Our founder, Hugh Karp, gave a presentation at ETHCC. Here’s what he was talking about.
Our framework is grounded in established risk management techniques and uses a high level qualitative approach to ratings. To start, we classify risk into 3 main categories.
1. Technical Risk
This is the risk of the smart contracts not behaving as intended by the developers. It is very hard to code error free so there is always some level of technical risk that exists. Audits, extensive testing, formal verification as well as how “battle-tested” the contract are factors that can reduce technical risk.
2. External Risk
This is the risk of external information influencing how the smart contracts operate to the detriment of other users. For example, an oracle could provide malicious data, and administrator could change a system parameter or governance procedures could be co-opted.
3. Economic Incentive Failure Risk
Many smart contract systems, especially in the DeFi space rely on economic incentives to encourage network participants to perform certain actions. These incentives could fail to encourage the right behaviour or not be adequate enough leading to other users being adversely impacted. For example, the incentives in the MakerDAO smart contracts could be too aggressive and the DAI <> USD peg could break if the ETH price drops too far, too quickly.
It’s important to acknowledge that these three categories of risk are in addition to the regular usage of the particular smart contract. For example, if you’re using a gambling application there is clearly a risk you lose your money through the normal usage of the system. We are focused on the more severe risks here, not risks involved in standard use where everything operates as expected.
To assess the risk of using each smart contract system we have used a standard qualitative method that scores risk in each of the 3 risk categories. Importantly, the ratings are subjective and the categories are deliberately broad. The goal is not to imply accuracy but instead to conceptually understand the level of risk involved. The framework breaks down each risk category into two elements:
- Likelihood — how likely is the event to occur that could cause a loss.
- Consequence — assuming the event occurs what would the impact be.
Understanding the risks is the first step, it’s then important take action based on how they’ve been classified.
The rest of the presentation ran through specific examples of how this might be done. Please note that all ratings are personal ratings and can all be debated extensively.
The ability to permissionlessly build money legos on Ethereum is extremely powerful. But users need to be aware that all systems are extremely new and some are even released to main-net without audits. In time security and risk levels will improve but for now significant caution should be used.