top | item 29582113

(no title)

> The most important takeaway is to avoid new tokens that haven’t undergone a code audit. Code audits are a process by which a third-party firm analyzes the code of the smart contract behind a new token or other DeFi project, and publicly confirms that the contract’s governance rules are iron clad and contain no mechanisms that would allow for the developers to make off with investors’ funds.

But how do you know which third party auditors to trust?

What DeFi projects are laying bare is that it’s an absolute marvel that we have functional societies at the scale we do today (USA, EU). Most people can live their lives intuitively knowing which instructions to trust (financial, groceries, restaurants, medical, you name it). All of it is ultimately backed by laws, systems, real people who can be held accountable, and government monopoly of force. Furthermore we rarely have to see that stuff for the system to work and that monopoly on force is rarely abused.

It could be a meaningful technological shift if a lot of the financial infrastructure goes decentralized, digitized/programmatic, and open source. But I’m dubious the mainstream person’s day to day experience will change much, the stability and peace of mind afforded by the structures of our current society are pretty amazing and I don’t see them being replicated in a purely digital and decentralized form.

discuss

wizzwizz4|4 years ago

> It could be a meaningful technological shift if a lot of the financial infrastructure goes decentralized

It's important to note that “DeFi” is more centralised than our existing financial infrastructure. (Also, our existing infrastructure mostly uses open, public, well-known standards with many implementations; most DeFi stuff… documents how it currently works, I guess? Though it's hard to find that documentation.)

spinny|4 years ago

[deleted]

theogravity|4 years ago

A lot of DeFi scams claim that an auditing company has audited their code. There's also scam auditing companies too that work with these DeFi scams to add to the false legitimacy.

contravert|4 years ago

Although smart contract audits are pretty much security theatre where the auditor charges $10k-$30k to run your code through a program, rug pulls are way more common just through simple methods.

A few common ways:

1. Use your admin privilege to withdraw or upgrade the smart contract to drain the funds

2. Withdraw all liquidity for your token and disappear

3. Sell the entire token supply all at once, which is functionally equivalent to (2)

4. Pretend to get "hacked" and lose your private key

5. Program a backdoor into the smart contract (the least common way). Some of these are economic in nature (e.g. frontrunning), which can't necessarily be found in an audit

iszomer|4 years ago

I've seen projects go as far to claim to have their code audited by simply hosting it on a public github repo.

drsnow|4 years ago

Can you provide a source or two for these claims?

dcist|4 years ago

What are the scam auditing companies?

tenebrisalietum|4 years ago

In the US:

financial -> 2008 subprime loan crisis, recent inflation

groceries -> couldn't buy toilet paper at the start of the pandemic, still some lingering supply issues, prices going up

restaurants -> many not open reliable hours anymore, many closing

medical -> costs way too high and continue to rise, hospitals oversaturated with patients from time to time, nurses quitting

All of it is ultimately backed by laws, systems, real people who can be held accountable -> maybe if you are rich

I can't fault the average-income (or slightly higher/lower) person for having the point of view that these are starting to fall apart and aspects of DeFi becoming attractive, even though the practicalities have a long way to go before they would become anywhere near as foundational.

rchaud|4 years ago

What aspects of DeFi look attractive exactly? Yield of some digital coin which only has value relative to a fiat currency?

Your local bank at least complies with regulations that cap transaction fees for your chequing account. Meanwhile, ETH gas fees are completely unpredictable, and can easily be higher than the amount you're transferring.

amitkgupta84|4 years ago

I mean more like, you can generally eat food from grocery stores and restaurants and trust it'll be pretty safe. You can get medical operations and pharmaceuticals, and generally trust them. There are actually extremely large problems here, e.g. Purdue and fentanyl, but even there Purdue has been fined to death by the government. Still, there are huge problems for sure. The problems need to be addressed, but I think if you look to narrowly at some of the problems, you think the whole system needs to be overthrown. Sure that sentiment is increasing, but more pushed by well-off elites than a genuine grassroots uprising. This is one of the biggest problems we face today IMO.

I don't think DeFi helps with most of the problems you're talking about. Supply chain issues, COVID-related business restrictions, health care prices and the role of insurance providers, none of these are caused by centralized financial systems.

lupire|4 years ago

[deleted]