DeFi: hacks made a distant memory with Sentinels

Thu 22 Apr 2021 ▪ 23h28 ▪ 4 min read — by William Proctor

Since DeFi hit the scene, the biggest fear of its users is to wake up to the news that a loophole has been exploited overnight and that some (or all!) of their funds have disappeared. Fortunately for us, a new solution is making waves in the DeFi space…

A single solution for all

This new solution is an application called Sentinels. It helps DeFi (Decentralised Finance) projects detect abnormal behaviour and react automatically. Sentinels is part of the OpenZeppelin Defender service. What’s more, it has already been used for more than a year by the main players in the DeFi ecosystem, from Aave and Compound to Balancer and DyDx.

While OpenZeppelin Defender enables the management of smart contract-generated operations, Sentinels is specifically designed to reduce attacks on DeFi protocols, speeding up their adoption.

According to CipherTrace, one of the largest companies fighting ‘crypto crime’, nearly $130 million has been lost from these kinds of attacks in just a year.

A concrete example that shook the cryptosphere was that of Yearn.Finance, which lost $11 million two months ago. The Yearn.Finance hack consisted of just 11 transactions, but they involved exorbitant gas charges. Jonathan Alexander, CTO of OpenZeppelin, says that if Sentinels had already been in place, this hack would never have taken place, as the solution can detect transactions that involve flash loans or high gas charges.

Flash loans are a famous DeFi product that allow any user to manipulate the market. Hackers can borrow any amount they want by pretending to return it in the very same transaction.

A miracle combination?

Beyond flash loans, the prices transmitted by oracles can also be the target of attacks. Combining the Sentinels app with the Autotasks app could further help keep an eye on the price of oracles.

How does it work?

Each time an oracle passes an updated price to a blockchain, Sentinels can detect it and activate Autotasks to double check the price by cross-referencing it against other data sources.

To sum up, Sentinels is just one of a suite of solutions present in Defender, which also includes: Autotasks, Admin, Relay and Advisor.

Today, these tools only work on the Ethereum blockchain. However, Defender for the Binance Smart Chain (BSC), Fantom, Fuse and xDaI are in the pipeline.

That’s not all, OpenZeppelin also plans to partner with Blocknative to act as a mempool – the ‘waiting room’ for transactions that have not yet been registered in a block. This would make the system even more efficient, since the smart contract associated with the suspicious transaction could be suspended, thus preventing the transaction from being executed in the first place.

It is possible that in the near future, all DeFi protocols will use Sentinels. We will all be able to sleep soundly knowing our funds are being lent out (or are farming away) in complete security. Until this day comes, be sure to check security audits of platforms systematically before entering into a protocol, and make sure that you carry out spring clean of your BSC and Ethereum contracts.

Recevez un condensé de l’actualité dans le monde des cryptomonnaies en vous abonnant à notre nouveau service de newsletter quotidienne et hebdomadaire pour ne rien manquer de l’essentiel Cointribune !

William Proctor avatar
William Proctor

Hi! Привет! Salut ! Je m’intéresse à deux choses : la crypto et les langues. Je suis donc heureux de faire partie de l’équipe multinationale du CoinTribune, où je peux partager mes connaissances de la crypto avec des gens des quatre coins du monde – l’un article après l’autre.


The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.

Ne manquez aucune actu et abonnez-vous à Cointribune sur Google Actualités !