Top
How to detect unscrupulous DeFi projects
How to Detect Fraud & Scam in DeFi
Defi101
07.09.2021
Updated 11.03.2022
14:42

How to detect unscrupulous DeFi projects

The growing demand for DeFi platforms has attracted the attention not only of new investors but also experienced perpetrators coming up with new ways to steal funds of users. In this article, we will tell you about what types of scam projects exist in DeFi and how not to fall into the hands of fraudsters.

Introduction

You must have encountered such terms as ‘financial pyramid’ and ‘Ponzi scheme’. Its essence is that earlier investors receive income at the expense of new contributors. While the company itself ‘hides behind real activity’ of an investment fund, trading robot, ICO project, or a DeFi platform, imitating large platforms, such as Uniswap, PancakeSwap, 1inch, and others.

In spite of the fact this fraudulent scheme has been known since the 20s of the previous century, fraudsters still manage to cheat not only inexperienced investors but, in some cases, even professional players. And each time perpetrators tend to cover their actions under innovations offered by the market now. In the crypto industry, these innovations were the cryptocurrencies themselves, ICO as well as DeFi later.

DeFi is a rapidly developing field that has offered an innovative ecosystem, which does not require financial intermediaries in the face of banks, credit and other financial organizations. Decentralized platforms allowed users to provide financial services, such as liquidity, exchange and lending, directly.

But what is also significant, services have become affordable to each user regardless of location, age, and other factors. Everyone can become a ‘bank to himself’, having added assets to liquidity pools, or provide other users with a loan without any documents. The liabilities of parties are automatically executed by a smart contract: an intellectual program that serves as a guarantee of deals between beneficiaries.

Nevertheless, the DeFi field, with its universal access and innovativeness, has got another side of the coin: and this is it that allows fraudsters to deceive unsuspecting investors. This is also about rapid development and the regular appearance of numerous new projects, as a result of which investors cannot keep pace to analyze each DeFi platform thoroughly and do in-depth research.

Let us find out the most important things one should pay attention to evade fraudsters’ tricks and not become a victim of a scam project. We will also highlight criteria that will help to distinguish a valuable cryptocurrency from a simple ‘candy wrapper’.

Define the goal of a DeFi project

Each decentralized project is created with a specific goal and is striving to bring innovations to the crypto environment: either to create something new or to improve the existing things. For example, Uniswap, a famous automatic market maker (AMM), not only introduced a convenient decentralized crypto exchange to users but also allowed them to receive income from liquidity mining as well as release and add personal ERC-20 tokens for exchange easily.

But this applies not to all projects: in reality, most projects seek to either copy some protocol catching the wave of its popularity and playing at excessive expectations of investors or to create a ‘bubble’ not even trying to develop a working prototype. A well-known project Yearn Finance (YFI) faced dozens of clones: YFII, YFC, YFX, and many others, and that is only one of the projects.

To understand what value the project bears, compare it to other similar platforms trying to define what innovative features and updates it may bring to the DeFi industry. Investors must see the potential and perspectives: only in this case, the project is expected to be successful.

Note: remember that decentralized platforms are transparent by nature. With the help of blockchain, you can track transactions and find out whether the players, who have invested in this cryptocurrency or token, are big players and if they are aimed at long-term growth or not.

Safety

Any promising platform is interested in the safety of its users and, consequently, their investments. It is no wonder since the stability of the work of a platform influences the reputation that, in its turn, influences the perspectives. It is enough to recall the case with the notorious protocol The DAO that had high hopes.

Owing to a vulnerability detected by unknown hackers in the source code, they managed to hack the platform and succeeded in stealing about one third of 150 million dollars collected during ICO. To return the stolen funds, developers had to roll back the Ethereum network to the previous condition and conduct a hard fork of the original network, as a result of which two blockchains appeared: the current Ethereum and Ethereum Classic (the initial network).

To make sure the platform is reliable, third-party companies hold a comprehensive audit of the smart contract, after which they publish a public report with the result of the research.

Note: unfortunately, the audit does not guarantee 100% safety, and small companies may be bribed. Large developers may not even pay attention to a small project and not notice inconsistencies in fake reports of audit firms. That is why it is better to rely on the audit of proven companies in the field of digital security.

In practice, not every platform may afford a security audit, especially from a large company, and the absence of an audit does not tell that the project is a scam by default. However, in this case, the risks of working with the smart contract still increase.

Activity of developers

It is important that developers follow the planned stages of the roadmap and stay in touch with the community by regularly releasing digests and telling about what they managed to reach and at what stage the development currently is.

If developers did not publish anything within several months or longer, did not release any updates, and there was almost no activity, then, probably, they are not aimed at the development of the project or might have abandoned it at all.

Note: DeFi projects are developed open source – that is why any user can see it and monitor the changes. That is what helps to detect a scam easily. By the way, many scammers simply copy somebody’s code, almost not changing it, which is also not that difficult to detect.

Social activity 

Another essential role is paid to the activity of users. If most discussions on social media and forums is all about expecting income, it may point to a possible scam. If there is no social activity, it means users show no interest in the project.

But if users discuss the opportunities of the project and draw attention to its practical usefulness, it will serve the evidence of value. It does not provide guarantees, but it already tells that income generation is not a single goal of developers, and they are interested in the perspectives of their platform.

Find out who is behind the project

The name and reputation are two pillars defining the reliability of the project and users’ trust. People listen to the opinions of famous persons, and their projects attract a lot of attention because their reputation will not likely allow them to keep in touch with unscrupulous people.

Fraudsters often hide their names or pretend to be fake individuals. Strong teams are often presented; they publish links to their accounts, LinkedIn particularly. But be careful: sometimes perpetrators may present to be real individuals who may not even know that they were drawn to the project. But that is not a common case since it can be quickly disclosed, which will destroy the plans of fraudsters.

Of course, there are exceptions to the rule. The identity of Satoshi Nakamoto, the Bitcoin creator or a group of people under his pseudonym, still remains a total secret. But it does not exclude what role Bitcoin played for the whole world and how it affected the development of the new digital economy. After all, anonymity is an undivided part of the cryptocurrency ideology.

The other side of the coin is that anonymity allows unscrupulous creators to avoid responsibility.

Note: but make no mistake that famous people cannot commit a crime. A notorious ‘crypto queen’ Ruja Ignatova, who had created the OneCoin platform, managed to trick even large investors and steal more than 4 billion dollars from contributors within three years. OneCoin turned out to be a financial pyramid, which had been existing from 2014 to 2017.

Tokenomics of the project

Token allocation is an essential aspect, especially during the start of the project. Founders must think the tokenomics through in detail and write it down to the White Paper. Pay attention to how the tokens are going to be distributed.

For example, if the main share remains in the hands of the team, after the sale, they can bring the prices down without any problem, having sold all the assets at once.

Another key criterion is the lock period. It is expected that developers and management should be interested in the project themselves, that is why their tokens are locked for one or several years, which may boost the stability of the price and mitigate fears of  investors.

Even if creators give out tokens for free, this may cause the opposite effect: users who received free tokens may quickly get rid of them, resulting in a drop in the rate. Large projects allocate tokens wisely. For example, Safepal, a well-known manufacturer of hardware wallets, released its token, having allocated it through an initial exchange offering (IEO) at Binance for BNB and BUSD holders, which drew the users’ attention.

It stimulated investors to hold the tokens because the large crypto exchange supported them. After that, Safepal company conducted additional airdrops for SFP owners called Wallet Holder Offering (WHO), in which it gave out tokens of partners’ new promising projects.

Bonus factor: risks of an exit scam

Developers may intentionally create backdoors (vulnerable spots in the source code) that allow withdrawing funds from a smart contract easily.
This feature may be used by developers of DeFi projects offering the mining of liquidity.

Initially, AMM protocols offer high yield to investors, which allows to attract new funds to the project. Unfortunately, it can lead to two key risks:

  1. Accumulation of a large sum of the contract owner. If he has a big share in pools of liquidity, nothing impedes him to quickly withdraw funds and sell them at another platform, at which released tokens are traded. For example, at Uniswap or PancakeSwap.
  2. Withdrawal of funds from the smart contract. When users add assets to the liquidity pool, they send the funds to a smart contract. A founder of notorious platforms called Sharktron and Sharkdefi masked the pyramid under a DeFi protocol for attracting users. The perpetrator artificially maintained the price of the platform’s native tokens by providing a constantly high income of farmers at the expense of the contributors. He was able to collect and withdraw more than 7 million dollars in the TRX cryptocurrency from the smart contract by executing an exit scam.

By the way, the unchanging high yield of farms is one of the evident signs of the pyramid for growing projects. DeFi protocols are created in such a way that if there is a high growth of pools with the less rapid growth of demand for exchange, the yield of farms starts decreasing. At the start, many projects allow to receive more than 1000% per annum using mining of liquidity, but only a month later, the yield may drop to less than 100%.

Conclusion

When analyzing a platform, it is better not to hurry up and take time to study the project you are going to invest into in detail. If you chase a high yield only, ignoring actual perspectives of the project, then risks will be too high, and you may end up losing everything or most of your investments.

Follow simple recommendations that we have described in the article and be extremely careful when you analyze and choose DeFi projects!