The 4 lending apocalypse horsemen (ACI at EthCC)
Source: https://www.youtube.com/watch?v=gfgUiFsf6MA
The Four Horsemen of Liquidity Protocol Apocalypse refers to the main risks for DeFi lending protocols in 2024.
Marc (the speaker) argues that a hands-off risk approach is not efficient and doesn't work.
Smart contract risk
Smart Contract Risk is historically a significant protocol killer that received the most attention.
In 2024, the situation has improved compared to the early days of DeFi in 2020-2021. Codebase and audits have become more standardized, with overall quality increasing.
Mitigations for smart contract risk:
- Designing protocols with fewer features to reduce the attack surface.
- Implement bug bounty programs (e.g., partnerships with Immunify and Code4rena).
- Collaboration with specialized service providers like BGD Labs.
- Building trust through battle-tested protocols over time (e.g., Aave's longevity in the space).
There are numerous examples of smart contract failures over the past four years. rekt.news is mentioned as a source for tracking these incidents.
Collateral failure (3:30)
Collateral Failure is identified as the second major risk for DeFi lending protocols.
It results from poor curation of collateral assets and can put the entire cross-lending protocol at risk.
Considering an asset is used as collateral when its intrinsic value drops rapidly (e.g., depegging or fundamental shift), its secondary value can drop faster than it's profitable to liquidate.
This leads to undercollateralized positions if no one liquidates or pays the debt, and affects liquidity providers of borrowed assets.
We can mitigate this risk by creating separate "baskets" for different collateral types, but this strategy implies tradeoffs:
- Segregated liquidity
- Worse user experience
- Higher gas costs and transaction fees (especially on mainnet)
- Higher borrowing costs due to segregated liquidity
Historical examples of collateral failure:
- Cream Finance in 2020: Introduced SWAG asset as collateral, allowing multi-million dollar positions.
- Rari Capital: Allowed anyone to create pools and attract liquidity providers.
Meanwhile, Aave introduced an "isolation mode" : implemented supply and borrowing caps in Aave v3 to constrain position sizes for each collateral and asset. That's not perfect, but it limits downside risk.
"Everybody loves externalized curation until someone loses money."
Oracle failure (6:45)
Blockchains are inherently blind to asset values, requiring external price feeds. So price information is crucial for estimating position health and debt cost and Oracle is a critical risk.
Mechanism of Oracle Failure:
- Price feeds are vulnerable during crises and high-volatility events.
- Block space saturation can lead to extremely high transaction fees.
- If price feeds fail to update, liquidations cannot occur, potentially leading to bad debts.
Lessons Learned:
- Avoid hard-cut price feeds (e.g., Compound's USDC incident in 2021).
- Implement proper price feed curation.
- Working with multiple providers can be beneficial, but curation is crucial.
- Critical infrastructure should not be open to anyone due to potential failures.
Sometimes tracking the primary market instead of the secondary market is safer. Particularly for correlated assets like liquid staking tokens.
Positive Example: ACI's experience with Chainlink, which performed well during high gas price events.
Negative Example: ezETH from Renzo incident. Despite being a quality project, they focused solely on secondary liquidity for an immature asset. It resulted in a temporary depeg, leading to 100% of borrowers being liquidated.
Implications for Protocol Design:
- Relying solely on secondary market data can be risky for newer or less liquid assets.
- Protocols should have safeguards against mass liquidations due to temporary market anomalies.
Risk Parameters failure (9:50)
DeFi is described as the most volatile asset class in world finance, and bear market events will occur in DeFi.
Therefore, proper assessment is necessary for setting appropriate liquidation thresholds and loan-to-value ratios.
Risk management:
- Hardcoded Risk Parameters are seen as "naive at best, and probably stupid", as the "truth" of today's market conditions will not be the same tomorrow
- Regular review and update of risk parameters is critical
- Governance should act as a guardrail for the work of risk curators.
- Protocols should be "prepared to die" or prepared for extreme market conditions.
Assets considered "Blue Chips" in 2020 now trade at 90% to 99% below their all-time high values. This dramatic change in market conditions illustrates why static risk parameters are inadequate.
Risk parameters should be different for an asset at its peak versus when it has significantly declined. There is a need for dynamic, adaptable risk management strategies.
"Hands-off is the future" (12:00)
Aave's approach is described as "hands-on curation" involving eight different service providers, including two different risk teams. "Hands-off" means No/external curation.
Reasons for the Appeal of No/External Curation:
- Difficulty of Protocol Operation. Operating a lending protocol as a DAO is described as "extremely difficult" and "probably the hardest job in DeFi."
- Appeal of Novelty. With Aave and its codebase dominating 80% of the market share, there's a desire to "do things differently" to stand out in a market dominated by a single approach.
- Opportunities. Low-quality assets that wouldn't pass curated protocols' standards can find opportunities in non-curated systems.
Benefits for asset holders:
- Avoid negative impact on secondary market prices by selling.
- Avoid negative social exposure from selling.
- Still gain access to liquidity by using the asset as collateral.
Marc suggests that while these approaches might be appealing, they may not be as effective or safe as claimed, according to the market reality.
The reality (14:55)
There is limited demand for Long-Tail assets. Six major assets (Bitcoin, Ethereum, correlated assets, and major stablecoins) represent 95% of Aave DAO revenue.
Little interest from liquidity providers to be counterparties to tong-tail assets. Rari Capital experienced no traction or significant bad debt, and Aave is seeing no traction.
Dangers of Hardcoded Risk Parameters:
- Market conditions change rapidly, making static parameters dangerous for users.
- Migrating liquidity in hardcoded protocols can significantly change costs for borrowers.
DAOs can work effectively and profitably. Marc Cites Aave and MakerDAO as proof. Governance should act as a safeguard to ensure efficient work by service providers, and token holders share in both positive and negative outcomes, creating an alignment of incentives.
Questions and answers (18:30)
Is the Aave DAO setup considered decentralized according to the Danish Financial Market Authority's recent paper on decentralization under the Markets and Crypto Assets Regulation (MiCA II)?
Does the crypto space, potentially including Aave, need to do more work to meet these decentralization standards?
Marc didn't directly answer whether Aave DAO meets the decentralization criteria or not. He suggests not focusing too much on the Danish initiative specifically, as they will ultimately follow the MiCA II text.
That said, he believes that MiCA II, coming into effect in 2026, would have long-lasting effects on the decentralized finance ecosystem.