Happy Tuesday and welcome to Not Boring Founders, the last Not Boring Founders episode of 2022. We had to go Thrice As Nice with an interview of all three co-founders of Exponential Mehdi Lebbar, Driss Benamour, and Greg Jizmagian. Exponential is a Not Boring Capital portfolio company that lets investors discover, assess, and invest in DeFi projects across chains. We focus this conversation on the assessed piece, how exponential assesses the risk of liquidity pools, and assigns a risk grade by looking at things like how long the project has been around, the risk of a death spiral as we saw it with Terra Luna, code quality, dependencies, and a whole lot more. In under a year, exponential has created the most sophisticated risk scoring in DeFi.
You can even grade the riskiness of the Assets in your wallet right now by going to exponential.5 that's exponential.fi just plug in your wallet they'll assign a grade to everything that you already have in your wallet. They've apparently saved people's asses many times by showing them that they have some great F stuff in there. Risk is Exponential's wedge into becoming the most trusted platform for investing in DeFi. That seemed like a pretty smart strategy and wedge when I invested last year, but given the events of 2022, it seems downright genius right now. Risk is the place to focus so we dive deep into all things DeFi and risk in this conversation. It's a must listen for anybody interested in investing in DeFi and I hope you enjoy it now let's get to it.
Driss Mehdi Greg welcome to Not Boring Founders hello excited this is our our first our first three on one so this is gonna be if this is not three times as good as a normal episode we've done we've done something horribly wrong but we were talking before this you sent me a draft of a blog post on November 2nd what was that eight days before FDX saying how exponential is solving DeFi's biggest problem risk and so obviously the huge caveat FTX is not DeFi but risk is obviously this huge theme in the crypto space what was the inspiration for that post and we'll use that as a way to dive into the inspiration for the company there is 40 billion of funds that were lost over the past year because risk was not properly assessed and today at exponential RFI we've identified about 3 billion invested in high-risk contracts so like just starting there the numbers speak for themselves the reason we decided to focus on this is we want to make DeFi accessible and simplify Define DeFi investing but if investors cannot make the right decisions from a place of confidence with the right data then there is no point in building an investment platform so we're like let's start by solving the most important problem table Stakes giving users the ability to understand what they're getting into understand risk understand that the investment opportunities before before before essentially we build the ability to simplify trading and with that said maybe growing and many you want to jump in and talk a little bit more about the risk framework itself high level is when you think about DeFi and the reason why it's so powerful is it allows removing that interMehdiary with the idea being that anybody can read the smart contract can understand what it does and control trust it and that sounds great in theory but in reality almost no one can read a smart contract like you know I have 20 years in software development and I can tell you that the best engineers make mistakes in their code and you have to be able to understand the code you have to be able to understand Finance because some of this stuff is talking about options and puts and like really understand that and then on top of that there's some amount of legal that you also need to really understand and then you have the fact that each smart contract is not independent in and of itself that it relies on other smart contracts and references them and so you get into this space where to really understand the risk of one smart contract you actually have to research 20 smart contracts be under able to understand software Finance law and compounding risk right and so the idea being that like one risk over here is independent of this risk over there is independent of this risk over there and if anybody remembers statistics those risks compound to the point where like you have a real chance of losing all of your money with the idea of being like if we're trying to get to this point where people can actually trust DeFi and compare it to a bank well you gotta really be able to understand risk and and our perspective and this really came for Mehdi is that nobody out there can do this at scale right like it takes days hours weeks to understand one smart contract and then you go there are 10 000 plus smart contracts out there no one has the time to do that and so like even if you want to invest in DeFi the like opportunity cost is so high and so what we've done is we have mapped the network of all of those smart contracts we've identified 60 different risk categories and then we've tried to rate each smart contract across this 60 different categories to establish a baseline of what that risk is I feel like we went from this period of time maybe a year ago where to at least people outside of the industry, centralized stuff C5 was like, you know, maybe not as sexy but like less risky. DeFi was risky to now this kind of meme that DeFi is this totally safe thing where you're totally in control and anything centralized at all is super super risky.
How do you define risk broadly, and then what are some of the big ones among those six seated that people should be looking out for? I can take a crack at that. Look, our mission is to bring rationality to DeFi. We think that DeFi is something that is actually like very powerful but we were glorifying the Degen and the Apes for a little bit too long. And so we think that we actually can and have to as an industry and an ecosystem we have to look at risk because that's what's facing the reward. We had these amazing yields but we need to understand the risk and the issue that risk is really hard just as Greg mentioned you have like these black swans like events that you don't predict and actually in a world that is not regulated that is not like that is based on code as low you have a lot of unpredictable events and that's what makes DeFi risk pretty hard because you actually need a framework that takes and covers all types of risks.
Also so the way that we do it is like we look at the risk of a protocol the risk of an asset the risk of a chain and then we compound all of this into the risk of a pool which is basically an investment opportunity or an opportunity to generate deal and so we we bring all of this together we go actually much deeper into in terms of layers or the protocols we are going to look into the protocol design to understand how the incentives work together because sometimes the incentives are not aligned if they're not aligned where you have issues of people taking advantage of protocols in protocols again we are going to look at to the Lindy effect like how long has the protocol been around saying that a protocol that's really new it probably a riskier than a protocol that has been around battle tested we think that defraud calls are going to become the infrastructure of Internet of money and that's that's something that's really powerful protocols again we are going to look into the code and look at the audits how many hacks has did we have there and so that's just for protocols we are going to do some type of work that is very similar in terms of change the level of decentralization we're going to do a lot of research which ends up being something more than 40 hours of research as Greg mentioned just for one.
At this point at exponential is that your team going in and manually doing the research how much of the risk scoring are you automating away with code at this point and then where does that Trend over time how much can you just automate away and write code to analyze? The experience of having done startups before is you start with doing the unscalable stuff and then you figure out which parts are the hardest and you try and scale those. And so I would say it's hard to put a number to it but maybe like 20 30 percent of it is automated right now and 70 of it is manual with the idea being that you will probably get to that 80 20 where like 80 percent of it's automated and 20 of it will always require some form of manual you know some of this information is on chain some of it's not on chain some of it we're able to pull from other sources some of it were not were like constantly finding ways to automate pulling of more information but truthfully I doubt we'll ever get to a point where it's a hundred percent automated because there's always going to be new stuff there's always going to be some level of human like really understanding the economics of how something works and you know looking at like Audits and actual code quality there's places where you're going to want some level of that expert looking at something and making a call and we try to make it as objective as possible but it's a really hard problem which is why it's so much fun to work on.
One metric amongst hundreds and one thing I wanted to add in terms of making the system scalable is we created what we called a defined graph which maps all the dependencies so if we update a rating on a protocol an asset it will trickle down throughout the entire system which makes it very scalable and we invested in that upfront so that allows us to essentially reduce the amount of manual work significantly.
What we care about is making risk understandable so we grow we summarize thing into a grid going from a to s or school grade simple um and and so the user can understand okay this is an A and it gives me five percent the Elder this is a c and it gives me 15 yield and make those trade-off and then this is not an opaque rate you can go zoom in and say why is it a c and look at all the metrics that triggered that.
Now going back to one of your prior comments there are like hundreds of metrics we'll look at but there are three that are like triggering often triggering a d owner as the first one uh is what we call reflexivity so reflexivity another word for it is that's fire which is a little more scary so that would be a design similar to USD and Luna and there is a lot of it out there today in that three billion at risk that I mentioned before.
I'm gonna pause you there because you put grades on these things anyway what what out there that's still running has some of the biggest Best Buy risk that is also like big and structurally important or whatever like not some little tiny thing but a thing that if it falls apart that's a bad bad thing for everybody I can't take a crack at that one basically that spiral happens whenever you have liabilities that get a little bit higher than passive so what happened there you have a bankrupt you have people starting to say oh if I don't get out now I would be the last one naked.
What we look at is we look at anything in DeFi that has that situation it can be an asset it can be a protocol it can be a pool it can be anything so what we see here for example is like algorithmic stable coins they are trying hard in terms of innovation and creating the incentives and so on in order to create more money than they actually have in terms of assets and collateral and so something like frogs has the same issue as Luna as as UST in terms of having more liabilities than actually assets or more money printed than collateral.
We like DAI for example DAI has 130 percent collateralization give or take a few percentage points that means that for every dollar of die that is printed there is like about a dollar and 30 cents behind that stacking it and so that's how DeFi should be built DeFi is building Finance from the ground up with these Lego blocks and these Lego blocks need to be trusted without the need to trust humans and so in order to have that DeFi actually requires a lot of collateralization but what's interesting is that if that and you think about Finance today Wall Street Finance it's all about credit and counterparty risk and so if the trust based system and that trust based system looks efficient until the day that you have a big crisis so that's the issue it was through today is like every seven years or 15 years we have a big great financial crisis and it again because we increase leverage and so on.
So getting back to the debt spiral we are going to look at for example something that is uncollateralized lending or under collateralized lending like we had with Maple we talked about it about two months ago on our platform we talked about it about a month ago on Twitter space we talked about it actually just last week on an interview with Tom this weekend we're seeing that Naple has an issue and maple is an unequalitalized lending protocol the first one that actually has this dead spiral issue potentially.
You know thinking about that one from all of the different risk perspectives it seems it under collateralized lending would be a really nice thing to be able to have are there things when you're looking at the risk landscape that protocols might do to avoid those issues or is it just the nature of the system that over collateralized is going to just be far preferable even if it's a little bit less efficient look we look at this and we say anything that could happen will happen I think that's pretty safe right now and that's how bear markets work as well and that's how actually Finance over the long term like hundreds of years that's what happens and we don't want to discourage innovation of course and Innovation is trying to increase the level of efficiency and productivity that we have by putting less collateral in front of these Lego blocks that we're using for finance.
The reality that in a trustless environment we go with the idea that you should build things right. We should not bring in what are the issues of Wall Street into DeFi. DeFi is actually a much superior system, it's the future of money, it's the infrastructure of the internet of money. All of that is going to be very significant in the next decade for humanity and it should be built right in a way that is as sustainable as the internet and water. And like you were saying, like it doesn't mean that stuff shouldn't exist, right? Like penny stocks exist, there are poorly rated bonds, but you should be getting the risk-adjusted return as a result of that. And I think what we have seen is a lot of people are investing not really understanding what that risk is and not getting the appropriate return and being aware that they're putting all of their capital at risk. And so where you have people putting capital that they think it's someplace safe and then losing it all, you know tarot being the prime example of that, to this point those are the sorts of things that we want to make sure people avoid. If you want to go invest in penny stocks and play these high-risk facts like that is an investment strategy. There are people who apparently do well at that. I don't know that I would go out and recommend it but like that option should be out there. It doesn't mean it shouldn't exist. You should just be able to do it knowingly.
And that makes a ton of sense. So death spiral risk number one. Greg, what's big risk number two?
Yeah, they're related but it's the, Mehdi touched upon it already, which is the level of collateralization. It's important. And the third one is the quality of the collateral is very important as well. You can have 130% with vaporware, which is a token you printed yourself. So that's very important as well. Those are like super table stakes and trigger kind of things being rated D or F in the framework.
There's an interesting story to jump on what Greg mentioned here on like where this whole thing started. We're running an early research session with a prospective user, right. He was looking at the product getting all excited, right, because he mostly wanted to trade in one click, which is where we're gonna build next, but then he sees a pool and he's like "That's an F?" And he kept saying "That's an F?" And I'm like "Yes, that's an F." And he said it again "That's an F?" And I'm like "Yeah, what's up?" He's like "I have seven figures in that pool and I thought it was an A, in my head." And that, that's what Greg said, that's where it came from because we need users to know. If they want to invest in an F, that's perfectly fine and get like 300% yield, that's their choice. But they need to know about it. What we're trying to avoid and why we focused on risk is that user knowing what they're getting into. That case is so interesting because to have seven figures, so over a million dollars, yeah, in an F, you need to either just be rich and have been fairly sophisticated or inherited a bunch of money or made a bunch of money in DeFi. So fairly sophisticated kind of either way unless you just inherited and are gambling in a way. What did he miss in thinking the gap between an A and an F there?
Very similar to UST and Luna. A lot of people, that was by the way, like nine months ago before all of this happened but people invest because their friend tells them it's safe. They're like "Oh my buddy who knows finance told me that thing is okay, so I'm gonna invest in it." I looked into it. So the team seems reliable and stuff. But as many said, there are a hundred things that can take you down. You may know 98 of them but you missed the two that are going to take you down. And so what we try to do is have a super comprehensive, or as comprehensive as we can, as possible framework that not have these, these risks captured.
Yeah, I think it was just the fact that the pool was labeled as stable. It was a stable pool and it was a stable coins but it was actually four stable coins. And so every one of these coins had an inherent risk. One of these was an algorithmic stable that was endocardialized. And so if you compound all these risks of like four assets into a pool that is based on two protocols and one of the assets is bridged through another chain, it creates a lot of inherent risk. And so we capture that but the user was looking at the investor was looking at this as like this is stable, a stable.
What are some like quality assets out there? Like and I'd love more than just like a list of names, maybe pick one or two and explain what they do so well.
I think it comes down to pools that are battle tested and that have been around for a long time. So for us, something like an automated market-making pool like Uniswap, especially a V2, even the V3 because it's pretty battle tested now over like more than a year and a half, I've been around. It's going to be nice for something that becomes more and more a real protocol, something that's like very close to what we say the infrastructure that is reliable. We were rating Aave and Compound as A because it's passing class in lending. There was an exploit that is like minimal, but it is real, based on the incentives that are around it. By basically looking at that collateral story that Dries mentioned, for example, where the collateral itself is not may not have enough liquidity outside of the pool, for example. And so this is the kind of like things that we are going to be continuing to learn as we go and advance in DeFi. These are the early days of DeFi, and over time what's wonderful, you start to have more and more battle tests as well.
I think that's one of the things that we struggle with in our conversations. We're trying to keep things objective, but at the same time, there's how much weight do you put to any of these given risks? And one of the things that we talked a lot about is we recognized the risk in Aave, but we're like, it's really hard to pull it off. And so like how much risk does that actually equate to in the real world is, is we are having this debate across a research group, and Driss and I get pulled into that as, and in terms of like we recognize this risk of like you can exploit in this way, but you need a lot of capital and like how much do you end up succeeding, and then how much does that put the whole protocol at risk versus just that pool? And given all of that information, how much weight do we put to this risk that we've identified? And so it's one thing to say we, you know, we have 60, 100 risk data points, it's another thing to be like okay given this risk, what is the odds that it takes your investment to zero? Because that's really like the biggest driver of that A to F rating, right? Is the fact that like you thought you had an investment and it's not like hey, it goes up a little, it goes down a little. I think people are mostly used to that experience if they've invested in stocks and particularly in this current market. On the other hand, the rest it goes to zero is just not one that people are cognizant of. They're like maybe aware of it like FDIC insurance. They know some banks close, and they know like financial crisis, banks got bailed out, but like nobody really lives it. And I think very few people are worried about it. But it is something that's very real in this new space and it's something that's real in the old space too. People just are protected and they're far enough removed that they don't stress about it.
When you see an edge case, low probability risk like that, other one, but you've done the work and you've uncovered the thing, do you flag it somehow and you're like, this is an A, but there's just like one thing that could happen? Or do you like keep that to yourself? What's like the ethical thing to do, or maybe it's just a, it's not an ethical thing and it's just a UI thing, but what's the thing to do when you have a piece of information like that with an otherwise great story?
I think we don't stop at the rating. We actually bring as much information as we can to the user. And so when you go on that pool page, for example, you are going to have a lot of information about the protocol. You're going to have a whole section of the dress and we're gonna detail a lot of things. We also have what we call the editorial take where we say what we like, what we don't like, what it means for you. And so what we're trying to do is like take a subject that's really complicated and expert level and bring it to anyone who wants, who is able to read and understand basic things of finance and risk. And that's something that's hard because it means that we need to summarize a few things, but we are also doing it in a way that is like we started with the basic rating, it's an A, it's a B, or a C. And then we explain on big terms like the protocol, the asset, the pool, and then we go more to the details. And so the pool page, for example, on [exponential.fi](http://exponential.fi/) is going to have a very simple things at the top summarized, and you're gonna keep going to the rabbit hole as you go there.
It's interesting. I would imagine and we'll get to the, the future and then where this is going, but once you have the ability to kind of match trading with the scores and understanding somebody's wallet, I wonder if also sometimes it's like, hey, I just invested ten dollars in this thing and I have a million dollars sitting in my wallet. Like whatever, just give me the, the grade. But if someone wants to put like half their wallet into something, they have to read the fine print. Your choice and you're not playing the parent here, but I do wonder if there's something where you just like throw up a couple extra flags if someone's about to ape into something that you that you know that there is an issue with potentially. Switching gears a little bit again, yeah, I guess we've talked about this question of trust a bunch. Why should we trust you? I think probably now is a good time to go into your backgrounds and how you got into the wonderful world of DeFi risk and why you're people whose judgment on how we should weight things, what we should look at we should trust.
I think you should not trust anyone. That's the right answer. Hey, that's my answer. Yeah, you stole my camera. Plus one. Should not trust anyone. All we can say is we put our best foot forward to give you the information you need to make a decision. And we made it easy for you to do that. That's all we can say. Now our grade also doesn't mean A doesn't mean it's risk-free. A just means it's less risky than B. That's something that Greg mentioned one day, and that was that resonated. We're not about telling you when things will fail or if they will fail. We'll just tell about telling you that A is less likely to fail than B, and B is less likely to fail than C. That's it. And that's what we're, we're about. With respect to your prior comment around like flagging users, flagging things to users. Today, you can go on [exponential.la](http://exponential.la/), if I enter any wallet, we have this feature called rate my wallet, and it tells you what's ABCD in your wallet. People find it super useful. Um, and then they can go dig in and understand what's going on in their current investments before moving forward.
Yeah, I've done this. It's fun. I was actually safer than I expected that I was going to be because I just have done stuff sometimes. The small amounts of money. So that was, it was comforting to plug my wallet in and see that. All right. So we, we aren't going to trust you, but what are your backgrounds, and how'd you come into DeFi risk?
I would say to give the slightly serious answer to that is we have a breadth across this. And so we have experience in finance, we have experience in code, we have experience in law, we've experienced doing things at scale, we've experienced trust with large amounts of consumer data. So like, I have experience in payments. I've also got experience at Amazon with Alexa. Double checking my device is muted before I said that. Um, and experience in terms of protecting tons of PII of people's information and device information. And so we've got the experience across a wide variety of potential risks. And I'll let Dries and Mehdi get more into theirs. And it's that cross-section of experience that I think makes us as perfectly situated as one can be to at least have healthy debates about this. It doesn't mean we're going to get it 100% right.
My like standard line on all of this stuff is I don't trust myself. The dress will be like, "Do you trust this?" But I don't like, I don't trust myself. So like I can't trust the vendor. Yeah, but I've been trying to put it into a perfect situation where like I would still use the vendor, but it's like how do you recognize when things are failing and prevent the consequences to the user if things fail? And so we design all of our systems around that, and we kind of think that way.
Yeah, so the reason we're three founders is what Greg mentioned. You pulled this off, meaning bridging web 2 and web 3, which is what we're doing. You need a breadth of skill sets ranging from engineering and law, which is Greg's background of various startups. Myself, um, looking after everything fintech and payments at Uber at scale, from the from the from like building a system from the ground up and and being able to move and secure billions of dollars in like 60 plus countries and so on and so forth. So that experience like I'm bringing in here to what can we do to apply that fintech web to experience to web 3. Um, and then Mehdi can speak more about his background, but is our resident DeFi crypto expert here among other things.
Yeah, he wanted to say divide DJ, I guess. Um, my background is is is in finance. I have more than a decade of experience between school and like work assessing risk in places that are like Frontier markets. Basically investing, for example, in sub-Saharan Africa in infrastructure with the World Bank taught me to look back at the fundamentals of finance and the fundamentals of risk to be able to assess risk of these investments. And so I very naturally got back to those like muscles when I had to think about crypto and DeFi because these are like places where you can't expect regulation to to help you. You can't expect precedent to help you and the historical prices or volatility doesn't mean anything because there is none of that. And that's I think the background that like attracted me to finance and to DeFi and crypto when it emerged.
And I I would say I would just add to that that one of the strength that we have as a team is the complementarity of skills and personalities. It's not just skills, it's also like we work very well together. We fight a lot, but I think that's actually super very much needed in order to get to truth. And truth is really hard to get to. And I think that's why we end up with a subject that is as hard as risk in DeFi.
Yeah, I could tell other than just knowing it beforehand that you're the finance guy when you said that risk is what faces reward. It's something that I really like a lot, but facing is very, very financi term. Where does this now go from here? Because like the obvious one, we've hinted at it a couple of times, is that I see this thing and I'm like, all right, cool. Instead of going from seeing the score to somewhere else, this is where I do my, my trading. So what will the platform look like when I can do anything that I identify in exponential?
Yeah, that that makes sense. Before I answer that, just a quick correction on on Maddie's comment. It's no longer a djen. It's d-gen responsibly, which is also what we call our podcast, by the way, on on Twitter space. So so our resident Degen responsibly would be Mehdi.
Very, very meta. Move fast with stable infrastructure of you. That's right. So in terms of what the product looks like, step one, have all the information you need to to make the right and investment decision. So you're interested, for example, in basic holding it and Bitcoin. Instead of letting it sit, you want to actually generate yield on ETH and Bitcoin. You can find the right pool for you and the right investment opportunity, understand its risk, understand the yield you'd be getting and so on and so forth. So start with there. Then once you've made an investment decision, then it is as simple as a one-click trade. That's that's what we're we're shooting. Like there is no Metamask complexity, bridge chain. All of that is abstracted. The idea is you can come in, make the right decision for you, send the 10,000 USDC, which will be invested in in the pool of your choice, and you'll be able to trade, buy and sell, switch between pools and so on and so forth super seamlessly eventually. And so the first part allows you to make the right decision. The second part is once you've made the right decision, then it should be easy for you to trade and not send money through a vortex and anxiously wait that it arrives on the other side of the bridge with and so on and so forth, which we've all done.
I would say the third thing is actually in terms of custody. We're taking care of the custody with the state-of-the-art process, operations, technology. That's obvious. But most importantly, we want to go with the philosophy of crypto itself, which is like not your keys, not your money. So we want you to be able to almost like become someone who custodies your own tokens and LP tokens and so on. And so we are working very hard in order to make that possible where you would be responsible once you did the trade on exponential and we simplified all of that, you're also able to go with withdrawing your, your LP token.
That seems like a pretty challenging thing. And I remember this even from the first conversation, like making all of that happen in the background is really, really complex. Like, for example, if you make it really easy to do something on Polygon and in Solana and wherever else, not only does that mean there's a bunch going on in the background, but if you want someone to self-custody, they're going to have a bunch of different wallets, and they're going to have to switch networks. Like, how do you get the right level of simplicity and complexity when you're having like a web 2 front-end experience with the self-custody backend?
Yeah, so um, eventually what Mehdi was talking about is longer term the self-custody and easy isn't there yet. It'll take a few years to get there. Yeah, so so initially, um, we are building the system in a way where everything is backed one to one. Um, it is a custodial investment platform in order to achieve the simplicity that we want in order to unlock DeFi for everyone. If you decide you're ready to make the move to self-custody, you can then do that, then transfer into your, your own wallet. What I suspect will happen is either ourselves or someone in the ecosystem well-solved soft custody and easy eventually, and and that's when that migration can happen, but it'll take a bit of time.
And what do you think is is most promising there in terms of like just different avenues? Is it MPC? Is it what are the ways that you can have self-custody and easy that now someone just needs to go out and build it?
It's hard. It's very hard. Yes. It's hard because if you start with the principle that it needs to be trustless, it becomes anything that you are going to make, it will mean less secure and a vector of attack. For example, you have like wallets that are going to tie to a smart contract that is going to actually be able to tie the wallet to your sim card or like phone number, then that becomes a vector of your attack. And with Sim swaps or all types of ways to identify you, or you have to have a centralized party that is going to check your identity, all these things are actually going in the opposite direction of like self-custody. And so it is something that is still hard. That's when we saw that this was going to be a problem that is going to take many years. And so with a user-centered approach, we ended up having to do something that is like almost a blasphemy in web 3, which is like, oh, we have to build like the Coinbase of DeFi, in a sense, where something that is a web 2 interface that is allowing you to really do the job that you want to do with the idea that once people are able to taste DeFi and see how this is useful to them, start to think about how to self-custody.
And one very important point is you can design a custodial platform with the principles of decentralized finance, which is what we're doing. Prioritizing security above all, everything is backed one to one. So no messing with customers' funds, no liabilities would be the top two. And so in doing that, building the platform the right way with the right principles is something we deeply care about.
And how do you achieve number two? Or you said no one should trust you at all. Is this like daily audits? Is this proof of liquidity? Is it proof of reserves? Like, what are you doing to achieve particularly number two, proving that you're one to one?
I think that's a, a, there's a lot of things there. So there's not like a magic bullet, right? And I think one is really being transparent, open about what we're doing, all the things that we're doing, trying to secure. And part of that is, frankly, if I'm gonna build a smart contract, then you have something that's open source, that lives forever, and has the opportunity to be hacked. Essentially, you have code that's giving someone infinite chances and infinite time to hack. And given that constraint, if my options are to build that or build a closed system and then try and be transparent about the closed system, I can build a much safer closed system faster, give users that user experience, and then figure out the right way to showcase that. And so there's things that we can do in terms of showing like, okay, when you transfer your funds in, your funds actually stay in a custodial wallet, but it's your custodial wallet. You can go look it up and see that the funds are actually there versus a Coinbase where like it goes in like you sent it there, and you just have to trust their UX that it's there, right? And so there's things that we can do along those lines. And I think the other key piece, and this part Coinbase does well, is that like there is that offer where like, if you want to take it out, you can take it out. I think the biggest flag for us on some of these, and part of where like Mehdi called BlockFi very early, is if you make it hard for people to take it out, that suggests that something fishy is going on, right? And anybody who's limiting withdrawals or has thresholds for withdrawals, like there are some legitimate use cases around that in like real estate, where like, I can't liquidate real estate imMehdiately, right? And so like, you can understand why if you'd invested up on there, like there are withdrawal limits. But like DeFi shouldn't have that. And if somebody's trying to sell you DeFi and then has withdrawal limits, like that's a big red flag. And I think it's the same way. So like trying to do all of those things to showcase that, but there's not going to be any one thing. And on the other hand, I think we're really deep in this area where like, the vast majority of people aren't, right? And so there's also a balance of like, we want to provide as much information so the people who want to go deep can really understand that and hold ourselves to the same standard that we're holding every, you know, protocols and assets and all of these things. On the other hand, you don't want to confuse users with a bunch of detail that they may not understand. And so like, we're trying to figure out how do we strike that right balance. And I don't think there's a perfect answer. If you have the answer, tell us, and then we'll just build that.
No, I mean, I, I would love to even dive in more on this. This is so fascinating, particularly right now, right? Like, um, the one hand, the general public is thinking about risk in crypto in a way that never in a million years would have thought about risking crypto without something like FTX. On the other hand, they're just knee-jerk not trusting centralized institutions in crypto. How do you think about getting that messaging right to people that it's like, there are all these things. And if you want to dig in, we're going to be very transparent about it. I know you're saying right now that you want to dig in because of this, but like, nobody actually wants to dig in. How do you understand where, like, people's just rage and sentiment is versus what they actually want to do and triangulate that?
Show, don't say. So that's the approach we're taking. We could be building a trading platform now. We spent a better part of a year building a risk platform because that's the right thing to do. Users need that. And show them the data that they need. So all you can do is take the right steps and prove that you're taking the right steps, be very transparent about it. Um, and I think offering the right information for users to make the right decisions is, is the first step towards building that trust.
Yeah, I think it makes a lot of sense, and you are obviously on that vector before, before it was the cool thing to do. But I do think it makes a ton of sense. The last question here, then, is, you know, assuming everything goes right in the next couple of years, the next five years, the next 10 years, like, what does this look like? And then what does the world look like if exponential is as successful as humanly possible?
All right, I'll take a first crack at this one. So decentralized finance is an incredible ecosystem. Anyone can earn yields that was previously reserved for banks and interMehdiary areas. The problem is something that Greg mentioned. The system cannot achieve its aim without trust. So without building trust, which is why we built again the risk platform, which is why Dries was mentioning. So 10 years from now, if everything goes great, one, the majority of people's assets are working for themselves rather than interMehdiaries. Two, information is available and organized for users to make the right investment decision for them. Three, all assets, not only metaverse assets, are available and tokenized in DeFi, including stocks, real estate, and these assets are working for themselves, generating yields without interMehdiaries. And then four, we are to access Gateway. So the ability to access those to make those assets generate the old in DeFi, bridging web 2 and web 3. That's what the world looks like 10 years from now if you're successful.
I love it. Yeah, point three, I feel like the whole bear market is hold forward pulling real-world assets on chain. Actually, like I've been talking to people more and people have been working on stuff, but it really feels like there's this new focus of like, oh, we need to do something that actually like connects to something a little bit bigger and drives real value. So your vision sounds like it could be, you know, parts of it a five-year vision, and then hopefully to your point, Dries, earning our own money and not getting 0.01% on a bank account at Bank of America within the decade. Really glad that you guys are building what you're building because it's really nice to have something like exponential out there that I can just double-check beforehand. So thank you for building it and hope that vision comes true. Any closing thoughts before we wrap up here? Where can people find you?
Yeah, so first thing is be safe out there. Our platform is here to help you make the right decision before investing in DeFi. But we're building Exponential for anyone to easily first discover, assess, and invest in DeFi through our custodial investment platform. You can follow us on Twitter at exponential DeFi, and you can find us on [exponential.fi](http://exponential.fi/) as well.
Awesome. Thanks so much for coming on, Greg, Dries, Mehdi. Congrats on the Morocco win. We're recording this right afterward, so huge, and here's to many more wins for the exponential team. Have a good one.
Thank you. Thank you. Bye.
