There are following categories of risks related to using DeFi:
Smart contract risk:
Smart contract codes are prone to errors, hacking and malicious actions. Smart contract hacking is very attractive as funds hacked can be converted into money quickly. There have been many cases of malicious actors that use vulnerabilities in the smart contracts to steal users’ assets locked in the smart contract protocols.
Decentralized finance lending can only be as strong as the source of its liquidity. In a volatile market, liquidity is put under heightened pressure. This could mean increased price fluctuation or even render funds inaccessible. Moreover, When a DeFi user becomes a Liquidity Provider for an AMM, the risk is that one token’s price will fluctuate against the price of the other token as a result the LP position is worth less compared to just the token pair outside the AMM pool.
The risk of regulatory is one of the most significant DeFi risks that the crypto industry may face. While the regulators are primarily focusing on centralized exchanges, it is obvious that DeFi platforms will come under regulatory scrutiny in the near future. There is more risk here so as users of DeFi do not require KYC documents. Some DeFi platforms which trying to be more compliant offer institutional investors closed-off liquidity pools that in which all participants must pass KYC and AML checks. Although it would be useful, it may lose anonymity and composability between platforms which are some advantages of DeFi.
Underlying blockchain risk:
- High Gas price due to lack of scalability
Most of the DeFi protocols currently are built on Ethereum which has resulted in congestion of the Ethereum network, slower processing of transactions and an increase in gas price.
Sometimes a group of miners gain the control of more than 51% of the network’s hash power so they join together to attack the network. Although the attackers cannot change previous blocks or issue new tokens, they can block new transactions and double-spend coins.
- Admin key risk
In decentralized finance no central authority controls the user’s funds so Users have to store their funds in wallets. As a result, users are themselves in charge of the safekeeping of their crypto assets. If users forget (or lose) the seed phrase that backs up their private key those funds will be lost forever.
- Oracle Manipulation
The off-chain data provided by oracles must be accurate because DeFi protocols rely on them. Oracles supply market data that settles financial smart contracts. The risk is when someone manipulates these oracle protocols to enter inaccurate data to DeFi protocols.