Since the inception of Bitcoin in 2009, we’ve seen multiple instances of black swan events cause a fair amount of distress within the community. Centralized exchanges, smart contracts, and new web3 concepts have all experienced explosive growth followed by substantial fallbacks throughout its history.

While these events tend to be bad in the short term, they are ultimately necessary for the long-term growth and maturation of the space at large. And while it pains me to say it, this will likely be no different for DeFi.

As stated by Messari’s Founder, Ryan Selkis, in Castle Island’s podcast “On The Brink”:

“You’re going to have a DAO-like implosion in DeFi, and it’s going to be really bad, worse than people think, and it’s going to break everything and it’s going to be like a reset. It’s happened to Bitcoin, it’s happened to Ethereum, it’s happened to the DAO, it’s happened to exchanges and it’s going to happen to DeFi”

In 2019, DeFi – a new paradigm for global, permissionless finance – exploded. With nearly $1B in value locked within the past 18 months, the industry has seen the emergence of dozens of new products all competing for smart contract usage to fuel permissionless money protocols.

Here’s the catch. The more value locked in DeFi, the greater the incentive is to break and steal it.

While this seems like an overly bearish sentiment, historically speaking, it is likely inevitable and ultimately necessary for the space to progress forward.

A Historical Lens

Mt. Gox

One of the most infamous events in the history of crypto was the Mt. Gox hack back in 2014. Originally launching in 2010, the Japan-based Bitcoin exchange quickly grew to prominence as it was handling over 70% of all global BTC exchange volume by the end of 2013. Despite having a complete dominance on BTC volume, the exchange filed for bankruptcy at the end of February of 2014.

Earlier that month, Mt. Gox halted all bitcoin withdrawals, stating that it was merely a pausing of withdrawal requests to get a clear understanding of the “currency process”. A few weeks later, a corporate document was leaked claiming that hackers raided Mt. Gox and stole 744,408 BTC (~6% of total supply) belonging to its customers. In addition, another 100,000 BTC belonging to the company was lost, resulting in the exchange being declared to be insolvent. Anyone who was using Mt. Gox to custody their assets lost access to their holdings, valued at over $460 million at the time.

While the aftermath of the Mt. Gox hack is still in effect (the trial is still on-going and BTC is still missing), it ultimately paved the path for industry standards surrounding secure storage, regulations, and more. With that, new entrants such as Coinbase, Binance, Gemini and others were able to successfully build secure and transparent centralized exchanges.

The DAO 

One of the more interesting projects from the early days of Ethereum was The DAO – a decentralized autonomous organization aimed at creating a permissionless venture capital fund.

Launched in May of 2016, the DAO opened a genesis period where anyone was allowed to buy DAO tokens with Ether. In a short period of time, the DAO became wildly successful, locking up 12.7M Ether (11.7% of the current liquid supply) worth over $250 million at the time.

Unfortunately, despite its explosive success, an attacker was able to find an exploit within the smart contract allowing him to “ask” The DAO to give back the Ether multiple times before it could update the balance. While the hacker was able to easily exploit the smart contract, the funds were placed into an account subject to a 28 day holding period, largely mitigating the immediate effects of the hack. This lead to a rift within the community and the eventual hard fork of what is now Ethereum Classic. In doing so, all hacked funds were returned to its original investors.

While The DAO was an extremely interesting experiment on the potential for smart contracts and decentralized social and capital coordination, it ended up in ruins. Fast forward four years later and we’ve seen the rebirth of DAOs via projects like Moloch and MetaCartel Ventures. It took years of research and iteration for DAOs to remerge and fit the evolving landscape.

Now that there’s an established framework, we’re beginning to see a resurgence in DAOs as originally envisioned by the Ethereum community, but in a much more sustainable fashion.

The ICO Bubble

Most recently, we saw the ICO bubble of 2017. Similar to The DAO, Ethereum introduced the concept of decentralized, permissionless crowdfunding through tokenized offerings. The community poured into the scene, dumping billions into token projects seeking returns unlike anything seen in traditional finance. Generally speaking, investing into prominent ICOs in 2017 typically returned 2x, 5x, 10x, and even 100x in the matter of weeks or months.

For crypto veterans at the time, this was clearly unsustainable – and they were right. After a massive bull run at the end of 2017, token projects who raised capital via an ICO incurred significant downtrends on their tokens over the course of 2018 and 2019. As reported by The Block in August 2019, the average ICO raised $36.2 million while the median raise was $18 million USD. With that, the median return on those same ICOs averaged -87%.

All in all, ICO participants lost billions in collective capital as the explosive growth in ICOs was clearly unsustainable as many tokens lacked any real tangible value. While we have yet to see resurgence in permissionless crowdfunding, the industry is in the midst of iterating on the right formula.

We’ve seen the rise of IEOs where prominent exchanges curated token offerings for their user base. While these offerings have been relatively successful for prominent exchanges, many lower-tier exchanges took advantage of the opportunity and fell short on the curation side, leaving prospective investors with low quality token offerings.

Similarly, the SEC warned investors that IEOs may still be breaking securities laws. It’s no surprise that despite the curation process, unregistered tokenized offerings still violate securities regulations, especially in the US.

With that said, one of the more interesting token models we’ve seen emerge from the ICO bubble are bonding curves.

Bonding Curves

In essence, bonding curves issue new tokens each time capital is sent to a token contract. Similarly, existing tokens are burned (or destroyed) each time they are redeemed for a pro-rata share capital pool. Everytime capital is sent to the bonding curve, the investor receives a slightly lower rate than before.

As an example, if two users purchase tokens via a bonding curve with 1 ETH, the first user will receive the rate of 1 ETH = 100 tokens while the second user receives a rate of 1 ETH = 99.98 tokens. Generally speaking, the rate and steepness of the curve are determined by the token project upon launch.

In practice, bonding curves allow for the price of tokens to increase when new tokens are purchased, and decreased when existing tokens are redeemed. It is important to note that bonding curves do not require the tokens to be traded on an exchange and are solely traded against the contract. Therefore, bonding curves create a sustainable mechanism for tokenizing an ecosystem while bringing tangible value to the token as they simply represent a pro-rata claim to the underlying capital pool.

Mitigating DeFi Risk

Smart Contract Audits

While insurance will mitigate the aftermath of the black swan, a diverse range of smart contract audits will reduce the chances of a hack in the first place. Having a third-party professional team audit and verify the security of the contract on a recurring basis, especially after an upgrade, should be a top priority for DeFi projects across the board. Some of the biggest auditing firms in the space today include ConsenSys, New Alchemy, ChainSafe, QuantStamp, and Audithor.

Smart Contract Insurance

As we can begin to see, there’s an increasing likelihood that DeFi faces some degree of a black swan event where capital locked in a prominent money protocol is compromised. Anytime a new web3 concept takes the community by storm and experiences rapid growth, it reaches an unsustainable rate where the encompassing ecosystem ultimately implodes. The proliferation of DeFi will likely be no different.

Fortunately, the ecosystem has matured a fair amount over the past few years and there are now some opportunities to mitigate the risk – largely through insurance. With the increasing amount of value locked in smart contracts, it would be wise for individual investors and token projects to insure the value locked. By doing so, the effects of the black swan event will be mitigated for the keen investors who insure their capital.

One smart contract insurance project, Nexus Mutual, leverages a bonding curve (hence the brief introduction above) to establish a capital pool for covering smart contracts in the case that they are compromised. Users can purchase insurance covers for a specified period of time by using ETH or DAI. Once the cover is purchased, the assets are added to the capital pool, increasing the price of its native token NXM. As more covers are purchased (and they expire), the capital pool increases and drives an increasing amount of value to the underlying token.


Using history as an indicator, DeFi is likely to experience a black swan event where millions or billions in locked capital is compromised. With complex smart contract code distributed over dozens of different money protocols, mistakes can happen. Moreover, the accelerated growth in DeFi indicates something is likely to break sooner versus later.

However, DeFi can mitigate the inevitable through a diligent and diverse amount of smart contract audits while also purchasing insurance on the value locked by the encompassing money protocols.

Despite my personal, long-term bullish stance on decentralize finance and the implications it may have on global finance, in the wise words of Ryan Selkis:

“Everything interesting has to have its collapse.”