Decentralized finance has broken records in 2021, and for many people, the priority is to secure this abundant ecosystem. Auditing firm CertiK has analyzed the smart contracts of over 1,800 DeFi companies and comes to its most important conclusion: the theft of funds and data stems from the fact that the blockchain still uses centralized technologies.
CertiK mentions in particular 1.3 billion dollars in losses that could have been avoided with in-depth source code audits.
Centralized methods are a source of hacking
In the world of cryptocurrencies , there is a new paradox: the number of legal transactions has exploded in 2021, which has made the number of illegal actions (theft of funds, loss of data) rather small compared to the general volume. (0.17% of total volume). However, the end-of-year 2021 figures from the various audit companies evoke 1.3 billion in lost funds.
By centralization we mean all the methods that make up Web 2.0, when user data is grouped together in a single database and is controlled by a single owner. The operation of centralization benefits hackers who discover new flaws in systems every day. During its audit of more than 1,800 DeFi customers, CertiK discovered a whopping 31,000 flaws, all of which could be exploited by hackers.
CertiK believes that DEXs and other decentralized organizations should not overlook security as demand explodes across the globe. The main culprit would be centralization, according to the auditing company, which allows everything to be known about your transactions. An unethical system of blockchains.
Towards total decentralization
It's an environment " where millions of dollars can be siphoned off from a compromised line of code ," CertiK said in its report. We keep as an example the Uranium Finance platform, deployed on the Binance Smart Chain , which lost $57 million in April 2021, due to a simple erroneous character in the source code.
DeFi must strengthen security on all of its operations, at the risk of seeing investor interest dry up. CertiK offers suitable solutions, such as multi-signature wallets, but the important thing for them is to get out of a centralized system, unsuitable and vulnerable to attacks.