DeFi Weekly Premium

https://defiweekly.substack.com/p/defi-weekly-premium

Firstly, I’d like to say thank you so much to everyone reading DeFi Weekly till date. I started writing this almost 2 years ago now as a growth hack for my first DeFi startup (8x Protocol). Even though the startup didn’t work out, this newsletter funnily enough did!

Over the past 6 months, the response and growth of DeFi Weekly has been super encouraging to see. I’ve had VCs tell me that the content here seems like conversations they’re having internally or regular users appreciating how my writing can simplify a complex technical concept in a super easy to understand way. The best bit is I genuinely love doing this as it:

a) Educates a wider audience about nuance that only insiders understand

b) Allows me to bring attention to certain projects, topics and issues

c) Helps me learn about concepts from some of the best experts in the field

I’m super excited to continue creating high quality content although I’ve also got other time commitments that increasingly make keeping DeFi Weekly completely free, hard to justify. Therefore starting from this week, DeFi Weekly will make the switch to being a freemium newsletter with a standard $10/month subscription.

So what does Premium give you?

  1. The full edition of my weekly articles will only be available to Premium members. A small portion of each article will still be accessible to free readers.

  2. On the radar posts featuring upcoming projects that I’m excited about – think of this DeFi deal flow (for the VCs out there reading this)

  3. Access to the DeFi Weekly Telegram. The audience of this newsletter is highly sophisticated. Connect with them and myself.

I’ll still be posting my protocol deep dives and special editions to my entire audience since those are core drivers of growth.

PS: I’m an entrepreneur at heart and will probably increase the price, so you should get in while you can at $10/month 😉

Thank you for being such an amazing audience and continually supporting me.

Sign up now

Movers & Shakers: Camila Russo

https://defiweekly.substack.com/p/movers-and-shakers-camila-russo

Hey everyone, I’m starting a new content series where I publish transcribed interviews with some of DeFi’s top and upcoming names. This will be in addition to all the usual content I publish. Today’s interview is with Camila Russo from The Defiant.

Image result for camila russo


KK:

What were you doing in your pre-crypto life and what excited you about Ethereum in particular?

CR:

Sure. So in my pre crypto life, I was a Bloomberg reporter covering markets for around eight years. I started as an intern in New York then I went to cover Argentine markets with Bloomberg. 2013 was the first time I wrote about Bitcoin in Argentina. I was seeing how people there were using it to protect against inflation and that got me super interested in cryptocurrencies, but it didn’t get another chance to write about them until I was back in New York in 2017 and started kind of covering the crypto bubble and ICO boom. In early 2019, I left Bloomberg to finish a book I was writing on Ethereum – the infinite machine. When I filed the first draft of my book, I started The Defiant.

KK:

What made you start The Defiant? What’s the founding story around it?

CR:

So I, guess like going back a little bit, the reason I dove into Ethereum in the first place was because at the end of the 2017 I decided I wanted to write a book on crypto. I had always wanted to write a book and I knew it had to be nonfiction. I had always looked up to Mike Lewis and nonfiction writers who were able to turn every day or super complicated topics into entertaining writing. I knew I wanted to write that type of book and was waiting for the right story to come up. And so in 2017 I was like, okay, there’s a story here somewhere. Like what just happened? It’s crazy. It’s fascinating.

CR:

To me Ethereum was like a big story that hadn’t really been told well in much detail, like the founding story of Ethereum and the history of the early days. To me I saw Bitcoin wanting to be peer to peer money while Ethereum wanted to be peer-to-peer, everything. And that was super interesting. ICOs showed us first glimpse of the potential. Of course there were scams and everything, but it just showed that, okay, this can actually work as a super flexible platform for people to just like build whatever they want.

CR:

Ethereum was actually arguably succeeding at what it set out to do. That’s why I thought, okay, like this is an important story to follow. I started writing the book and then researching the book. I saw the decentralized finance space emerge. And to me it was just amazing. Like it was the middle of a bear market and still there was all this activity going on in crypto and it felt like crazy that nobody was paying attention to it. Like here it was like the cypherpunk dream. Um, you know, like there’s actual like financial obligations that are working that are transacting real money and you know, it’s, it’s actually here, you know, a way to transact money across borders in an open way, available to anyone and it’s working, it’s happening. And like nobody was paying attention and like few people were covering it. Even crypto media outlets were asleep at the wheel. So I was like, okay, this is a huge opportunity to become kind of the information platform and I’ll start with just like a newsletter saying what’s going on in this space every day.

KK:

Arguably that bet’s paid off! I consider your newsletters to be one of the premier ones in the space.

CR:

Oh, thank you. Thank you for that. Yeah, definitely played off!

KK:

Yeah, no, for sure. I guess after writing hundreds of editions what are some trends and observations you’ve seen from interviews or pieces you’ve written so far?

CR:

It’s hard to find that trend with like so much going on, but, um, I think just like, eh, recently it feels like the pace of innovation is accelerating from an already kind of fast base. It just feels like it’s really gaining momentum and we’re seeing kind of these combinations five platforms create another five use-cases. I mean, that’s kind of a expected result though. Compostability and money Legos. With the recent bZx exploits, it feels like, okay. So there’s not just like a lot of experimentation in, in building, but there’s like also a lot of experimentation in attacks and exploits.

CR:

I think that’s something new that we hadn’t seen in kind of this so far. It was like these two flash loans and then, I saw like this tweet about like a potential like exploit to Maker using flash loans and then Ameen posted something that he’s going to create a DAO to enable these types of attacks. Somebody says, why don’t we, um, redirect interest? And then there’s like five different ways of doing that.

KK:

Completed. It’s very crazy industry. But like, I think with especially the recent bZx exploit, there’s a function of the community within it raising concerns. Whether it’s bugs, practices around keys, development procedures or how decentralized is something in the control points protocol owners have. What do you see is your role in a self-regulating DeFi because there is an opportunity. There’s never going to be any like hardcore regulation due to the nature of the technology.

CR:

Yeah, I think myself and you know, other communicators in this space, like you and many others, I think we actually have an important role in the industry to kind of help people navigate this crazy space. We need to explain how this stuff works. I wouldn’t want to overstate my own role, but I’m talking about kind of media as a whole have an important role in helping users stay safe.

KK:

I think it’s a role which no one’s really ever seen before because I would imagine things like CoinDesk or the larger publications, they have their own competing interests and they don’t get the technical details right they don’t have either engineering competence or they have to outsource their technical due diligence and the person they’re outsourcing through has their own agenda. In the DeFi space, we’re at a time where we’ve got tech, we’ve got money and there’s no regulation to bank on. It’s just people in the world trying to keep things together.

CR:

Yeah. It’s pretty crazy. I think it’s because it’s such a young space, but you get kind of those issues where, journalists aren’t necessarily technical and it takes time to really understand how this stuff works. It takes time to build kind of the right sources that you can call up and ask when you don’t understand something. You know, all of the things you maybe already had figured out in traditional crypto, you have to kind of re-learn for DeFi. So yeah, and same with regulation, like nobody knows. The space is still in like this gray area because it is so, so young. I think these things will improve with time as the space matures.

KK:

Yeah, right now we’re kind of at that stage where if someone sees something, it’s kind of like you have to speak up about it and hope that the change happens. I always think if there is a better way to improve or regulate the space in a self regulating way, it’s like the ultimate, test of can you have self-regulating financial markets?

CR:

Yeah. Maybe, I don’t know. Maybe potentially there can be some like organization or like nonprofit who takes on that role and who has like maybe they can have contributors, rating projects or like filling in what the risks are or investigating. It has to be a trustworthy institution that doesn’t depend on any like single, government, which the space can kind of depend on for that type of information. I don’t think there’s anything like that yet.

KK:

It’s something worth thinking about. So where do you see The Defiant, as a brand, moving in the future?

CR:

I have big plans for The Defiant. I want to build it out into more than a newsletter and have it become an actual media company that’s hopefully the place people go to fo news about decentralized finance. Eventually beyond decentralized finance and into the decentralized economy! I believe DeFi is going to shape the future of finance. I think it’ll take a broader share from the fintech market share. It will become an increasingly important industry. But I think as a whole, the broader economy will start to become, more decentralized. I think that’s a trend we’ll see more, from DAOs to the economy becoming more decentralized. I want The Defiant to, to cover all of that. I do want to help in self regulating, but as a kind of a consequence of it being the place people go to for real quality information.

KK:

Amazing. What is, say, a futuristic headline, which you imagine from the decentralised economy?

CR:

I’m sure we’ll see like some like really crazy stuff down the line. Like we’re, we’re kind of already seeing it now and it’s just like really early on.

KK:

Yeah. Like a 2,408 ETH for a day’s worth of work isn’t too bad. Right. It’s crazy. That’s life changing money for some people. So. Yeah, it’s definitely insane. But, I guess before we kind of wrap up, is there anything else that you’d like to add or share with the readers over here?

CR:

Something I had been thinking about recently was you how DeFi is already better than then most FinTech apps, I think we don’t tend to think about that. Of course, like many things, have to be improved a lot – like security as we saw with the recent exploits. But, I mean, I like the user experience. The way people can interact with these apps is already easier and more seamless than what you can do with traditional finance. I think that’s remarkable for a space that’s so young and dealing with such like cutting edge technology.

KK:

That’s really good. So what’s an example of this that you’ve kind of seen so far?

CR:

I mean, just like the idea of opening a savings account on DeFi. It just takes like two clicks, you know what I mean? Once, once you have ETH you can exchange it for any token and that’s it. I think that’s really cool and it allows you to, to implement these like sophisticated trading strategies, become a market maker and more. Again, it’s like one click, you know, it’s amazing. It’s like, it’s so cool and, and I just love the whole thing not having to login, not having to give my credit card information, not having to do anything cumbersome.

CR:

Nobody has my data. It’s also just the fact that it’s accessible to everyone. I mean, I’m, I come from, from South America, and, people in Argentina don’t usually have access to this stuff. They don’t even have access to like Acorns or stuff people use in the US to make savings easier. They don’t even know what those things or those apps are. DeFi though, I can tell any of my friends try. The biggest hurdle is still getting from Fiat to crypto. That’s one thing in my opinion that needs to be solved for adoption to be faster.

KK:

That’s a really nice to take on the real impact this all has. Also, I just remembered that I wanted to ask you one really difficult question. Are you ready? Is ETH money?

CR:

Oh, yeah. What a difficult question. It totally is.

KK:

That’s all we needed to know. Thanks so much for your time.

CR:

Awesome. No, thank you. It’s been fun.

DeFi Audit #1: Synthetix

https://defiweekly.substack.com/p/defi-audit-1-synthetix

Hello DeFi’ers, today’s edition is a more technical analysis that I hope you enjoy! It takes a non-trivial amount of time to write these so your support is highly appreciated 🙂

Share


I did a poll around what people wanted to be the first DeFi Audit for and by a large margin people wanted to see what was going on with Synthetix.

Before I get into the nitty gritty details, it’s probably worth taking the time to understand how Synthetix works underneath the hood and what really makes it function.


Basics

Synthetix allows you to generate any asset (currency, gold, stocks etc) by using their native token SNX as collateral. A large benefit of this is that you don’t need to go through the process of bringing those asset on-chain, but rather you can deal with a synthetic representation of them. MakerDAO is also a synthetic asset protocol where ETH is the underlying collateral and DAI is the synthetic US dollar produced.

Should the value of the SNX used to generate a synthetic asset drop, the minter must add more SNX to take back their SNX. This is similar to the way MakerDAO works except with Maker you lose 10% of your ETH collateral.

Here’s a small example of how all of the above pieces together:

  1. I’m a user with 750 SNX tokens (priced at $1.00)

  2. I deposit my 750 SNX tokens to generate $10 synthetic-US dollars (750% collateralisation ratio required)

  3. Should the value of SNX drops to $0.90 and I want my SNX back, I’ll need to deposit $0.90 of sUSD to close this position out.

So far so good? Great. Now the next question is why would anyone purchase and hold SNX tokens to begin with – what’s in it for them? I’ll explain below.

  • Inflation based staking rewards. By minting SNX assets, you effectively become a staker of the protocol. Because of this, you’re eligible to earn more SNX tokens that come out of the inflation of the protocol.

  • Exchange trading feeds. Every time someone transfers a SNX-based asset they have to pay a fee. The aggregate of these fees can be claimed by stakers in the protocol.

  • Uniswap LP rewards. This is part of the first point but is important to note: anyone who mints sETH with SNX and provides liquidity for the sETH and ETH liquidity pool on Uniswap receives additional rewards. This is extremely important as it maintains price parity between sETH and ETH creating a liquid gateway between all of Synthetix’s “synths” (synthetic assets).

One of the final pieces to understanding how the Synthetix puzzle works is understanding the cost of minting an asset. In MakerDAO you have the notion of a stability fee which is set by MKR holders on an irregular basis. Synthetix has their own spin where you’re actually in competition with other traders.

  1. John uses 7500 SNX to mint 100 sUSD.

  2. Jill also uses 7500 SNX to mint 100 sUSD

  3. The network now has 200 sUSD worth of debt, where John and Jill account for 50% of the debt each

  4. John decides to be a degen trader and purchase 100 sLINK (worth $1 each) with his sUSD (on which he’ll pay trading fees for)

  5. Now the price of sLINK actually increases to be worth $4 each so John’s 100 sLINK represents $400 worth of value and Jill’s position is still worth $100 (sUSD)

  6. The network’s total debt is now worth $500 in total. Since John and Jill are responsible for 50% of the debt each, John owes $250 to the network and Jill also owes $250 to the network

  7. The difference between John and Jill is that John made $300 from the price appreciation so he’s up a pure $150 ($100 + $300 – $250) while Jill is down $250.

Synthetix’s term staking can be quite misleading in this way since it’s actually just a incentivising people to open a trade position while taking on the risk of debt accumulating. There are no free lunches.

Note: you can trade synths without holding SNX or ‘staking’.

Let’s jump in and do a run down of Synthetix against various criteria.


Ownership Structure and Admin Keys

Synthetix has one of the most complex DeFi architectures I’ve come across till date with a very heavy use of proxies throughout. Proxies are a way for someone to point to one address, but execute the code from another contract. Think of it as a placeholder that executes code on behalf of something else.

Below is the high level architectural overview of Synthetix’s smart contracts and ownership structure:

There’s quite a lot going on here but don’t worry, I’ll be breaking it down as usual.

Starting off, every interaction with the Synthetix ecosystem is the Proxy.sol contract which has the address: 0xC011A72400E58ecD99Ee497CF89E3775d4bd732F. The two key properties of this contract are the targetAddress and the owner. Owner is self explanatory, however the target references the smart contract which all calls are essentially forwarded to. In this case the target is Synthetix.sol which you can think of as the core of the system (and the token tracker). Owner has the ability to switch the entire implementation of Synthetix’s contracts at will which can let them do literally whatever they want. This isn’t anything new but I didn’t think that the entire system’s implementation can be changed at will. Some architectures use proxies in certain places which give users guarantees about what can and can’t be changed.

Synthetix.sol (0x8454190C164e52664Af2c9C24ab58c4e14D6bbE4) is the brain that orchestrates all interactions within the system itself. It has a few responsibilities:

  • Keeping track of all synth token balances

  • Listing all the valid synth addresses inside the system

  • A resolver to fetch the address of any contract in the ecosystem

This contract has the same owner as Proxy.sol as well. However it has a peculiar variable called selfDestructBeneficiary currently set to 0xde910777c787903f78c89e7a0bf7f4c435cbb1fe. There is a 28 day time delay before this beneficiary can receive all assets, however it strikes me as a particularly odd thing to include in. Furthermore, 0xde9 is just an ordinary Ethereum address with no multi-sig. It’s basically someone’s ledger.

I guess the bigger point here is who is the owner and how does it work? The address for the owner is 0xeb3107117fead7de89cd14d463d340a2e6917769 and is another Proxy contract. I couldn’t view the implementation on Etherscan directly (due to the proxy) so I wrote some code to get the results directly

The results are as follows:

➜ node snx.js  Owners: [   "0xa331986ec34E103D567937B293FF8103330FEAda",   "0x9dDD076E9073732eB024195eb944E7eC7149bAF6",   "0xD7e5c7eC37cDe3f42597A5018E9320070c288b82",   "0x285669F472db908531Ed868B92FC0A39EF60D739",   "0xDe910777C787903F78C89e7a0bf7F4C435cBB1Fe",   "0x49BE88F0fcC3A8393a59d3688480d7D253C37D2A",   "0xb0A23F40De7F776A4f20153e8995eD3E7D7c8487" ]  

Threshold: 4 

The good news here is that there’s 4 addresses that are required to make changes to the main contract.

The bad news here is that there’s no time lock so if everyone signs off they can make the change instantly.


Code Quality

Architecture

While I do appreciate small touches like having an on-chain address registry, I strongly dislike the complexity and upgrade controls proxies introduce into a smart contract system. Synthetix’s entire architecture heavily relies on proxies. From an integration point of view, it means that the Synthetix system you interact with one block might actually look completely different the next block (if they push an upgrade). Other protocols might have upgrade controls implemented but you know which specific parts of the system can be upgraded since the contract you’re interacting with will never change, only certain bits of it. This is when you make your code highly modular and admins can replace different modules within their system instead of replacing the entire system. Using a proxy architecture lets you defer that decision all together and just ship quick with complete control.

Even the tokens have their own proxies that they’re deployed behind. I can understand the desire to make complete upgrades but if you have 1 proxy for every contract you’re probably overusing them in my personal opinion. I’ll cover other architectures in the future where they achieve similar upgrade benefits through more elegant, simple proxy-less structures.

Documentation

One area which I was highly impressed with was Synthetix’s documentation. They’ve got diagrams showing inheritance structures, easy to access contract addresses and plenty more which you don’t usually find from DeFi teams. While writing this guide, their documentation was able to assist me quite a bit in understanding how their system work in general.

Unit Testing

From digging through their code, it looks like they do use tests but one thing which stood out was that their tests are integration tests, not unit tests. The difference being that their tests check to make sure things work, not that they can work/defend against malicious or unintended inputs. Synthetix is more onto it with getting audits for major deployments, although my general feeling is that there’s probably an exploit out there some where since audit companies are 80% effective at best. Show me a smart contract exploit and I’ll show you the company who gave an audit.

General Commentary

I’m being a bit opinionated here but I found Synthetix’s developer tooling to be just okay. Their Javascript library relies on JSON ABI files to be updated rather than using Typescript typings which provides integration guarantees. Set, dYdX & 0x use Typescript and to great benefit. Their Javascript library doesn’t have extensive testing to ensure that any ABI changes are breaking throughout their system. It’s not a major deal but tells me more so about how much a team cares about developer experience and the ease of which to integrate their smart contracts in an external system.


Liquidity Analysis

The two largest Uniswap pools at the moment are ETH/SETH and ETH/SNX. ETH/SETH is the size it is mainly due to the Synthetix inflation rewards that grant users more SNX tokens for providing liquidity on Uniswap.

However this is where I realise that Synthetix’s model isn’t really sustainable in the long run unless they manage to overcome some really hard challenges.

  1. As noted earlier on, Synthetic assets are kind of guaranteed to have the collateral they claim since there’s no liquidations – only debt that needs to be repaid. The system faces potential under-collateralisation issues (although at 750% it’s quite far away). Future SIPs propose to fix this issue although implementation is to be seen.

  2. Holders of Synthetic assets are holding something that isn’t exactly redeemable for stable collateral. Should the price of SNX start dropping rapidly, many positions start becoming undercollateralised and even if you could redeem SNX it would be facing a bank run of sorts.

Due to staking incentives, only 20% of SNX supply is not actively being staked which begs the question that how will organic, healthy liquidity originate elsewhere if most of it is being sucked up? Remember: you actually need healthy demand for SNX outside of an incentive mechanisms for the synthetic assets to have true value.

I hate Coinmarket Cap just as much as anyone else but even their unreliable data gives the following data about Synthetix’s liquidity OUTSIDE of Uniswap.

The point I’m trying to make here isn’t that Synthetix is doomed, but rather that it needs a few things in order for it to truly succeed as a Synthetic asset protocol:

  1. SNX to appreciate in price and gain liquidity outside of Uniswap or other incentivised mechanisms

  2. SNX will only derive value/demand if it can generate trading fees large enough for people to care ($7m has been earned till date which suggests some chance)

  3. Trading fees will only be accrued if people open synthetic positions, trade them and actually use the synthetic asset for it’s intended use case

  4. People will only treat the synthetic assets as a MoE if they hold value or perceive that it holds some sort of value

  5. Until SNX gains liquidity, people won’t have confidence to hold synths and neither will other ecosystem participants list on other exchanges.

Unless you noticed this is essentially a difficult chicken and egg problem where you need both to truly succeed. Maker avoided this issue by using ETH as the complete collateral base. Synthetix is taking cues by introducing ETH collateral but the tension always lies in the fact that token holders will want more SNX than ETH to ensure SNX can become more money-like.


Oracle Analysis

During the early days of Synthetix, an oracle went down and someone used it to mint 37m SNX. This was a large shake up in people’s confidence however the team aggressively moved to using Chainlink oracles instead.

https://www.theblockcrypto.com/linked/28748/synthetix-suffers-oracle-attack-potentially-looting-37-million-synthetic-ether

While I would like to do an analysis on Chainlink, that’s out of scope for this piece. The team does run some of their own oracles which you can view directly over here: https://developer.synthetix.io/tokens/

It’s essentially just one address that publishes prices to a smart contract and updates it. I’m not sure the opsec would be on these but we know for sure it’s connect to a hot wallet. In Synthetix’s case having multiple private keys internally that are connected to the internet is a massive danger. I’ve faced this issue working as a developer in places I’ve worked but unfortunately there is no good answer at this point in time. My only recommendation to the team is to slow down and figure out a more robust opsec procedure before adding another 10 centralised oracle price feeds to your network as Synthetix will eventually become a CEX honey-pot. The team does have an aggressive roadmap they’re trying to achieve, hopefully they know when to slow down, focus on the base and when to aggressively ship.


Insurance Liquidity

At the moment, neither Nexus Mutual or Opyn cover Synthetix’s contracts. It’d be good if down the line part of inflation rewards could be used to seed liquidity into providing insurance for Synthetix users in the case of a default. This may give more confidence to users about the viability of holding SNX or synths.


Wrapping Up

This marks the end of my deep dive into Synthetix and my findings after a deep dive into it. Overall, Synthetix is clearly a pioneer in the DeFi space with some highly unique and effective strategies towards ensuring a token can be an integral part of an ecosystem while capturing value.

The main challenge moving forward is whether the system can create synths which people want to hold, use in commerce or other non-speculative uses. Till date the team has made some very impressive pivots (from Havven) to the model they have today. I wouldn’t write off the model although, I would say, the challenges they’ve got ahead aren’t easy to solve!

My favourite part of this review was probably seeing the extensiveness of documentation and guides written for a 3rd party developer to understand how the entire system works and operates. Assuming they solve many other issues, I’m sure many other developers will come to appreciate this in due time.

Once again, hope you enjoyed reading this piece. Please feel free to reply directly to this email or reach out on Twitter about what you thought!