Centralization issues have become a major attack vector in Decentralized Finance (DeFi), contributing to the largest proportion of hacks – according to a recent report by rating platform CertiK .
CertiKs experts say they identified about 286 discrete centralization risks in 1,737 audits they conducted in 2021.
According to the report, the data on the impact of centralization on DeFi security underscores the importance of decentralization and underscores the fact that many projects still have work to do to achieve this goal.
He added that,
Centralization is contrary to the spirit of DeFi and poses serious security risks. Single points of failure can be exploited by both dedicated hackers and insider intruders.
Among the attacks, it was found that the lending protocol DeFi bZx (BZRX) was used for more than $ 55 million in November last year as a result of private key mismanagement, which served as an example of privileged ownership that allowed attackers to gain complete control over all contracts controlled by the key. In total, according to the study, privileged ownership was identified in the course of company inspections 76 times.
Missed event outliers were the second most common potential vulnerability after centralization risks identified by CertiKs auditors in 211 cases.
Using an unlocked version of the compiler was another common code error found by the firm’s experts on 176 occasions, and CertiK experts found 104 lines of code that were missing proper input validation.
According to figures from the report, 102-instance third-party dependency dependency was another potential source of problems identified.
Created in 2018 by professors Yale and Columbia Universities CertiK says it specializes in blockchain security using artificial intelligence (AI) technology to secure and monitor blockchain protocols and smart contracts. The company’s list of security leaders has 1,464 registered projects with a total estimated market capitalization of US $ 291 billion.
#Centralization #caused #decentralized #finance #hacks
