Some platforms would allow users to link identities with the Ethereum addresses they use. There are ways to safeguard privacy and security when using DeFi platforms
Decentralized finance platforms, also called DeFi were the main players of the cryptocurrency ecosystem during 2020. Although other trends are attracting attention, DeFi is still active and represents a good option for users.
When it comes to being measured by the money deposited in smart contracts, 2020 could be compared to the nearly $ 100 billion that decentralized finance came to hoard earlier this month; At least Four times more than the previous year’s maximum.
One of the motivations of many DeFi users, which leads them to prefer them over centralized services, is the sense of security and privacy.
On the decentralized exchange Uniswap, it is possible to exchange ERC-20 tokens without giving up custody of funds or providing personal data. These procedures differ from centralized exchanges like Binance or Coinbase.
For those users who want to generate interest with the crypto assets they own, in the field of DeFi there are protocols such as Yearn Finance.
These protocols allow users to acquire a higher profit than those protocols offered by centralized platforms such as Blockfi; all this without the need to complete KYC (Know Your Customer) verifications.
Security and Privacy in DeFi Might not be What Users Think
An investigation sustained by specialists from the Brave Software company, and the Imperial College London educational institution discussed whether DeFi is safe and private. The conclusion is that many of these platforms have features in their code that allow these areas to receive violations and disruptions.
The researchers explained that various decentralized finance platforms implement third-party scripts. These are relatively simple sequences of code written by someone other than the DeFi developers.
The specialists stated that if a DeFi site incorporates scripts, those scripts can interact with the user’s wallet API, so this interaction could phishing attacks easier. They added that 66% of decentralized finance protocols implement at least one script.
A phishing attack intends to trick a person into taking actions that they should not take, such as sending money to an address added by the attacker.
The case of the 1inch decentralized exchange is relevant. This exchange adds a script to facilitate communication between the user and the support staff.
According to the study authors, the service comes from a third party and gets embedded in a position that gives users full control over the 1inch domain.
So if that chat implementation is compromised, it could steal funds from users’ wallets or transact directly from there. The professionals who studied the platforms assured that these transactions should receive approval from users.
On the other hand, regarding the nature of scripts, Brave Software and Imperial College indicated that 56% of the 78 DeFi platforms analyzed incorporate at least one Google script.
This analysis has a vital impact on privacy, as these analysts explain, to the point that it would be possible for Google to link Ethereum addresses with specific identities.
By: Jenson Nuñez
