[jstx1]

Isn't security the biggest concern that's basically impossible to properly address in the current DeFi framework?

You have a lot of money being governed by publicly available code with irreversible transactions. There have been a number of exploits in the past and there's no reason why they would stop. Why do people put their money in a system where everyone is a target and a bug can bring their entire balance to zero with no way to reverse it?

[uh_uh]

I'm wondering if newer projects like Cardano are trying to address reversibility at all. To me this looks like the real roadblock for crypto. No financial institution wants to go broke because of a bug in the code. Granted, this can also happen in traditional finance, albeit with crypto it looks a lot easier to achieve.

[soco]

I thought a big selling point for crypto was exactly this irreversibility. If we start building in crypto everything a fiat has, on one side we're reinventing the wheel and on the other neutralizing its (theoretical?) advantages.

[maliker]

Is this an evolutionary mechanism that weeds out buggy DeFi contracts? Not saying the process to get to the end with a few trusted contracts/systems is going to be painless.

[jstx1]

It weeds out buggy ones but it doesn't guarantee that the ones that remain aren't buggy.

[saurik]

Maybe because it is fully programmable and transparent, executing the same rules for all participants, with no restrictions?

[vore]

Just because it's transparent doesn't mean there aren't latent exploits, e.g. the DAO. Open source doesn't mean bug free, and having those bugs immutably etched into the blockchain where all your money is tied up is pretty terrifying!

[saurik]

I got that, but the question was why someone would risk that; I am pointing out that there is a strong positive that maybe outweighs the negatives for a number of users.

[probe]

What about the current DeFi framework makes it impossible to address?

Imo smart contract engineering has much more in common with firmware, hardware, etc. than the mindset a typical React/web2 engineer might have (i.e. try things and iterate). I think that point is not talked about enough.