We developed our assessment framework based on existing market’s best practices including the DeFi Score developed by Codefi team. This score includes the following factors: Smart Contract Risks (maturity, code security, code openness), Financial Risks (market and liquidity risks), Centralization & Intermediary Risk as well as some traditional financial market’s best practices.
Smart Contract Risk is the single most critical risk for a DeFi protocol. We evaluate the risk based on multiple factors, including but not limited to: maturity (how long the smart contract has been deployed), code complexity, audit history, open source or closed source.
Similar to traditional finance, DeFi deals with mostly marketable crypto assets. Most lending protocols require over-collateralization, hence the financial risks are mainly about collateral’s market and liquidity risks.\
Many of the traditional financial market’s trading desks use Value at Risk model to assess the market risks of portfolios. Given most of the crypto assets have pretty short trading period and lack of credible trading data to backs test the model. Therefore, we mainly use the trading volatility to gauge the market risks of collaterals.
Liquidity is how easily a crypto asset can be bought or sold in the market, and converted to cash, stablecoin or other crypto assets. There are mainly two parameters measuring liquidity risk, one is the Bid and Ask Spread and the other is Liquidity Depth.
Liquidity assessment refers to not only on-chain liquidity but also off-chain Centralized exchanges (CEX) liquidity. Particularly for BTC wrapper (i.e., WBTC), it is more important to take into account off-chain liquidity, given most of bitcoin’s liquidity are on CEXs.
We are looking at full market coverage when assessing liquidity risk of a collateral asset.
For lending protocols, in addition to market liquidity, it is also quite important to look at the Utilization Ratio, to gauge funding liquidity risks. An example of this is, during market chaos, DAI is often in huge demand for deleveraging and closing CDPs, hence drain out DAI’s liquidity and create substantial funding liquidity risk.
Counterparty risk is mainly about centralization risk and intermediary risk. For example, is the token contract has special administrative right to mint assets? Is it subject to time lock? It is an important risk to consider when lending money with DeFi protocols. Different DeFi protocols have different levels of centralization risk.
One of the biggest risk factors to centralization risk in DeFi protocols is the use of admin keys. Admin keys allow protocol developers to change different parameters of their smart contract systems like oracles, interest rates and potentially more.