What we think we know about defi

This essay follows an RMIT Blockchain Innovation Hub workshop on defi. Contributions by Darcy WE Allen, Chris Berg, Sinclair Davidson, Oleksii Konashevych, Aaron M Lane, Vijay Mohan, Elizabeth Morton, Kelsie Nabben, Marta Poblet, Jason Potts, and Ellie Rennie. Originally a Medium post.

The financial sector exists solely to smooth economic activity and trade. It is the network of organisations, markets, rules, and services that move capital around the global economy so it can be deployed to the most profitable use.

It has evolved as modern capitalism has evolved, spreading with the development of property rights and open markets. It has grown as firms and trade networks became globalised, and supercharged as the global economy became digitised.

Decentralised finance (defi) is trying to do all that. But just since 2019, and entirely on the internet.

Any business faces the question of “how do I get customers to pay for my product?” Similarly consumers ask the question, “Where and how can I pay for the goods and services I want to buy?” For the decentralised digital economy, defi answers this question. Defi provides the “inside” money necessary to facilitate transactions.

But what in traditional, centralised finance looks like banks, stock exchanges, insurance companies, regulations, payments systems, money printers, identity services, contracts, compliance, and dispute resolution systems — in defi it’s all compressed into code.

From a business perspective trade needs to occur in a trusted and safe environment. For the decentralised digital economy, that environment is blockchains and the dapps built on top.

And as we can see, defi doesn’t just finance individual trades or firms — it finances the trading environment, in the same way that taxes finance regulators and inflation finances central banks. If blockchain is economic infrastructure, defi is the funding system that develops, maintains and secures it.

These are heavy, important words for something that looks like a game. The cryptocurrency and blockchain space has always looked a little game-y, not least with its memes and “in-jokes”. The rise of defi has also had its own cartoonified vibe and it has been somewhat surreal to see millions of dollars of value pass through tokens called ‘YAMs’ and ‘SUSHI’.

Games are serious things though. A culture of gaming provides a point around which all participants can coordinate activity and experimentation — what we’re seeing in defi is the creation of a massive multiplayer online innovation system. The “rules” of this game are minimal, there are no umpires, and very little recourse, where the goal is the creation and maintenance of decentralised financial products, and willing players can choose (if and) to what extent they participate.

Because there is real value at stake, the cost of a loss is high. Much defi is tested in production and the losses from scams, unethical behaviour, or poor and inadequately audited coding are frequent.

On the other side, participation in the game of defi is remarkably open. There are few barriers to entry except a small amount of capital that players are willing to place at risk. Once fiat has been converted into cryptocurrency, the limit on participation in decentralised finance isn’t regulatory or institutional — it is around knowledge. (Knowledge is a non-trivial barrier, excluding people who could be described as naive investors. This is important for regulatory purposes.)

This is starkly different from the centralised financial system, where non-professional participants have to typically go through layers of gatekeepers to experiment with financial products.

The basic economics of defi

The purpose of defi is to ensure the supply of an ‘inside money’ — that is, stablecoins — within decentralised digital platforms and to provide tools to manage finance risks.

In the first instance defi is about consumer finance. It answers basic usability questions in the blockchain space: How do users of the platform pay native fees? Which digital money is deployed as a medium of exchange or unit of account on the platform?

In the second instance defi concerns itself with the operation of consensus mechanisms — particularly proof of stake mechanisms and their variants. The problem here is how to capture financial trust in a staking coin and then how to use that trust to generate “trust” on a blockchain. Blockchains need mechanisms to value and reward these tokens. Given the (potential) volatile nature of these tokens, risk management instruments must exist in order to efficiently allocate the underlying risk of the trading platform.

As we see it, the million yam question is whether the use of these risk management tools undermine trust in the platform itself. It is here that governance is important.

Which governance functions should attach to staking tokens and when should those functions be deployed? Should they be automated or should voting mechanisms be used? If so, which voting mechanisms and what level of consensus is appropriate for decision making.

Finally defi addresses the existence of stablecoin and staking tokens from an investor perspective. Again there are some significant questions here that the defi space has barely touched. How do these instruments and assets fit into existing investment strategies? How will the tax function respond? How much of existing portfolio theory and asset pricing applies to these instruments and assets?

Of course, we already have a complex and highly evolved centralised financial system that can provide much of the services that are being built from the ground up in defi. So why bother with defi?

The most obvious reason is that the blockchain space has a philosophical interest in decentralisation as a value in and of itself. But decentralisation addresses real world problems.

First, centralised systems can have human-centric cybersecurity vulnerabilities. The Canadian exchange QuadrigaCX lost everything when the only person with access to the cryptographic keys to the exchange died (lawyers representing account holders have requested that the body be exhumed to prove his death). Decentralised algorithmic systems have their own vulnerabilities (need we mention yams again?) but they are of a different character and unlike human nature they can be improved.

Second, centralised systems are exposed to regulation — for better or worse. For example, one of the arguments for UniSwap is that it is more decentralised than EtherDelta. EtherDelta was vulnerable to both hackers (its order book website was hacked) and regulators (its designer was sued by SEC).

Third, digital business models need digital instruments that can both complement and substitute for existing products. Chain validation instruments and the associated risk management tools presently do NOT have real world equivalent products.

Fourth and finally, the ability to digitise, fractionalise, and monetise currently illiquid real-world assets will require a suite of instruments and digital institutions. Defi is the beginning of that process.

In this sense, the defi movement is building a set of financial products and services that look superficially familiar to the traditional financial system using a vastly different institutional framework — that is, with decentralisation as a priority and without the layers of regulation and legislation that shape centralised traditional finance.

Imagine trying to replicate the functional lifeforms of a carbon-based biochemical system in a silicon based biochemical system. No matter how hard you tried — they’d look very different.

Defi has to build in some institutions that mimic or replicate the economic function provided by central banks, government-provided identity tech, and contract enforcement through police, lawyers and judges. It is the financial sector + the institutions that the traditional finance sector relies on. So, initially, it’s going to look more expensive, relative to “finance”. But the social cost of the traditional finance sector is much larger — a full institutional accounting for finance would have to include those courts and regulations and policymakers and central banks that it relies on.

Thus defi and centralised finance look very different in practice. Consider exchanges. Traditional financial markets can either operate as organised exchanges (such as the New York Stock Exchange) or as over-the-counter (OTC peer-to-peer) markets. The characteristics of those types of market are set out below.

Image for post

Defi exchanges represent an attempt to combine the characteristics of both organised exchanges and over-the-counter markets. In the very instance, of course, they are decentralised markets governed by private rules and not (necessarily) public regulation. They aim to be peer-to-peer markets (including peer-to-algorithm markets in the case of AMM).

But at the same time they aim to be anonymous (in this context meaning that privacy is maintained), transparent, highly liquid, and with less counterparty risk than a traditional OTC market.

Where is defi going?

Traditional finance has been developing for thousands of years. Along with secure private property rights and the rule of law, it is one of the basic technologies of capitalism. But of those three, traditional finance has the worst reputation. It has come to be associated with city bros and the “Wolf of Wall Street”, and the Global Financial Crisis. Luigi Zingales has influentially argued that the traditional finance system has outgrown the value it adds to society, in part because of the opportunities of political rent seeking.

This makes defi particularly interesting.  Defi is for machines. Not people. It represents the automation of financial services.

A century ago agriculture dominated the labour force. The heavy labour needs of farming are one of the reasons we were poor back then. As we added machines to agriculture — as we let machines do the farming — we reduced the need to use valuable human resources. Defi offers the same thing for finance. Automation reduces labour inputs.

Automation of course has been increasingly common in financial systems since at least the 1990s. But it could only go so far. A lot of the reason that finance (and many sectors, including government and management) resisted technological change and capital investment, was at the bottom, there had to be a human layer of trust. Now that we can automate trust through blockchains, we can move automation more deeply into the financial system.

Of course, this is in the future. Right now defi is building airplanes in 1902 and tractors in 1920. They’re hilariously bad and horses are still better. But that’s how innovation works. We’re observing the creation of the base tools for entrepreneurs to create value. Value-adding automated financial products and services comes next.

The COVIDSafe app was just one contact tracing option. These alternatives guarantee more privacy

With Kelsie Nabben

Since its release on Sunday, experts and members of the public alike have raised privacy concerns with the federal government’s COVIDSafe mobile app.

The contact tracing app aims to stop COVID-19’s spread by “tracing” interactions between users via Bluetooth, and alerting those who may have been in proximity with a confirmed case.

According to a recent poll commissioned by The Guardian, 57% of respondents said they were “concerned about the security of personal information collected” through COVIDSafe.

In its coronavirus rewhy sponse, the government has a golden opportunity to build public trust. There are other ways to build a digital contact tracing system, some of which would arguably raise fewer doubts about data security than the app.

All eyes on encryption

Incorporating advanced cryptography into COVIDSafe could have given Australian citizens a mathematical guarantee of their privacy, rather than a legal one.

A team at Canada’s McGill University is working on a solution that uses “mix networks” to send cryptographically “hashed” contact tracing location data through multiple, decentralised servers. This process hides the location and time stamps of users, sharing only necessary data.

This would let the government alert those who have been near a diagnosed person, without revealing other identifiers that could be used to trace back to them.

It’s currently unclear what encryption standards COVIDSafe is using, as the app’s source code has not been publicly released, and the government has been widely criticised for this. Once the code is available, researchers will be able to review and assess how safe users’ data is.

COVIDSafe is based on Singapore’s TraceTogether mobile app. Cybersecurity experts Chris Culnane, Eleanor McMurtry, Robert Merkel and Vanessa Teague have raised concerns over the app’s encryption standards.

If COVIDSafe has similar encryption standards – which we can’t know without the source code – it would be wrong to say the app’s data are encrypted. According to the experts, COVIDSafe shares a phone’s exact model number in plaintext with other users, whose phones store this detail alongside the original user’s corresponding unique ID.

Tough tech techniques for privacy

US-based advocacy group The Open Technology Institute has argued in favour of a “differential privacy” method for encrypting contact tracing data. This involves injecting statistical “noise” into datasets, giving individuals plausible deniability if their data are leaked for purposes other than contact tracing.

Zero-knowledge proof is another option. In this computation technique, one party (the prover) proves to another party (the verifier) they know the value of a specific piece of information, without conveying any other information. Thus, it would “prove” necessary information such as who a user has been in proximity with, without revealing details such as their name, phone number, postcode, age, or other apps running on their phone.

Not on the cloud, but still an effective device

Some approaches to contact tracing involve specialised hardware. Simmel is a wearable pen-like contact tracing device. It’s being designed by a Singapore-based team, supported by the European Commission’s Next Generation Internet program. All data are stored in the device itself, so the user has full control of their trace history until they share it.

This provides citizens a tracing beacon they can give to health officials if diagnosed, but is otherwise not linked to them through phone data or personal identifiers.

Missed opportunity

The response to COVIDSafe has been varied. While the number of downloads has been promising since its release, iPhone users have faced a range of functionality issues. Federal police are also investigating a series of text message scams allegedly aiming to dupe users.

The federal government has not chosen a decentralised, open-source, privacy-first approach. A better response to contact tracing would have been to establish clearer user information requirements and interoperability specifications (standards allowing different technologies and data to interact).

Also, inviting the private sector to help develop solutions (backed by peer review) could have encouraged innovation and provided economic opportunities.

How do we define privacy?

Personal information collected via COVIDSafe is governed under the Privacy Act 1988 and the Biosecurity Determination 2020.

These legal regimes reveal a gap between the public’s and the government’s conceptions of “privacy”.

You may think privacy means the government won’t share your private information. But judging by its general approach, the government thinks privacy means it will only share your information if it has authorised itself to do so.

Fundamentally, once you’ve told the government something, it has broad latitude to share that information using legislative exemptions and permissions built up over decades. This is why, when it comes to data security, mathematical guarantees trump legal “guarantees”.

For example, data collected by COVIDSafe may be accessible to various government departments through the recent anti-encryption legislation, the Assistance and Access Act. And you could be prosecuted for not properly self-isolating, based on your COVIDSafe data.

A right to feel secure

Moving forward, we may see more iterations of contact tracing technology in Australia and around the world.

The World Health Organisation is advocating for interoperability between contact tracing apps as part of the global virus response. And reports from Apple and Google indicate contact tracing will soon be built into your phone’s operating system.

As our government considers what to do next, it must balance privacy considerations with public health. We shouldn’t be forced to choose one over another.