Decentralized finance exploded in popularity this year and especially during and after the summer. Apart from numerous DeFi-oriented protocols, the cryptocurrency space saw the emergence of multiple new decentralized exchanges.
The sharp increase in demand led to rapid project developments and impressive volume growth. However, the speed compromised user security on some occasions.
Consequently, the cryptocurrency exchange analytics resource CER decided to compile a report on the current state of decentralized exchanges. CER, a part of the popular cybersecurity firm Hacken Group, has come up with the results by relying on cyber-forensic investigations and in-depth ranking methodology.
Only 8% Of DEX Deemed Safe
In the paper shared with CryptoPotato, CER highlighted several possible risks associated with decentralized exchanges, which can be avoided to some extent on centralized platforms. Those include fake tokens with the same ticker as the real coins, high slippage – resulting in buying a token at a price different than the market’s average, transaction delays, and lack of trading pair data.
Most DEXes don’t offer any insurances or features that may protect their users from mistakes or loss of funds. Nevertheless, the analytics resource admitted that “there haven’t been any significant hacks on decentralized exchanges in comparison to centralized platforms.”
CER examined 25 DEXes and based their final results on a number of factors, including security audit history, bug bounty program, cold wallet direct support, liquidity score, data provision, and more.
The scores ranged from one to ten. As expected, the higher the final number is, the more secure and reliable the platform is supposed to be.
Somewhat worryingly, CER concluded that “the cybersecurity scoring results from our research show that only two crypto exchanges out of 25 gained “high” scores of 8 points or higher – Uniswap and Synthetix.”
As the graph above illustrates, CRV, dYdX, BinanceDEX, Sushi, 1inch, Balancer, Switcheo, and Kyber complete the top ten list.
No Monopoly In Auditing
When it came down specifically to security auditing, CER asserted that six platforms (24%) failed to pass or didn’t publicly announce undergoing one. The report warned that “an unaudited exchange cannot be considered safe.”
Nevertheless, most that passed the security audits have employed the services of different third-party auditors. According to CER, this means that “there is no monopoly in the market.”
The document outlined a few other concerns in this regard. Most DEXes didn’t perform re-audits after a code update. Only four platforms kept their audits 100% accurate, but “this is mainly because there were no code updates after the latest audits we carried out.”