The crypto market suffered a record $760M in exploits in October, according to PeckShield, a blockchain security company which lists MakerDAO, DeFi’s largest protocol, as a customer.
Despite an exploiter’s move to return $50M to users last month, the total value of stolen funds in 2022 surged to almost $3B. That’s nearly double the $1.5B hackers took in 2021 and nearly 12 times the 2020 total.
“I think that October was a very bad month [for] DeFi security,” Stephen Tong, the co-founder of Zellic, a crypto security firm which lists the likes of Solana and Yuga Labs as clients, told The Defiant. “At the same time, it’s part of a growing trend of reality catching up to DeFi.”
Indeed, crypto has always had a freewheeling culture, which may clash with the deliberation required to write secure code. One of DeFi’s pioneers, Andre Cronje, became known for the phrase “test in prod,” which essentially meant that he would test applications after they went live on a blockchain’s mainnet.
And crypto is a colorful place full of pseudonymous founders and anime-picture touting influencers. Yet it’s also a serious market that stores hundreds of millions of dollars in digital assets on blockchains. And that money is only as secure as the code it runs on.
Get Smarter on DeFi and Web3
Get the 5-minute newsletter keeping 80K+ crypto innovators in the loop.
“All smart contract code should be considered as mission critical, but oftentimes we don’t see it that way,” Tong said. “We should be seeing smart contracts the same way that we see code that goes onto planes, cars and space shuttles.”
The Zellic co-founder thinks that more seasoned developers tend to treat smart contract development with appropriate seriousness, but that that mindset should be taught to new programmers, too.