DeFi Superpowers Glossary: The Trust
“Wait … Isn’t the whole point of DeFi to ensure that you don’t have to trust intermediaries anymore?”
Well, yes, but as there are no explicit intermediaries within DeFi, you need to make sure you know what to look out for to find out if a DeFi project is truly trustless. Summer.fi gives you the right weapons to be a DeFi superhero and survive.
In this article, we cover the 5 key elements to look out for to see if a DeFi project can make you a true DeFi Superhero, providing you with The Trust.
- Does the project have all its code publicly available?
For projects built on Ethereum: Smart contracts should be verified on Etherscan. Ideally, the entire repository is open source, so a history of changes can be found. Almost everyone interacts through some front-end with the contracts. This is another layer of trust. Therefore having the front-end code open source keeps it transparent and more resilient against exploits.
- The following key element is audits.
No DeFi smart contract should be trusted within DeFi to be safe, without at least one audit being done. Whilst audits aren’t the holy grail, they do provide a layer of security, as their key point is to find exploits within the delivered code. Have updates been made to audited contracts? Then, the audit can be considered meaningless. If the on-chain code does not match 1-1 with the audited code, then that’s another red flag about trust.
- The third key element for trust is a responsible disclosure method like a bug bounty program (e.g. on Immunefi or Bepro).
Having the ability for white hat hackers to come to a project to responsibly disclose an issue and being rewarded for it, decreases the risk of any hacker just going to try to steal funds. Even with a bug bounty program, the chance is still that the project ends up on https://rekt.news/, but it’s another pillar for trust.
- Fourth, and this might seem obvious, but within DeFi, it’s crucial to know who is ultimately in control of the funds.
Many DeFi projects are upgradeable through governance processes. If that’s the case, the governance process should ideally not affect the smart contracts instantaneously, otherwise, that’s an intermediary you need to trust. Projects like Uniswap & Ajna have no governance mechanism that can upgrade the smart contracts. You remain 100% responsible for the funds within the smart contracts.
- Who’s behind the project?
If the project has governance, are the tokens distributed among a large crowd? Can the project be reached in any way? Do the founders have a good track record within DeFi? If any of the answers to these questions is no, then that’s another red flag regarding trust.
Do these elements create a superhero DeFi project? They are definite requirements, but in the current state of DeFi, you always need to stay vigilant.
Watch for any red flags and call-out projects that have them to save others from falling for another DeFi villain.
At Summer.fi, we provide you with Trust Superpower to manage your DeFi Capital. Here is some evidence:
- The Summer.Fi smart contracts & bounties can be found here
- The Summer.Fi code can be found here
- The Summer.Fi team can be found here
- The Summer.Fi audits are referenced here
- Our Bounty Program on Immunefi
Getting help
If you have any questions regarding Summer.fi in general, contact us at support@summer.fi or on our social media.