Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Mapping the DeFi crime landscape: an evidence-based picture

Catherine Carpentier-Desjardins, Masarah Paquet-Clouston, Stefan Kitzler, Bernhard Haslhofer

Abstract

Decentralized finance (DeFi) has been the target of numerous profit-driven crimes, but the prevalence and cumulative impact of these crimes have not yet been assessed. This study provides a comprehensive assessment of profit-driven crimes targeting the DeFi sector. We collected data on 1141 crime events from 2017 to 2022. Of these, 1036 were related to DeFi (the main focus of this study) and 105 to centralized finance (CeFi). The findings show that the entire cryptoasset industry has suffered a minimum loss of US$30B, with two-thirds related to CeFi and one-third to DeFi. Focusing on DeFi, a taxonomy was developed to clarify the similarities and differences among these crimes. All events were mapped onto the DeFi stack to assess the impacted technical layers, and the financial damages were quantified to gauge their scale. The results highlight that during an attack, a DeFi actor (an entity developing a DeFi technology) can serve as a direct target (due to technical vulnerabilities or exploitation of human risks), as a perpetrator (through malicious uses of contracts or market manipulations), or as an intermediary (by being imitated through, for example, phishing scams). The findings also show that DeFi actors are the first victims of crimes targeting the DeFi industry: 52% of events targeted them, primarily due to technical vulnerabilities at the protocol layer, and these events accounted for 83% of all financial damages. Alternatively, in 41% of events, DeFi actors were themselves malicious perpetrators, predominantly misusing contracts at the cryptoasset layer (e.g. rug pull scams). However, these events accounted for only 17% of all financial damages. The study offers a preliminary assessment of the size and scope of crime events within the DeFi sector and highlights the vulnerable position of DeFi actors in the ecosystem.

Mapping the DeFi crime landscape: an evidence-based picture

Abstract

Decentralized finance (DeFi) has been the target of numerous profit-driven crimes, but the prevalence and cumulative impact of these crimes have not yet been assessed. This study provides a comprehensive assessment of profit-driven crimes targeting the DeFi sector. We collected data on 1141 crime events from 2017 to 2022. Of these, 1036 were related to DeFi (the main focus of this study) and 105 to centralized finance (CeFi). The findings show that the entire cryptoasset industry has suffered a minimum loss of US$30B, with two-thirds related to CeFi and one-third to DeFi. Focusing on DeFi, a taxonomy was developed to clarify the similarities and differences among these crimes. All events were mapped onto the DeFi stack to assess the impacted technical layers, and the financial damages were quantified to gauge their scale. The results highlight that during an attack, a DeFi actor (an entity developing a DeFi technology) can serve as a direct target (due to technical vulnerabilities or exploitation of human risks), as a perpetrator (through malicious uses of contracts or market manipulations), or as an intermediary (by being imitated through, for example, phishing scams). The findings also show that DeFi actors are the first victims of crimes targeting the DeFi industry: 52% of events targeted them, primarily due to technical vulnerabilities at the protocol layer, and these events accounted for 83% of all financial damages. Alternatively, in 41% of events, DeFi actors were themselves malicious perpetrators, predominantly misusing contracts at the cryptoasset layer (e.g. rug pull scams). However, these events accounted for only 17% of all financial damages. The study offers a preliminary assessment of the size and scope of crime events within the DeFi sector and highlights the vulnerable position of DeFi actors in the ecosystem.
Paper Structure (7 sections, 10 figures, 3 tables)

This paper contains 7 sections, 10 figures, 3 tables.

Table of Contents

  1. CeFi: Important Financial Damages
  2. Vulnerable DeFi Actors as Main Target for Profit-Driven Crime
  3. DeFi actor as Perpetrator: Malicious uses of Contracts and Limited Financial Damages
  4. Main Impacted Layers: DeFi protocol, Cryptoasset and Interface layers
  5. Appendix
  6. Crime Events Statistics
  7. General and Specific Tactics Definitions

Figures (10)

  • Figure 1: Total number and Total Financial Damages of reported crime events per year. This figure shows the total reported profit-driven crime events (black line) and damages (red line) over the observation period of our sample.
  • Figure 2: Count and Financial Damages per Year per Actor Category. This figure shows the total financial damages per year per Actor Category.
  • Figure 3: Augmented DeFi Stack Reference Model (DSR). Starting from the foundational System Infrastructure, the model ascends through the Distributed Ledger Technology, representing transaction settlements, to Cryptoassets, symbolizing transferable value. DeFi Protocols provide advanced services on cryptoassets and can be combined into DeFi Protocol Composition providing new services. The top layer represents User Applications and the orthogonal Interfaces layer oracles and bridges. Layers from the original DSR are in light-gray, while augmented layers are drawn in dark-gray.
  • Figure 4: Size and scope of DeFi crimes in comparison to CeFi. This figure illustrates the contrast in terms of event prevalence, as well as financial damages observed between CeFi and DeFi.
  • Figure 5: Implications of DeFi actors in crime events. This figure depicts the versatile roles DeFi actors can occupy in profit-driven crime through a simplified representation of a crime event unfolding, from the malicious source to the victimized party. Depending on the scenario, the implication of a DeFi actor ranges from being the victim, the malicious source itself, or an intermediary.
  • ...and 5 more figures