Try it for one month, no fees!
Try it for one month, no fees!

DeFi Product Risk Assessment Methodology

Last updated:
24/10/2024

Contents

Introduction

Decentralized finance (or DeFi as Decentralized Finance) is undoubtedly the greatest financial innovation of the 21st century. Being able to perform financial transactions (such as exchanging assets, borrowing or lending assets, or investing in derivatives, for example) immediately and without trusted third parties is a revolution that offers investors financial opportunities that do not exist in traditional finance.

The third of trust has been essential in the evolution of civilization and still occupies a very large space in society, both in finance and in other areas. Every day, almost without realizing it, we rely on them to get the results we want in various aspects of our lives.

Removing the third party of trust from financial transactions is a technological feat that relies on the blockchain, and precisely onsmart contracts (Smart contracts), introduced by Ethereum in 2014.

Replacing the trusted third party with smart contracts has clear benefits:

  • Trust is no longer required. We can verify directly in the smart contract code whether the financial transaction we wish to make will be executed correctly.
  • In theory no one controls a smart contract. Funds deposited in a smart contract always remain under the control of its owner and cannot be transferred or blocked without his consent.
  • Execution is immediate. Smart contracts are available 24/7 and are executed immediately.
  • Smart contracts are composable. Perhaps the most important benefit of all: smart contracts can interact with each other automatically, making it possible to create highly innovative financial products.

On the other hand, replacing humans with technology has a disadvantage: it introduces technological risk vectors that are difficult for non-experts to assess.

Moreover, as blockchains and smart contracts are complicated technologies, they create a certain distrust on the part of investors who, after all, as rational market players, are looking for investments with the best risk/return ratio.

This is what Alldefi was created for: DeFi offers passive income opportunities with high returns that are not found in traditional finance but are inaccessible because investing in DeFi on your own is confusing, complex and risky.

Our mission is to make DeFi accessible so that any investor can benefit from its performance opportunities. We do this with three actions:

  1. We take care of the tedious investment process so that our users' experience is as easy as registering, depositing funds and starting to generate passive income in less than ten minutes.
  2. We monitored the blockchain in real time with machine learning models in order to identify hacking situations before they occurred and withdraw our funds in time.
  3. We perform risk assessments of investment products based on DeFi(there are more than eleven thousand) to select and offer only the most reliable ones.

This paper details the methodology we use to perform these risk assessments.

It is important for us to make our risk methodology and its results public so that our users benefit from a maximum of information when making investment decisions and also to contribute as we can to make the experience of investing in DeFi safer for everyone.

We'd love to hear from you if you have any questions, comments or suggestions - write to us!

Principles of the methodology

What is a DeFi product?

To begin to assess the risks of a DeFi product, we must first define what it is. 

A DeFi product is:

  1. A smart contract with a logic that replicates a financial strategy;
  2. Deployed within a DeFi Platform (or Protocol);
  3. In a Blockchain;
  4. Interacting with tokens or products from other DeFi Platforms to carry out its financial strategy.

Risk assessment

We identified that to assess the risks of a DeFi product, we need to identify (i) its intrinsic risks, (ii) the risks of the platform of which it is a part, (iii) the risks of the blockchain on which it is deploying its smart contracts and (iv) the tokens or products of other platforms with which it operates.

For Platform, Blockchain and Token risks, we also assess the reputational and operational risk of the Organizations (or individuals) that promote them.

Below we detail how we assess the risk of each of these elements.

Organizational Risk

Principle of the methodology

The Organization's risk is concentrated in:

  1. The reputation of your team
  2. Your ability to generate interest and enthusiasm for your project

A low interest and number of users could generate liquidity problems, and discourage the team from continuing to maintain the project, creating potential security breaches.

Evaluation criteria

Does the team have a good reputation?

The reputation of the team behind a blockchain, protocol or token is a key indicator of its reliability. A reputable team usually has a proven track record of developing successful projects and implementing innovative and secure solutions. The team's transparency, industry expertise, and commitment to the community are important factors that reinforce the trust of users and investors.

Conversely, if the team has a poor or bad reputation, either due to a lack of transparency or past problems, this may raise doubts about the safety and stability of the project. Assessing the reputation of the team is essential to reduce the risk of getting involved in unreliable or poorly managed projects.

Risk level
Risk
Risk assessment
1 (Less risk)

Well-known team and outstanding reputation

2

Well-known and reputable equipment

3

Well-known team involved in a minor scandal

4

Team partially known or known but involved in a major scandal

5 (More risk)

Anonymous

Does the organization have significant partnerships?

Significant partnerships of an organization managing a blockchain, protocol or token are an indicator of its strength and credibility. Collaborating with other companies, financial institutions, security auditors or industry leaders can strengthen the project and increase the confidence of users and investors. These partnerships can bring additional expertise, resources and support, which contributes to the growth and stability of the project.

On the other hand, a lack of relevant partnerships or collaboration with disreputable entities can create uncertainty about the viability and security of the project. Assessing an organization's strategic partnerships helps to understand the level of external support that supports the development and success of the project.

Risk level
Risk
Risk assessment
1 (Less risk)

Alliances with companies of outstanding reputation

2

Alliances with reputable companies

3

Some alliances

5 (More risk)

No alliances

How long ago was the organization launched?

The time that has passed since the launch of an organization is an important factor in assessing its experience and strength in the market. An organization that has been in operation for years has had more time to demonstrate its capacity for development, adaptation and risk management. The longer it has been operational, the more likely it has overcome significant challenges and gained the trust of its community.

On the other hand, newer organizations may offer innovation, but they also carry greater uncertainty. Lacking an extensive track record, it is more difficult to assess how they will manage future problems or whether they will be able to sustain success over the long term.

Risk level
Risk
Risk assessment
1 (Less risk)

more than 3 years ago

2

2 - 3 years ago

3

1 - 2 years ago

4

Between 6 and 12 months

5 (More risk)

Less than 6 months ago

Is the organization active on social media?

An organization's social media activity is a good indicator of its engagement with the community and its level of transparency. Social media allows organizations to communicate directly with users, share updates, respond to questions and address concerns quickly and effectively. An active presence also suggests that the team is available and interested in keeping its community informed.

On the other hand, an organization that is not present or is not very active in social networks may generate doubts about its transparency and ability to engage with users. Lack of communication can be interpreted as a lack of interest in building relationships with the community or the project in general.

Risk level
Risk
Risk assessment
1 (Less risk)

Publish daily or almost daily

2

Publish once a week

4

Last published 1 - 3 months ago

5 (More risk)

Last published more than 3 months ago

Does the organization have a large number of followers on RRSS?

The number of social media followers is a key indicator in the context of blockchains, tokens and protocols, as it reflects the level of interest and engagement of the community. A large number of followers can demonstrate that the project has succeeded in generating enthusiasm and support, which is crucial to ensure wider adoption. In the world of blockchains and tokens, where trust in the community is critical, a high number of active followers can be a sign that the project is well supported and has potential for growth.

In addition, in decentralized or governance projects, having a large community can directly influence the success of the protocol. An active community can participate in voting, provide liquidity or promote token adoption. Therefore, the number of followers and their engagement are valuable indicators to assess the sustainability and relevance of a project in the crypto ecosystem.

Risk level
Risk
Risk assessment
1 (Less risk)

500,000 or more

2

100.000 - 500.000

3

10.000 - 100.000

4

1.000 - 10.000

5 (More risk)

Less than 1,000

Blockchain risk

Principle of the methodology

Blockchain risk is concentrated in:

  1. Intrinsic risks
    1. Use, liquidity and reliability
    2. Block generation and validation mechanism security
  2. Risks related to the promoting organization(s)

Weighting

Intrinsic risks: 2

Organizational Risks: 1

Evaluation criteria

What is the TVL of the Blockchain?

The TVL (Total Value Locked) of a blockchain represents the total value of assets locked within its various protocols and decentralized applications. A high TVL indicates that there is a large amount of trusted value in the blockchain, which is generally a sign of adoption, trust and stability. Blockchains with a high TVL tend to attract more developers and users, which strengthens their ecosystem.

Conversely, a blockchain with a low TVL may reflect lower adoption or trust in the network, making it more vulnerable to market fluctuations or attacks. TVL is a good indicator to assess the strength and interest a blockchain has compared to others in the crypto ecosystem.

Risk level
Risk
Risk assessment
1 (Less risk)

10% or more of total aggregate LTV

2

5% - 10% of total aggregate LTV

3

3% - 5% of total aggregate LTV

4

1% - 3% of total aggregate LTV

5 (More risk)

Less than 1% of total aggregate LTV

How many validators provide blockchain security?

The number of validators providing security to a blockchain is crucial to assess its level of decentralization and resistance to attacks. The more validators there are, the more difficult it is for a malicious actor to take control of the network, which increases the overall security of the blockchain. A high number of validators also suggests greater user participation and trust in the network.

Conversely, if the number of validators is low, the blockchain becomes more vulnerable to attacks, such as the 51% attack, where a single group can take control of the majority of the network. A limited number of validators can also mean that the network is more centralized, which reduces transparency and trust in the security of the blockchain.

Risk level
Risk
Risk assessment
1 (Less risk)

10,000 validators or more

2

Between 1,000 and 10,000 validators

3

Between 500 and 1,000 validators

4

Between 100 and 500 validators

5 (More risk)

Less than 100 validators

How many validators control 51% of the tokens or more?

The number of validators that control 51% or more of a blockchain's tokens is a key factor in assessing its security and decentralization. If only a few validators have control of the majority of tokens, this means that the network is vulnerable to a 51% attack, where those validators could manipulate the blockchain, perform fraudulent transactions or rewrite parts of the blockchain's history.

On the other hand, if tokens are distributed among a large number of validators, the network is more secure and tamper-resistant, as it would be much more difficult for a single group to control the majority of tokens. Greater decentralization in the control of tokens strengthens security and trust in the blockchain.

Risk level
Risk
Risk assessment
1 (Less risk)

More than 50 validators

2

20 - 50 validators

3

10 - 20 validators

4

5 - 10 validators

5 (More risk)

Less than 5 validators

Are there Cooldown and Warm-up periods for validators?

Cooldown and Warm-up periods for validators are important mechanisms that affect the security and stability of the blockchain. The Cooldown is the period in which a validator, after withdrawing their participation, must wait before they can withdraw their rewards or funds. This period helps protect the network from validators who try to rush in and out to profit without taking long-term risks.

Warm-up, on the other hand, is the time a new validator must wait before starting to validate transactions. This period guarantees that only committed and trusted validators can participate in the security of the network. Both mechanisms ensure that the network is not vulnerable to sudden attacks or manipulations by untrusted validators.

Risk level
Risk
Risk assessment
1 (Less risk)

Both

3

No warm-ups but with cooldown

4

With warm-ups but without cooldown

5 (More risk)

No warm-ups or cooldowns

If blockchain is a rollup, what is the risk of rollup?

Rollups are scalable solutions that allow transactions to be processed outside the main chain more quickly and economically. However, they present some specific risks. One of the main risks is the technical complexity in their implementation. Rollups use mechanisms such as validity testing or fraud testing to ensure the security of off-chain transactions. If these mechanisms are not well implemented, they could compromise the security of the platform.

Another risk is centralization. Some rollups rely on a limited number of validators or sequencers to process transactions. This can generate risks of excessive control by a few players, which can affect the decentralization and security of the system.

For this criterion, we based our scoring on the risk analysis performed by the security research firm specializing in rollups L2 Beat.

Risk level
Risk
Risk assessment
1 (Less risk)

9 or 10 ( L2Beat analysis) or it's not a rollup

5 (More risk)

1 or 2 ( L2Beat analysis)

Has blockchain already stopped?

When a blockchain stops, it can be a worrying sign about its stability and reliability. Outages in a blockchain can occur due to technical failures, attacks, or consensus issues, and can negatively affect the confidence of users and developers. A halt can lead to the freezing of transactions, temporary loss of funds, or even manipulation of data.

If a blockchain has experienced outages in the past, it is important to investigate how those incidents were handled. A quick response and implementation of improvements after an outage can mitigate the impact on trust. However, if outages are frequent or not addressed effectively, the blockchain may be viewed as unstable and unsecure.

Risk level
Risk
Risk assessment
1 (Less risk)

It did not stop in the last year

3

Yes, once in the last year

5 (More risk)

Yes, more than once in the last year.

Platform Risk

Principle of the methodology

Platform risk is concentrated in:

  1. Intrinsic risks
    1. Its use, liquidity and adoption
    2. Your design and the design of your token
    3. Hacking prevention actions (audits, bug bounties, etc.)
    4. Governance
  2. Risks related to the promoting organization(s)

Weighting

Intrinsic risks: 2

Organizational Risks: 1

Evaluation criteria

How much Total Value Locked (TVL) does the platform have?

Total Value Locked (TVL) measures the total amount of money or assets locked in a DeFi protocol. It is an indicator of users' popularity and trust in the platform, as a high TVL usually means that many people trust their funds to it, which can be a sign of stability and security.

LTV gives an idea of the size of the platform and its adoption in the market. A low LTV may indicate that the platform is new or less trusted, but it may also represent opportunities, such as fewer competitors for returns.

Risk level
Risk
Risk assessment
1 (Less risk)

Top 1%

2

3% higher

3

5% higher

4

20% higher

5 (More risk)

lower 80%

Have you suffered any controversy?

If a platform has suffered from any controversy, this can affect user confidence and the platform's reputation. Controversies may include security issues, mismanagement of funds or conflicts in the community, which could make users hesitant to entrust their assets to the protocol.

The dispute history gives an idea of the transparency and robustness of the project. A platform with serious or frequent disputes may indicate underlying problems, while one without disputes or with resolved issues may generate more trust among users.

Risk level
Risk
Risk assessment
1 (Less risk)

No controversy

3

Minor controversy

4

Controversy something important

5 (More risk)

Major controversy

Does your utility depend on the price of your token?

When the utility of a platform depends on the price of its token, this means that the value of the token directly influences how users interact with the platform. If the token loses value, the incentives to use the platform could decrease, which can negatively affect its adoption and usage.

On the other hand, a platform that does not depend on the price of its token has greater stability in terms of its functionality. This means that regardless of token volatility, users can continue to use its services without worrying about price fluctuations.

Risk level
Risk
Risk assessment
1 (Less risk)

It does not depend on the price of the token

3

Depends somewhat on the price of the token

4

Much depends on the price of the token

5 (More risk)

The protocol has no utility other than its token.

Has the current version been audited?

Knowing whether the current version of a platform has been audited is crucial to assessing its security. An audit implies that security experts have reviewed the code to detect possible vulnerabilities or bugs. If a platform has been audited, it increases the confidence of users, as it has been proven that it works securely and follows good development practices.

If it has not been audited, the risks increase, as there could be undetected failures that compromise users' funds or the stability of the platform. Audits are a key tool to protect users and strengthen the platform's reputation.

Risk level
Risk
Risk assessment
1 (Less risk)

Yes, by more than one top-tier security firm.

2

Yes, by more than one security firm

3

Yes, only by a top-tier security firm.

4

Yes, only for a security firm

5 (More risk)

No audit

Is there a Bug Bounty?

A Bug Bounty is a program that rewards those who find and report vulnerabilities in the platform. The existence of a Bug Bounty demonstrates the platform's commitment to security, as it encourages external experts to identify problems before they can be exploited.

If a platform offers high rewards for critical bugs, it is more likely to attract more researchers to review its code, which reduces the risk of attacks or serious bugs. Conversely, the absence of a Bug Bounty could indicate that the platform is not prioritizing proactive vulnerability detection.

Risk level
Risk
Risk assessment
1 (Less risk)

Yes, the reward for a critical problem is €1 M or more

2

Yes, the reward for a critical problem is between 500 K€ and 1 M€.

3

Yes, the reward for a critical problem is between 100 K€ and 500 K€.

4

Yes, the reward for a critical problem is 100 K€ or less

5 (More risk)

No Bug Bounty

Has it been hacked?

If a platform has been hacked, it is a warning sign that could affect user confidence. A hack can mean the loss of funds, data or the interruption of services, which severely impacts the platform's reputation and security. In addition, it could be a sign that the team is not taking the necessary security measures, indicating deficiencies in its ability to protect users. However, it is also important to assess how the platform responded to the hack, whether security improvements were implemented and whether users were compensated.

A platform that has never been hacked offers a greater sense of security, although it does not guarantee that it is risk-free. What is crucial is to look at how security is managed and what preventive measures have been taken to protect users.

Risk level
Risk
Risk assessment
1 (Less risk)

The platform has never been hacked

3

Yes, once

4

Yes, 1 - 3 times

5 (More risk)

Yes, more than 3 times

How long ago was the last version released?

The time that has passed since the release of the latest version of a platform can also be a sign of robustness. If a version has been around for a long time without needing major updates, it is likely that it has already withstood several attack attempts by malicious actors. This may indicate that the platform is more secure, as any serious vulnerabilities would likely have been discovered and exploited.

Conversely, newer versions may be less tested against attacks, increasing the risk that undiscovered vulnerabilities still exist. A platform with older, stable versions builds confidence, as it has proven to be resilient over time.

Risk level
Risk
Risk assessment
1 (Less risk)

More than a year ago

3

6 to 12 months ago

4

3 to 6 months ago

5 (More risk)

Less than 3 months ago

Has the latest version been hacked?

If the latest version of a platform has been hacked, it is a sign that there may be serious vulnerabilities that the developers have not addressed effectively. A recent hack indicates that malicious actors have found and exploited flaws in the system, which can lead to distrust in the security of the platform.

On the other hand, if the latest version has not been hacked, especially after being in operation for a significant time, this reinforces confidence in its security. The longer a version withstands attacks without being compromised, the more likely it is to be stable and secure.

Risk level
Risk
Risk assessment
1 (Less risk)

The latest version of the platform was never hacked.

4

Yes, and the problem was solved

5 (More risk)

The latest version of the platform was hacked.

Is the documentation up to date?

Up-to-date documentation is essential for users and developers to understand how a platform works and how to interact with it securely and efficiently. Documentation that is kept up to date reflects that the team is committed to transparency and accessibility, which facilitates troubleshooting and correct use of the platform.

If the documentation is not up to date, it can cause confusion, make it difficult to implement new functionalities or lead users to make mistakes when interacting with the platform. In addition, it may be an indication that the team is not paying the necessary attention to the maintenance and continuous improvement of the platform.

Risk level
Risk
Risk assessment
1 (Less risk)

Documentation in a good state of updating

3

Partially updated documentation

5 (More risk)

Documentation not updated

Does the platform depend on Oracles?

Oracles are services that provide external data to the blockchain, such as asset prices, market information or real-world events. If a platform relies on oracles, its performance is tied to the accuracy and security of that external data. Oracles are essential for platforms that need data outside the blockchain to reliably execute smart contracts.

However, this reliance also introduces risks. If an oracle provides incorrect information or is compromised by malicious actors, the platform could make wrong decisions or suffer financial losses. Therefore, it is important that a platform that relies on oracles uses several reliable and secure oracles.

Risk level
Risk
Risk assessment
1 (Less risk)

The platform does not need oracles

3

Yes, multiple sources

4

Yes, a single source, from a reputable source

5 (More risk)

Yes, a single source, unknown or proprietary

Are your smart contracts upgradeable?

If a platform's smart contracts are upgradeable, it means that they can be modified after they have been implemented on the blockchain. This can be an advantage, as it allows bugs to be fixed, new functions to be added or to adapt to changes in market conditions without the need to create a new contract from scratch.

However, this flexibility also carries certain risks. Upgradeable contracts can be exploited if upgrades are not managed properly or if control of upgrades is centralized in the hands of a few. A platform that enables upgrades must have transparent processes, such as DAO voting or multiple signatures, to ensure that changes are safe and in the best interest of the community.

Risk level
Risk
Risk assessment
1 (Less risk)

Totally immutable

2

Immutable but some parameters can be upgraded

3

DAO Voting

4

Wallet multi-sig

5 (More risk)

Unique or unknown address

Are your smart contracts pausable?

Pauseable smart contracts allow platform administrators to temporarily halt platform operation in the event of an emergency, such as a security vulnerability or unexpected behavior. This can be very useful to prevent further damage while the problem is investigated and fixed, thus protecting users' funds and the integrity of the system.

However, the ability to pause a contract also introduces an element of centralized control, which could be seen as a risk by some users. It is important that platforms using pausable contracts have transparent processes and clear security measures on who can pause contracts and under what conditions.

Risk level
Risk
Risk assessment
1 (Less risk)

Yes, for a DAO

3

Yes, by a multi-sig whose members are well identified.

4

Yes, by a multi-sig whose members are not identified.

5 (More risk)

No or unknown

Do your smart contracts benefit from timelocks?

Timelocks in smart contracts add an additional layer of security by introducing a time delay before changes or updates to the contract can be executed. This allows users and the community to audit and review proposed changes before they go into effect, reducing the risk of malicious changes or sudden errors.

The use of timelocks benefits users by providing more transparency and control, as it allows time to react in case an update or action appears suspicious. If a platform uses timelocks in its smart contracts, it demonstrates a commitment to security and the protection of users' funds.

Risk level
Risk
Risk assessment
1 (Less risk)

Smart contracts have timelocks

5 (More risk)

No or unknown

How is the code quality of your smart contracts?

The quality of smart contract code is essential to ensure the security and proper functioning of a platform. Well-written, clean and thoroughly tested code reduces the risk of bugs or vulnerabilities that can be exploited by malicious actors. In addition, the presence of unit tests and independent audits indicates that the development team is committed to quality and security.

Poorly structured code, without testing or with unused functions, can be an indication of development problems and a sign of potential future risks. Transparency in code review and following good development practices are key to ensuring that smart contracts work securely and efficiently.

Risk level
Risk
Risk assessment
1 (Less risk)

Outstanding code, thorough testing and clean code

3

Correct code, some unit tests, some unused code

5 (More risk)

Poor code, no unit tests, unused code

Token Risk

Principle of the methodology

Token risk is concentrated in:

  1. Intrinsic risks
    1. Its use, liquidity and adoption
    2. Its design and purpose
  2. Risks related to the promoting organization(s)

Weighting

Intrinsic risks: 2

Organizational Risks: 1

Evaluation criteria

What is the market capitalization of the token?

The market capitalization of a token is the total value of all tokens in circulation, calculated by multiplying the current price of the token by the total amount issued. This indicator is key to understanding the size and relevance of a token in the market. A token with a high market capitalization is usually more stable, as it implies that there is more liquidity and less volatility in its price.

On the other hand, a token with a low market capitalization may be more volatile and susceptible to manipulation, posing a greater risk to investors and users who participate in liquidity pools or use the token in other functions within the platform.

Risk level
Risk
Risk assessment
1 (Less risk)

More than $10 billion

2

$1 billion - $10 billion

3

$500 million - $1 billion

4

$250 million - $500 million

5 (More risk)

Less than $250 million

Does the token have intrinsic value?

The intrinsic value of a token refers to whether the token has an actual use or backing beyond speculation on its price. A token with intrinsic value is usually linked to a utility within the platform, such as payment of commissions, governance, participation in liquidity pools, or some underlying asset. This gives it greater stability, since its value does not depend solely on speculative demand, but on its functionality within the ecosystem.

On the other hand, if a token has no intrinsic value, its price is mainly driven by market speculation. This makes it more vulnerable to volatility, as investors can quickly lose interest if the price drops, creating greater risk for those using it or storing it in liquidity pools.

Risk level
Risk
Risk assessment
1 (Less risk)

Strong intrinsic value (native blockchain token or 100% collateralized token).

3

Something of intrinsic value (platform token or potentially undercollateralized token)

5 (More risk)

No intrinsic value whatsoever

Is the token subject to a lot of inflation?

Inflation of a token refers to the amount of new tokens that are issued over time. If a token is undergoing a lot of inflation, it means that new tokens are constantly being created, which can dilute the value of existing tokens. This is a risk for investors, as an increase in supply without a commensurate growth in demand can lead to a drop in the price of the token.

A token with high inflation can lose value quickly if there is insufficient incentive to keep its price stable. On the other hand, if inflation is controlled or low, the value of the token is more likely to remain stable, which generates greater confidence among users and investors.

Risk level
Risk
Risk assessment
1 (Less risk)

No inflation

3

Yes, with burning or blocking mechanisms to control the circulating supply.

5 (More risk)

Yes, without burning mechanisms

Is the token reflective?

A token is reflective when its price directly influences its use within the platform, creating a cycle that reinforces both price and adoption. If the price of the token goes up, more users and investors are attracted, which drives demand and causes the price to continue to rise. Conversely, if the price goes down, users may lose interest, leading to lower demand and, in turn, an even greater drop in price.

This type of behavior can be beneficial when the value of the token is rising, but it is also risky because it can generate high volatility. Reflective tokens rely heavily on speculation and are more vulnerable to sudden changes in the market.

Risk level
Risk
Risk assessment
1 (Less risk)

Non-reflective

3

Somewhat reflective

5 (More risk)

Very thoughtful

If the asset is a stablecoin, is it frequently unlinked?

A stablecoin is designed to maintain a stable value, usually linked to an underlying asset such as the US dollar. When a stablecoin decouples from its reference value, it means that its price fluctuates outside of its intended range, which can create uncertainty among users. If a stablecoin frequently delinks, this indicates that it is not adequately meeting its stability objective, which represents a significant risk for those who use it to hedge against market volatility.

A stablecoin that becomes unlinked may be suffering from backing or market confidence issues. In these cases, users may lose confidence in the currency and seek more stable alternatives, which could negatively affect projects that rely on that stablecoin.

Risk level
Risk
Risk assessment
1 (Less risk)

It did not vary 25 basis points from its anchor in the last year or it is not a stablecoin.

2

Varied 25 basis points or less from its anchor in the last year

3

Varied between 25 and 50 basis points from its anchor over the last year

4

Varied between 50 and 100 basis points from its anchor over the last year

5 (More risk)

Varied more than 100 basis points from its anchor over the last year

Product Risk

Principle of the methodology

Product risk is concentrated in:

  1. Intrinsic risks
    1. Its design and financial rationale
  2. External risks
    1. The platform on which
    2. The tokens with which it operates
    3. Underlying products used, if any
    4. The blockchain on which your smart contracts are located

Weighting

We attribute as product risk the highest risk of any of the elements to which it is related.

Evaluation criteria

Does the product have market risk?

A DeFi product has market risk when the price of one or more of the tokens on which it is based can fluctuate freely in public markets.

A decrease in the price of any of the tokens in the pool could negatively affect the value of your position.

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no market risk

2

The product is exposed to the market risk of a token.

3

The product is exposed to market risk from two tokens

4

The product is exposed to market risk from three tokens

5 (More risk)

The product is exposed to a risk of four trokens or more.

Does the product have Impermanent Loss risk?

Impermanent Loss risk refers to the risk that, by the mechanisms of some products, specifically Automated Market Makers, an investment in the product will be worth less than an equivalent investment in the tokens on which the product is based.

We explain it in more depth in the following articles:

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no risk of Impermanent Loss.

3

The product has a risk of Impermanent Loss

Does the product have a slashing risk?

The risk of slashing applies to products with a staking component (the fact of locking tokens as collateral by validators, the entities that verify and record transactions on blockchains _Proof Of Stake_).

Slashing_ _is a penalty applied to validators who act in a malicious or negligent manner, such as signing contradictory blocks or not participating in validation.

This mechanism reduces or confiscates the tokens they have in staking, incentivizing correct behavior and protecting the integrity of the network.

As an investor in a product with derivative risk, you could lose part of your position.

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no risk of slashing

3

The product has a risk of slashing because it has a staking component.

4

The product has a risk of slashing because it has a restaking component.

5 (More risk)

The product has a slashing risk because it has a leveraged restaking component.

Does the product use leverage?

Products that use leverage to generate returns are exposed to liquidation risk.

A liquidation occurs when the value of a leveraged position falls below the value tolerated by the lenders granting the leverage.

In this case, the position is automatically sold and all or part of the recovered capital is granted to the lenders.

As an investor in a product with leverage risk, you could lose all or part of your position.

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no leverage risk.

2

The product uses leverage of up to 1x the invested capital.

4

The product uses leverage of up to 3x the invested capital.

5 (More risk)

The product uses leverage of more than 3x invested capital.

Does the product use derivatives (options, structured products, etc)?

Products using derivatives such as options or structured products may be exposed to the risk of unrecoverable capital losses depending on market variations.

As an investor in a product with derivative risk, you could lose all or part of your position.

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no risk of derivatives

2

Up to 25% of the product's capital is exposed to derivative risk.

3

Between 25% and 50% of the product's capital is exposed to derivative risk.

4

Between 50% and 75% of the product's capital is exposed to derivative risk.

5 (More risk)

More than 75% of the product's capital is exposed to derivative risk.

Is the product exposed to insurance risk?

Products exposed to insurance risk could lose all or part of their capital if they have to make one or more payments to cover incidents related to the assets they insure.

As an investor in a product with insurance risk, you could lose all or part of your position.

Risk level
Risk
Risk assessment
1 (Less risk)

The product has no insurance risk

2

Up to 25% of the product's capital is exposed to insurance risk

3

Between 25% and 50% of the product's capital is exposed to insurance risk.

4

Between 50% and 75% of the product's capital is exposed to insurance risk.

5 (More risk)

More than 75% of the product's capital is exposed to insurance risk.

Stay informed about new products, promotions, and more with our newsletter! Sign up for our newsletter.
Address
C/ Almagro, 15
28010 Madrid
Call us at
+34 919 618 540
Write to us at
info@alldefi.io
Registration: D669
Alldefi is a product of CherryNodes S.L. Spanish company CIF: B04945580 and is registered with the Bank of Spain as a provider of services of exchange of virtual currency for fiat currency and custody of electronic wallets.
Investing in cryptoassets is not regulated, may not be suitable for retail investors and the entire amount invested may be lost. It is important to read and understand the risks of this investment which are explained in detail at this location.