why will lossless.cash will revolutionize DEFI!
Since the early days of DeFi, efforts to prevent hacks have existed in different forms. Developers depended on unit tests, smart contract security and secondary audits, code uniqueness, contracts’ access protection while also allowing the wider protocol community to spot coding mistakes.
Regardless, the $3.8B stolen during 122 crypto hacks (including DeFi) last year showed how the booming ecosystem is unable to stop cyber attacks, resulting in catastrophic consequences for investors, developers, and everyday users.
Clearly, the one-size-fits-all approach to cyber security in DeFi proved unsuccessful: solutions that worked in traditional finance or centralised crypto platforms did not produce the same outcomes in a decentralised system.
By default, decentralised exchanges, and wallets focused on preventing hacks; however the amount of funds stolen clearly shows: hack prevention fails to prevent losses.
Lossless brings an alternative approach to improve the safety of DeFi. The nature of crypto tokens and transactions allows token creators to insert code into their tokens.
As a result, it is possible to freeze any fraudulent transactions based on a set of fraud identification parameters. Because of that, post-fraud loss mitigation becomes a way to solve the security crisis in DeFi.
How Lossless Mitigates DeFi Hacks
Lossless uses a two-step process to recover stolen funds: initial freezing of the hacker’s wallet and hack verification by a decentralised Decision Making Body.
The urgent or instant freezing after a hack will be community and technology-based, and will reward the one who identifies the hack and freezes the transaction.
A longer freeze will occur after a hack is verified by the Lossless committee, company, and token creator, which then takes steps to reverse the fraudulent transaction.
We will now explore each step in more detail.
Spotting hacks and freezing transactions
Lossless will enable anyone staking LSS tokens to report potentially fraudulent transactions. For that, we will introduce an intuitive dashboard that allows manual overview and reporting for hack spotters (see above).
Our data analyst team will implement initial hack-spotting mechanisms — including listening for on-chain events or unusual token activity. These mechanisms will be open source for everyone to contribute. However, because of the transparent system rewarding hack-spotters, we expect large community participation in the hack-spotting process.
The winner-takes-all incentive will encourage the community to build on top of this initial model and improve it daily. The market will be able to determine the best ways to identify hacks, and the quickest spotter will get the reward. This guarantees that the efficiency of the system will only improve over time as hack spotters will compete to make the fastest hack-spotting tool. Thus, Lossless will be the first platform to reward and incentivize white hat hackers to make DeFi safer for everyone.
For that, Lossless will provide bot-friendly APIs to incentivize the development of community-created hack-spotting bots. As a result, provided they stake LSS tokens, anyone will be able to report a potentially fraudulent transaction.
Regardless of whether our mechanisms or community-created bots report the hack, the transaction will be frozen for 24–48 hours. The Lossless team will then review the frozen address, evaluate code, contact contract owner and determine whether the submission is valid. If no suspicious activity is detected, staked tokens of the finder will be confiscated as a penalty for false submission.
However, if the transaction proves to be valid, the decision will be passed to the Decision Making Body for further action.
Verifying and reversing hacks
After the initial confirmation of a potential hack, the frozen funds will await overview and verification from the Decentralised Lossless Decision Making Body.
The Decision Making Body will consist of the Token Creator, the Lossless Company, and the Lossless Committee. The Committee will feature investors with a significant share of $LSS tokens and key public figures that provide trusted and unbiased decision-making, such as auditing firms. As a result, the hack validation process will be decentralised among many independent entities — and none of those entities will have the absolute power to determine the faith of the hack.
If the Decision Making Body verifies the hack, the address will be frozen for further 14 days, and a committee proposal will be enacted for permanent freezing and reversing of the transaction.
The described technical architecture will enable hack mitigation efforts to finally reflect the core principles of the ecosystem by integrating decentralised mechanisms. While hack prevention partially worked in the infant stages of global DeFi adoption, more robust solutions are necessary to bring trust and safety for everyone involved.
Lossless: The Ultimate Security Solution for DeFi Token Creators
DeFi has already spurred a revolutionary generation of new financial institutions to be created. With its current momentum, the DeFi ecosystem is en route to build an autonomous financial infrastructure free of costs and waste that plague traditional financial services.
Based on smart contracts that run on the Ethereum blockchain, most DeFi projects issue a token that offers benefits to its holders. In many cases, the increased adoption of DeFi products derives from the purchase of these tokens. As of April 2021, the total value locked in DeFi tokens has skyrocketed to $100B — which means the DeFi token market grew more than 50 times in less than a year.
While DeFi showcased staggering growth, many projects have become prone to being exploited and hacked because of Ethereum’s smart contract turing-completeness. In 2020, more than 122 major crypto hacks occurred and a total of $3.8B has been stolen. In turn, the market began to question the future of DeFi tokens as an asset class due to rising safety concerns.
Token creators in crypto and, subsequently, DeFi had to undergo a transition in recent years: following the market crash of 2018, tokens with well-defined, more traditional means of value capture seem to have better persevered the challenging bear market. With the current security concerns, token creators are again challenged with a decision — to search for capable safety solutions or be exposed to the increasing volume of hacks.
Important Lessons from Tether
While hackers successfully get away with stealing DeFi tokens worth millions of dollars, this could hardly be possible with Tether. This stablecoin is able to freeze and destroy USDT, thereby recovering them in the cases of fraud or unintentional payments.
If you lose access or send your funds to the wrong address, Tether may exercise its function to reverse USDT transactions to recover the funds. To retrieve the tokens, Tether reaches out to the user and confirms that the funds were lost. The company then uses a function in Tether’s smart contracts to blacklist the ETH addresses that the tokens were directed to.
With similar functions to mitigate the effects of a hack, DeFi tokens would be able to drastically improve the holders’ trust. Conversely, without finding a way to integrate such capabilities, the wider adoption of DeFi is hardly possible as the risk to lose funds remains high.
However, the described Tether’s transaction stopping mechanism is too centralized and would work directly against the core fundamentals of DeFi platforms. Therefore, we need to merge the best practices of both worlds to create a solution that both promotes security and does not compromise the non-custodial nature of DeFi.
Lossless: the Permanent Lifeguard of Your Token
Lossless protocol is the first tool that detects and stops the hacks to help affected entities retrieve their stolen funds. At its core, this protocol is a piece of code that token creators insert into their tokens.
By using Lossless, token creators will empower the community of white hat hackers and security experts to have the tool that allows stopping and reverting any fraudulent transactions based on a set of fraud identification parameters. Hacks or unusual activities will be identified by listening for on-chain events, checking for unusual token activity (such as large transactions, liquidity pulls, etc.), and third party reports (such as public reports).
After the hack is identified and frozen, the decentralised Lossless Decision Making Body (consisting of key public figures, token creators, and LSS token holders), decides whether to retrieve the frozen transaction. With that, the Lossless Protocol completely transforms the Tether model by making it fully transparent and decentralised: allowing anyone to initiate the transaction freezing, while independent entities decide the ultimate fate of the transaction.
Benefits of Implementing Lossless
There is infinite upside to implementing Lossless into your token — and the upside will not only alleviate the risks of a specific DeFi project at hand, but also help the entire ecosystem move forward.
For starters, there is no cost of installing the Lossless protocol for token creators nor holders. The compensation structure integrates a fee of 7% only after the hack is mitigated and the funds are successfully retrieved. A fee of 7% will then be used to compensate those responsible for finding the hack and successfully alleviating its consequences.
Also, integrating Lossless is a way to reassure the holders of your token that the safety of their funds is important to you. While the holders bring value to the project by acquiring, staking, or otherwise using your issued tokens, the hack mitigation tool is a way you can protect their interests. With Lossless becoming a new hack mitigation standard in DeFi, reducing the likelihood of your holders’ funds being stolen is the easiest way to increase the trust in your project and build mutual relationships with your community.
Despite the buzz around DeFi, token creators have to simultaneously think about the future of DeFi and acknowledge that mainstream adoption is impossible without ensuring safety in the space. The importance of new projects will also be defined by DeFi’s brand: the ability of projects to keep their reputation intact across an ever-changing and extremely volatile risk surface.
Before DeFi can move from its novice stage into a full-blown financial market shaper, the security problem has to be solved once and for all. At Lossless, we foresee partnerships and integrations with existing and upcoming token creators to be our main priority going forward. Together with projects adopting the Lossless protocol, we will achieve the new age of security in DeFi.
What is Lossless?
Lossless is the world’s first crypto hack mitigation tool.
Implemented into the token, the Lossless protocol allows to freeze and retrieve any fraudulent transaction based on a set of hack identification parameters.
Lossless aims to create a trusted and safe DeFi ecosystem with minimized losses from hacks, exploits or social engineering.
Enter Lossless DeFi:
