the Ethereum network being hacked.
China could just pass a law that says: "It's illegal to sign [certain blocks].
Without a fork that would mean that the Chinese miners are able to have the longest blockchain and thus the official one. I don't see an easy way to fork and invalidate the ability for the Chinese miners to do that either. You would likely need to do things like changing the underlying signing algorithms to invalidate the ASICs.
I agree that you're right about what would initially happen in this scenario (miner majority conspires to censor transactions).
It's worth noting that you can only tighten restrictions this way, not loosen them (e.g. China can't pass a law sending themselves all the coins, miner majority or not, without automatically forcing everyone else into a separate fork.)
The difficulty level of responding to this would depend on the policy goals of the Chinese government, and the level of coordination of the Chinese miners. If they were content to have their own China-Bitcoin fork, it would be easy enough to coordinate to let them go, and nothing as drastic as a PoW change would required. If not, it would certainly get messy, although I think we have some reasonable approaches prepared for this contingency, short of nuclear options.
If a substantial amount of the value of cryptocurrency comes out of the DeFi stuff that will likely mean that a crypto network that allows that stuff will move to the top.
I agree. Whether it's worth the complexity is an interesting open question.
I don't see much difference between Binance losing 40$ million worth of Bitcoin in a hack of their software to a smart contract on the Ethereum network being hacked.
Here I do see a tremendously large difference:
First of all, Binance is an exchange which trades both Bitcoin and Ethereum, and holds balances of both. The fact that they lost Bitcoin in the hack, and not Ether, is only because Bitcoin is more popular than Ethereum. There is zero structural advantage for Ethereum here.
Binance is a third-party website. I don't know what standard practice in Ethereum is -- hopefully the same -- but it is strongly recommended in the Bitcoin community never to store coins with a third party. By contrast, Parity is one of the standard Ethereum local wallet apps, and the affected contract was the built-in multisig option in that app. "I gave my coins to a third party and they got lost" is very different from "I stored my coins in the official wallet app on my local computer and they got lost."
In point of fact, Binance users did not lose funds -- as far as I can tell, Binance covered all the losses. By contrast, in the Parity multisig incident, all affected user funds were -- as far as I know -- lost irrecoverably.
It's also worth noting, if only for amusement value, that the Parity multisig issue was not technically a "hack"; the bug was triggered by accident, and the coins were lost (not taken). (Although the previous incident in the same contract, just 4 months prior was a theft.)
Obviously these points are applicable to these specific examples. There were other Ethereum contract losses where users did realistically know they were putting funds at risk, unlike the Parity incident. And there were other Bitcoin incidents where user funds did get lost, and were not returned (although of course they all involved storage of funds with third parties, not bugs in the standard client software, that I'm aware of.) But the sheer volume, severity, and general nature of the issues seems incomparable to me.
What's the point of a loan if you need 100% collateral, and the collateral isn't something like a house that you can put to good use while using as collateral?
If I can use bitcoin as collateral to get some Doge, hoping to make enough money with the Doge to get my bitcoin back later... couldn't I just sell my bitcoin to buy the Doge, again hoping to make enough money to get my bitcoin back later?
People hold Bitcoin and Etherum because they want to be able to make a profit on it raising in price. If someone sells their Bitcoin to buy Doge and Bitcoin doubles in price they don't earn any profit. If they however used the Bitcoin as collateral for a loan, the will make a profit if Bitcoin rises in price.
Vitalik's explanation of how he made $56,803 on betting on Trump losing on Augur would be one practical case of someone using this method.
Just like Vitalik made profit with using the inefficiency in the Augur prediction market other people are likely using the leveraged capital to make money with the above described yield farming.
Is there any use case for these over-collateralized loans other than getting leveraged exposure to token prices? (Or, like Vitalk did, retaining exposure to token prices while also using the money for something else?) So, for instance, if crypto prices stabilized long term, would the demand for overcollateralized loans disappear? Does anybody take out loans collateralized by stablecoins?
Even if the prices of crypto-currency stabalize long-term, not every token is about being a crypto-currency. Many tokens are like shares in a venture that you wouldn't expect to have stable prices just like stocks on the stock-market don't have stable prices.
If I understand right you can also use tokens that are locked in to doing staking as collateral.
Well, here's a scenario: Suppose you have owned Bitcoin since 2012 and now you have a million dollars of Bitcoin, but when you sell them you will have to pay ~$250,000 in capital gains tax, since you live in California. You still endorse owning the Bitcoin because you think it's headed for the moon, but you want to use that capital for some other stuff, like buying a Tesla.
In this case you could deposit $200k of Bitcoin into Compound, withdraw $100k of USDC, cash the USDC out for dollars at Coinbase, and buy your Tesla. Now you are still exposed to the upside on all your Bitcoin but you also have your Tesla.
In practice I actually don't know what kind of taxable event "taking out a loan at Compound" is so I am not sure this was a correct way to minimize taxes. (On the other hand, even if it's not, I bet people are doing it; the IRS actually looks if you sell Bitcoin on Coinbase, but I don't think it looks at what you're doing with Compound.) But at least it definitely preserved your exposure to Bitcoin. That's a way to "put it to good use" even when it just sits there.
This is one example. As I mentioned in the post, I'm not sure what is driving the majority of the demand.
So then, to get back the bitcoin in 12 years when it's worth a billion dollars or whatever, you just have to make back the million USD you spent (plus interest), convert to USDC, and pay back (with interest)?
And then the risk you run is that bitcoin falls between now and that time, at which point your collateral would be liquidated to the highest bidder, and you'd be left with a Tesla but no bitcoin. (Not such a bad risk, all things considered.)
It would be even easier than that. Suppose for the sake of simplicity you put your whole million dollars of Bitcoin into Compound. You could then withdraw USD up to the point where you hit the collateralization ratio set by Compound, e.g. if the collateralization ratio is 150%, you could withdraw $666k of USD.
When Bitcoin goes up 1000x, your collateral is now worth a billion dollars, but you have still only borrowed $666k (plus interest). You have way more collateral than you need. So you could just withdraw 99.9% (minus interest) of the collateral, if you wanted. You don't even have to repay anything to do that.
Phil once told me about a cosmic horror that he called a “generalized frontrunner.” Arbitrage bots typically look for specific types of transactions in the mempool (such a DEX trade or an oracle update) and try to frontrun them according to a predetermined algorithm. Generalized frontrunners look for any transaction that they could profitably frontrun by copying it and replacing addresses with their own. They can even execute the transaction and copy profitable internal transactions generated by its execution trace.
I guess I expect the edge to manifest in the form of being able to look at simple, high-upside, good ideas being implemented by smart people, correctly distinguish them from uninspired hacks, and then being able to take effective action on your beliefs. (Good ideas like Bitcoin or Ethereum themselves, or like CFMMs.)
As a random example, if you go look at harvest.finance right now, you can see that there's a huge APY on investing in Uniswap liquidity pools associated with tokenized versions of public company stock, like AAPL. These tokens are designed by a new project called Mirror which I know nothing about. Do they work? Is the project credible? Is there demand for this product?
It's possible that if you spent a few hours looking into it, you could put a decent confidence interval on the probability it will succeed or crater, and if it's likely to succeed, you can make a lot of EV on these pools.
In the long term, if Ethereum (or some replacement) can continue scaling up, there's just going to be more and more stuff that is begging to be reimplemented as interoperable tokenized contracts, and it's all going to have to go from zero to sixty. If someone makes the Ethereum version of, like, Ebay, or Twitter, and you can recognize that it's any good and invest in it, that's a big edge.
Do they work? Is the project credible? Is there demand for this product?
If you do interact with it you should also ask yourself, do you violate security laws if you interact with it? The SEC has a lot of rules and might see trading tokens that mirror stocks as being subject to regulations for stock trading.
It's a kind of "whoever notices it first" situation rather than Maker's slow auction. To me this seems simpler and effective -- I wonder why Maker didn't do it.
It seems to me that in that system however notices it first can extract a lot of value from the lender. The Maker system minimizes the amount of value that the party that clears the defaulted loans can extract so that different vendors compete to provide that service as cheaply as possible.
Like companies that don't issue dividends or buy back shares, it's slightly puzzling at first glance where so much value is coming from. Expectation of future profit sharing mechanisms?
If the governance tokens are distributed in a way that actually distributes governance I would expect the tokens holders to be able to coordinate in the future to easily add mechanisms for profit sharing.
(Disclaimer: I mention TUSD and TrueFi below; my brother is the CEO of the company behind those so you can guess my biases. None of this is financial advice)
have a giant pile of US dollars somewhere under someone's control, and have that person act as a counterparty for anyone who wants to buy or sell 1 US dollar for 1 token. This is what Tether and USDC do.
Not quite - Tether hasn't been properly backed by dollars since 2019 (see discussion over at Metaculus). A better example of a second fully-backed stablecoin would be TrueUSD (and its sister coins for other currencies, like TrueHKD).
Because it's supposed to be trustless and decentralized, all loans are necessarily at least fully collateralized
TrueFi is offering uncollateralized loans. It's not nearly as trustless and decentralized as something like Uniswap, but it is moving in that direction - loans are voted on by holders of the governance token TRU, and the project roadmap says that soon they'll be doing more of this algorithmically based on info such as your on-chain credit history.
(also TrueFi is offering some pretty sweet yield farming rates right now :) )
Sure, uncollateralized lending is knowingly a higher-risk higher-reward space. So far they've had $57million in in successfully repaid loans and zero defaults, but obviously they can't keep up that perfect streak forever, and it remains to be seen if the net yields still look great when some defaults inevitably occur.
Excellent introduction! My own experience with DeFi is a few months in the Yearn USDT vault. (It seemed like a low-risk way to learn the mechanics.) The quoted APYs vary quite a bit from week to week. If I calculate the APY myself over the whole time, it's about 9% annualized. That's not bad for a stablecoin, but after gas fees for entry and exit, it's hardly worth the bother for the amount I was willing to experiment with.
I find that I like strategies with a lot of transactions, like dollar-cost averaging or asset allocation with rebalancing. For these, transaction costs are much lower on a centralized exchange.
If I find something that I want to buy in one lump and hold for a few months, and it's not available on my exchange, I'd certainly consider buying it on Uniswap.
I feel it's worth pointing out that all proof-of-work cryptocurrency is based on literally burning use-value to create exchange-value, and that this is not a sustainable long-term plan. And as far as I can tell, non-proof-of-work cryptocurrency is mostly a mirage or even a deliberate red herring / bait-and-switch.
I'm not an expert, but I choose not to participate on moral grounds. YMMV.
I realize that what I'm saying here is probably not a new idea to most people reading, but it seems clearly enough true to me that it bears repeating anyway.
If anyone wants links to further arguments in this regard, from me rather than Google, I'd be happy to provide.
#2. Note that even if ETH does switch in the future, investing in ETH today is still investing in proof-of-work. Also, as long as BTC remains larger and doesn't switch, I suspect there's likely to be spillover between ETH and BTC such that it would be difficult to put energy into ETH without to some degree propping up the BTC ecosystem.
I believe that Bitcoin is a substantial net negative for the world. I think that blockchain itself, even without proof of work, is problematic as a concept — with some real potential upsides, but also real possibly-intrinsic downsides even apart from proof of work. I'd like a world where all PoW-centric cryptocurrency was not a thing (with possible room for PoW as a minor ingredient for things like initial bootstrapping), and crypto in general was more an area of research than investment for now. I think that as long as >>90% of crypto is PoW, it's better (for me, at least) to stay away entirely rather than trying to invest in some upstart PoS coin.
And as far as I can tell, non-proof-of-work cryptocurrency is mostly a mirage or even a deliberate red herring / bait-and-switch.
Polkadot has working proof-of-stake. Polkadot has a setup where it can run many more transactions then Ethereum can with the current 1.0 setup. If you don't believe that Ethereum will manage the transition to Ethereum 2.0 then it would be likely that Polkadot overtakes Ethereum for DeFi.
Filecoin has a type of proof-of-work but it's work that stores files with is economically useful.
I'm strongly endorsing this, having done the same thing you did (spent two evenings looking at this stuff) and having come up pretty much exactly with the same picture, and the same set of questions/uncertainties.
Something I found very interesting is the fact that Ethereum is poised to move from proof-of-work (miners who solve a cryptographically hard problem to verify transactions, minting new coins in the process) to proof-of-stake (where one "stakes" coins for a chance to verify transactions, earning interest in the process — I'm not entirely comfortable with the ideas yet, but here's an article on the topic by Ethereum's creator: https://vitalik.ca/general/2021/04/07/sharding.html).
If Ethereum successfully transitions to proof-of-stake, this should theoretically greatly lower the transaction costs and make the whole ecosystem more viable.
Really fantastic primer! I have been meaning to learn more about DeFi and this was a perfect intro.
Does anybody know, for someone who wants to learn more, not just on the investing/trading side but on the development of smart contracts, what are good resources, other than the many links in the article?
Are there good books on the topic? Or tutorials?
What about subreddits or discord servers? People to follow on twitter?
I'm wondering if these loans should really be considered loans, or some other kind of trade? It sounds like you're doing something like trading 100 X for 90 Y and the option to later pay 95 Y for 100 X. Is there any real "defaulting" on the loan? It seems like you just don't exercise the option.