[The Pomp Podcast] Smart contracts are way riskier than you think
By Driss Benamour and Mehdi Lebbar, Co-founders
Published Dec 02, 2022
Video preview


  • Exponential.fi founders discuss the significant risks inherent in the DeFi ecosystem, stressing that a majority of smart contracts are likely to be exploited or compromised, underscoring the need for rigorous risk assessment.
  • The platform aims to bridge the gap between traditional finance and DeFi by providing tools and frameworks for users to assess and navigate the complexities and risks of DeFi investments intelligently.
  • Highlighting the potential of DeFi to democratize finance, the founders share their mission to make high-yield DeFi investing accessible and safe for everyone, advocating for transparency, education, and smart risk management.


Probably 90 percent of contracts are going to be compromised, so 90% of smart contracts are going to be compromised. Today, there is about three billion dollars at risk in high-risk contracts. We're sitting doing one of our research sessions with a prospective user and he was looking at the screen at a super early prototype. He looked perplexed and said, 'That's an F. Why is it an F?' Because it has what we call our reflexivity, which is that spiral, similar to UST and Luna. It started getting word and he's like, 'In my head, that was an A. I have seven figures in that liquidity pool,' and he literally was running away from the office to go exit that position. We had an aha moment, we're like, this is what it's about.
CeFi & DeFi
All right guys, bang bang. I thought a great place to start would just be the difference between CeFi or centralized financial services, and DeFi, decentralized financial services. There's a ton of people talking about this right now, mainly because a lot of centralized services have blown up and it appears that many of the decentralized services have not. How do you all think through the differences and similarities of CeFi and DeFi?
Well, CeFi was written finance as it has been built for the past 100 years. It is based on the fact that people trust each other, and DeFi is actually the opposite. It's about not caring who you are. So in decentralized finance, everything is decentralized meaning that you don't have to trust a counterparty, and so there is no counterparty risk. That's the big big difference and big change with DeFi is that we're taking out the key risk that created all the crises in finance over the past 70 years. Because you don't have to trust anyone, you can have full transparency, you see what is in the code, and you can trust the code because the blockchain is going to do what the code says. Code is law.
When you look at the code, are people actually going and reading, 'Hey, this is exactly what it says and I've identified some vulnerability?' Are people smart enough to do that? I don't think I could go and look at some sort of DeFi product and underwrite the actual code itself. So, am I relying on someone else or their audits? How does that work?
Yeah, so transparency doesn't fix everything for sure. There is a very high level of expertise and technicality. First, you need to be able to read the code, you need to be able to interpret the code and see what kind of design, what kind of protocol design it creates, what are the incentives, and is this sustainable over time. So, for example for us at Exponential, we are going to rely on auditors to look at the technicalities of the smart contract to see if there is a backdoor or if this is something we can trust. Then we look into everything related to protocol design, the economics of the protocol to be able to assess the risk of a smart contract.
How do you guys think about the percentage of problems in DeFi, like backdoors, bad code? Is it like one percent of the time, is it eighty percent of the time? How do you try to identify like how bad is it or how good is it currently?
90% Of Smart Contracts Will Fail
Yeah, we go with the idea that probably 90% of contracts are going to be compromised. It's a little bit like, you remember, before 2017 all the ICOs, probably 99% of those coins didn't make any sense and we think that more or less the same thing is going to happen in terms of smart contracts where, you know, risk is hard so anything can take you down. With our framework at Exponential for example, we are looking at thousands of risk vectors, things that can take you down, and any one of these, like for example a backdoor on a smart contract, can drain the funds.
So we're at the crux of the issues. CeFi comes with a ton of risk and we've seen it recently especially counterparty and credit risk because you're trusting someone. DeFi gives you trustless, which is amazing because it's free, it's open, you know what's going on. Now it's so open that now you need a framework to figure out what's good versus what's bad, and that's what we're building at Exponential. Our framework is the ability to understand. Our framework can be simplified into a grade A to F. So this is an A, this is an F, and here is why.
To answer your question with some numbers, there were about 60 billion dollars lost to vulnerabilities over the past four years. Today, there is about three billion dollars at risk in high-risk contracts that we've identified actually that would be rated basically D or F in our framework.
Yeah, so A to F is like the grading here and what makes something an A versus a B versus a C. I think the extremes, good versus bad, people can wrap their heads around. But when you get into more the granular differences between grading, what is the difference?
Yeah, so our framework is built on facts. The most basic thing is, has the protocol been audited? Who are the auditors? Are they reputable? And then we look at the vertical code quality, the protocol maturity. Of course, if it's younger, it's more risky. Our grade is not opaque, so it's not like, 'Oh it's an A and that's it.' It's like, 'It's an A and here is all the metrics we've looked at.' So, you're able to understand, for someone who wants to understand high level the type of risk, 'I'm getting X percent yield but it's a D versus I'm getting Z percent yield but it's an A.' And make those types of trade-offs.
If you want to understand why it's an F, because, well, its design is exactly like a UST Luna type of what we call that spiral risk. And there is a lot of that today going on which encompasses a lot of the three billion at risk that I mentioned.
Many want to elaborate a bit on the framework as well?
Yeah, I mean, we look at risk from a very financial theory perspective, like really the best way to look at risk. And things that we don't mess with is for example, there is composability in DeFi, like contracts feed on each other. And so before Exponential.fi, you would see scorecards with just ticking boxes and saying, 'Okay, you fare 95 but those five percent can take the whole contract down.' So what we do is like we look into, almost like actuaries, we look at probabilities of these facts or criteria, like the fact that there is not enough decentralization for example. From the team or the team has still a multisig of three to five being able to drain the funds for example. We take that and we assign a probability of risk and then we do something that is actually super important with everything related to risk is that we compound the risk.
So if you have a risk typically on a smart contract on a pool for example that makes a Yearn pool ETH, well you have the risk of the wrapped ETH, you have the risk related to Lido, Lido has its own protocol design and risk. So we are going to look at the Yearn, the Curve, the Lido risks and we are going to compound all of them. And so that gives you a better sense of the probability of having a problem with that smart contract or that pool.
And so we really went back to the fundamentals of finance, the fundamentals of risk theory and we assign all these risks like actuaries. So that it helps you define whether you are in a safe place, in a battle-tested smart contract like A or we are trying something new and there are risks that we have identified that are obvious, that we have seen somewhere else like with frax for example, that has a certain level of like a death spiral risk really a little bit like the UST of Terra Luna.
And so those are the cases where we try to give you like a quick sense of where the problem is.
How are people using the grades, right? So, I go somewhere and I see 'Oh this is a C.' What do I do with that information? It's one thing to have the information but like what am I changing in my behavior? What am I doing differently?
So, a grade cannot tell you when something will fail or if it will fail. It's relative, all it tells you is that it's more risky than a B, and a B is more... So everything is relative and so an A has good design, fundamentally good code, audited etc. But it's not going to be able to predict everything but what it really isn't necessarily risk-free and that isn't guaranteed to fail.
Understanding The Grading System & Finding The Right One For You
That's right, but it is a relative comparison in terms of the risk based on the information that you guys have.
That's right exactly, but what it allows you to do which is very useful, is find the right investment opportunity for you. So with DeFi, it's super open. It's amazing and it removes some of the issues we've seen with CeFi right, uh recently in particular, and uh both you need the right framework to make the right decision for you.
So I'm getting 10% yield, then it's an A, or I'm getting 40% yield, then it's an F. I can make that decision because I'm able to understand sometimes like you may be getting low yield like a 3% yield but it's actually a D.
Um this all came about, it's a funny story actually when we built decided to build this before building the ability to actually invest which is ultimately what we want to do. We are sitting doing one of our research sessions with a prospective user actually a next colleague of mine and he was looking at the screen at super early prototype and he looks at he was like looking perplexed and it's like that's an F and I'm like yeah. He was like why is it an F like because it has what we call our reflexivity which is that spiral similar to to USD and Luna and he started kind of getting word and he's like in my head that was an a. I have seven figures in that liquidity pool and he literally he was running away from the office to go exit that position and we had an aha moment we're like this is what it's about. We need to tell people what like what type of risk what's going on with DeFi and so on and so forth.
So what's interesting to me here is uh in light of um all of the I'll call it like long tail crypto stuff that's blown up right we've seen whether it's decentralized I'll put that in air quotes platforms ended up not being decentralized there's these debt spirals all that stuff to then even centralized platforms. One of the big questions is like would disclosures have changed uh the way that people react right or interact with these platforms um and so you can see a world where uh in the traditional Financial them there's disclosures people make disclosures and then people still decide to buy things that maybe in hindsight they shouldn't have bought or things that they thought were valued at X and ended up being at x minus you know 80 or whatever.
Would Disclosures Have Changed Recent Crashes?
Yeah, so how do you all think about like disclosures and what benefit that could bring to an industry like this versus what I'll call like the grading system which is uh a reputable firm that's actually going in and doing the grading is the are those the same thing at the end of the day or do they give two different data points for people to use in the ecosystem?
I think both are needed so if you need a grading system to know very quickly as a user or an investor what do you want to do is this interesting to you and so that's a quick way to help you in the decision-making process once you have decided that this is of interest a pool or investment opportunity you are looking into understanding it more. And so in the due diligence process you need that ability to look into transparent information.
And so what we do is like we are going to look into we use our risk framework it's holistic it's trying to capture as many risks as possible anything that we can imagine and then we go into these facts one by one and say all right what's the level of uh decentralization is there some reflexivity in this contract is there like a dependency that we didn't think of and we bring all of that information which is like pretty heavy and complicated and complex but we do as much as possible a job to simplify that in in a way that is easy to understand for anyone who would be like a knowledgeable investor and be able to look into these risks one by one and read through it that's what we have on the pool page we have the whole risk framework for every pool.
Now that there is disclosures that no one can understand aren't helpful if it's all legal speak that like it may not be that that's that's there for for like uh form uh what we care about is providing information and disclosures that users can act on and understand at a deep level so the grade is here to as a warning oh it's an F it's red or it's a d and then you go into it and you can read facts you know in an easy to understand interface with words like the sparkle has been audited or this protocol has not been audited this protocol is less than a year old therefore it increases risks I'm going to the most based one it can be like there there's some more complex ones obviously uh there but that's what we're about about a framework that makes disclosures uh understandable and decision making better because that's what's needed we believe in DeFi it's an amazing ecosystem but it needs some like table Stakes things uh to help people uh like make the most of it effectively.
Yeah, what is the biggest risk that is as like pervasive as you guys uh can see that most people don't understand so yes it's less than a year old okay people understand that and they basically can just look hey when was it started right yeah uh but what is the thing that you're like is most like the most mispriced in uh in the industry right I think it's the date's parallel risk it's the reflective explain this in more detail what is a debt spiral risk.
So for example in the case of uh the Terra Luna UST when UST depegs you have to sell more Luna which decreases the price of Luna and decreases the chance for the change to sustain itself so you end up with a circle where all of a sudden UST is less trustworthy you also have a dead spiral risk sometimes when you end up having a company in CeFi that has more liabilities than assets like it happened with FTX for example you start to have a dead spiral because you don't have that yet before before the run the bank run.
The Debt Spiral Is The Biggest Risk Right Now - Explained
So what happens is that you have more people getting out which increases the risk that you will be left naked at the end and so you have to get out and so these debts parallel risks are risks that are not apparent that you can't see them before you do an in-depth analysis to look into how things connect to each other so what we built for example that is very unique with exponential IFI is we built what what we call the the defy graph the DeFi graph is basically mapping all the smart contracts one to each other like we we basically have to look into all right yearn is using curve curve is using Lido and so on and like or we have a wbtc which is based on uh bitco doing the custody and backing it one to one so when there is a problem somewhere let's say wbtc you can see all the pro all the pools that will be affected and so that's also important when you look at this system how do can you just look at how it's structured or do you have to go actually look at the code like if you were to read a white paper for example could you identify oh this has debt spiral risk or do you have to actually read the code to understand so the death spiral risk is not in the code the death spiral risk is all almost like metaco it's like what connects to each other and it it requires like looking into the typical Financial uh risks uh that risk departments in finance and Wall Street I used to which is like saying all right if I lend to three Arrow capital and three hour capital is doing High leverage well log file block file lending to three Arrow capital is actually taking some of the risk of three Arrow capital's leverage and so that means that we just need to look into the connections the dependencies and what happens behind that dependency that code that connection and so it means that we almost have to to be aware of the risks everywhere that they exist not just the risk of the pool or the smart contract the first one we have to look into the second third order effect.
I would I would just add to put it in in simple words don't pack things with vaporware or or basically a token you've created backing things with uh reliable tokens is is key so that there would be a red flag or an important race uh the level of collateralization is also important so if something is under collateralized we would flag it in the framework and then third one is hacks obviously if if the protocol has been hacked multiple times it's a reflection on their on their code quality and therefore a high risk so those those would be other important risks you look at.
Seeing Wallets Can Help With Transparency - Rate My Wallet
Yeah, how important or how advantageous is it that when you're looking at the dependencies the chain reactions that you can actually identify Wallets on chain and understand okay this is your wallet here's what's in that wallet that's something that nutritional Finance you can't look in people's bank accounts and so does this like added layer of I think some people would argue transparency others would argue auditability does that help you get a better handle on what the risk is or could it actually be confusing and like having too much information actually makes it more difficult.
Um it's actually helpful helpful to us and the user more importantly because that the way we've built our framework or our first feature is called rate my wallet you can enter your wallet it tells you what's abcdf in your wallet effectively very useful because it allows you to so for the user that transparency all about transfer enables them to instantly figure out uh what what they got into um and maybe maybe want to yeah.
Yeah I would say like it's it's very useful for everyone to know what's the position of everyone basically uh that helps a lot with what we do in terms of like uh building the default graph would not be possible with Wall Street because of the opacity of the system and that creates all these like Cycles where we leverage too much then like there is like a downturn uh when we're bullish we go leverage and like all of that cycle doesn't need to to exist with DeFi um yeah rate my wallet basically looks at the assets that are in someone's wallet and tells them you know high risk low risk here's your grade exactly what's I I think that out of everything you guys have said so far the part that uh will surprise people the most is that 90 of smart contracts you all think will be compromised at some point in this DeFi world uh is that a death sentence for defy like 90 could be compromised does that mean like hey the system doesn't work or is it no we understand that people should be aware of the risks but like this will still persist how do you think about it.
Is DeFi Compromised?!
No so we are at the very beginning of DeFi and what we see is that we are building the infrastructure of the internet of money so what it means that like once we have for example a smart contract like uni swap that create does a job that is real which is like you are able to swap one asset by another and that's like a job that exists in in normal Finance Market making uh that we have now a smart contract do for you that job is needed and being able to do it in a decentralized fashion is phenomenal into it's mind-blowing so it is like a real job behind this what what you need is like you need a little bit of time to test the contract you need to have V2 today has been used with billions of assets and billions of dollars of swaps um it has been around for more than two years it kind of start to be battle tested that infrastructure that becomes infrastructure of the internet that becomes real what we should call protocols we should not call protocols everything we should call protocols things that are like in the internet you have TCP SMTP HTTP all of these are actually real protocol that you can rely on and that build a internet that is decentralized that is like censorship resistant and that is coming as well to DeFi probably the case with uni swap V2 a code uh a little bit probably less the case on like Urban compound that's definitely better on IBM compound than many other lending protocols and so what you have is like you have like all these new jobs that are becoming decentralized that don't require humans human intervention anymore that are being done jobs that are being done by blockchains by basically machines and that's something that's actually revolutionary all you need is to be able to bring liquidity real assets behind it and that helps you create a yield so all of this like is an ecosystem that is very innocent it is normal in that process that 90 of smart contracts would have an issue but what we see is that this is a anti-fragile system aware ecosystem that is basically learning as as it fails and once we have looked into reflex activity once we have looked into a smart contract that was not a hundred percent plus collateralized with like strong assets we know that these are problems and exponential FIS mission for us we we come with the idea that we have to make the learning stick like we have to crystallize that bringing it to the risk framework and so staying aware of all these problems so that like anyone can see them one important Nuance to um because 90 is is a large number and or and and it is about the level at which it's it's compromised within that you're gonna have what does that mean that means you can have small things and you have you're going to have major things like USC and Luna so that's what it means that means that number there are a lot of issues that occur there are small bugs that will get fixed that still are considered issues and should be captured and and so on and so forth so that that's in a nascent ecosystem or in fact in any like new product development that's typically how it works where you you you you learn over time and make progress and you have like different types of issues some are minor some are major what we're trying to do with the framework is outline the likelihood of hitting these tips these types of issue if you invest in a c for example it's like kind of middle middle right there that means that it will give you a better yield most likely uh but it comes with some risks meaning the likelihood of having some of these issues or vulnerabilities will happen so that could be a minor hack for example that doesn't have a a major Financial issue but that the protocol will resolve learn from and then move to a new version that will be stronger over time and so on and so forth if it's a deal or not F in then the likelihood like what we flagged is things that can make you lose all your money which are which are a lot bigger but effectively eventually the system will converge into stability and we'll see more A's and B's in our framework but it will take a little bit of time yeah and one important distinction there um 90 is about smart contracts by numbers we're not talking about locked value or lost value right now for example we're looking into three billion that could be that are at a high risk and contracts so you think three billion dollars of assets of a market that is I don't know half a half a trillion or so could be at risk given some of these uh potentially uh compromisable smart contracts yeah less than that we basically did not learn our lesson and and that's something that we that's where you see an F or a d and we tell you like you should probably get out today
$3 Trillion At Risk?!
Do you guys ever say that like would you ever tell people like hey you should get out of this or does that cross the line into like now you're giving Financial advice and so you you can only arm people with as much information and like Risk disclosures or transparency as possible the latter so our our entire framework is about providing the information for the user to make their own decision it's educational it's there for clarity and transparency but we we can't tell someone get out or get in that's not that's not for us to say if someone wants to take risks that's their decision but what we can do is provide them as much information as possible so they can make the the best possible decision for them so the most important part is to know what's the why yeah why yeah and then so so uh
Telling People To Get Out When At Risk? Or Is That Financial Advice?
One of the things I've always been interested in um is like these smart systems or these automated systems so forget for a second is it using a blockchain technology is it using some other technology or what like almost the the engineers and smart people will figure that out but like from a theoretical standpoint the ability for machines to transfer value between machines obviously if you use two-day settlement times of dollars in the traditional Financial system that's not going to work right and so whether it's stable coins Bitcoin something else whatever this like automatic transfer of value in a uh uh a very simple low-cost instantaneous manner between machines okay that that makes it uh sense the second thing then is like taking regulations or laws and coding them actually into these systems so if I'm an accredited investor or you're not I have a reg d uh security I can't transfer it to you within some time frame that would break the rules so the system doesn't allow me to do that
Automatic Transfers Of Value - Can Risk Gradings Be Coded In To Each Contracts
Is there a world where you all see the risk ratings that you all are creating can almost be interjected integrated coded into these automated systems and people could set parameters and say like hey uh I'm going to go operate in this world but I don't want to touch or be dependent on anything that has a d or F rating and so in some way you almost uh back into like enforceable rules not just around the risk rating but it's the end user who's deciding what that parameter ends up being.
Yeah absolutely that's that's something uh that that we'd be very excited about but that's the user's decision again all we can do is provide them with a tool they can decide what they can invest in but yes in the future we could build a feature that says uh invest uh in an eat BTC pool that's only rated A and B for example based on your framework and then obviously they would need to understand what a and b means which is on our site because it's again it's not a black box you can like understand specifically why it's going on and we think this is quite powerful because it allows people to invest to get the yield that they want with the level of the risk that matches their their risk profile and and that's that's quite powerful we when we first started this thing we're like okay let's just simplify investing that's how that's how that was our first goal right and then as we start working on it it's like well you can't do that we can't do that if if if if if someone is going to invest in in a in an F what we call an app or something super risky on our platform it's it's just not uh something that we stand for so before building the ability to invest we're like all right uh there is no great risk framework for DeFi it's an amazing ecosystem let's build that and let's help the ecosystem so we're having this very productive discussions with protocols where we're together we're like okay like let's make things better like how based on the framework like okay this is this is rated C why uh uh what's the how can we do better type of jail and then we get feedback back while your framework has a flaw there like whoa fix it at this metric great sounds great and so so this whole discussion around risk is needed to like make the ecosystem uh grow in the long term and so we started there and then eventually yeah we want um the the investing in defies is super hard today like you got to deal with self-custody you'll deal with bridging uh you got to deal with uh figuring out which smart contract to invest in uh tons of research so it's hard right and it's reserved for a small amount of people that have the time to do that what we want to do is like one click you go just like on on on on on on in traditional finance and you can invest in any pool across any chain in DeFi that's that's what we're building right but before allowing that we want the ability for users to say okay I'm investing in a c i want to take a little bit more risk cool here why is it a c or is why cool I understand it Go and uh that's We Believe also it's aligned um with what Regulators would want because we're disclosing uh what's going on in in the instrument before uh before an investor essentially uh and like puts money in it how does regulation play into all of this there's a lot of people specific critics I think that have kind of seen the last you know year play out or so and they're like oh that's because there's no regulation now people will debate whether there's regulation is it good enough whatever but like how do you all see that evolving over time and does that help or hurt uh kind of a value proposition of what you all are building yeah so uh we think that um ultimately our goals are aligned with uh uh with The Regulators goals that's how we're designing the platform so our our philosophy is help the user make great decision provide them with the right information uh don't mess with users fund
Regulations - Is It Needed?
Everything is backed one to one so we have a lot of like key principles that would be aligned uh with that so there there needs to be a level of framework created by Regulators I think it'll happen over time and I think we'll adapt to it as it comes but what we're trying to do is get ahead of it uh and uh and build things the right way so that um so that it benefits the ecosystem in in the long run and ideally regulations will uh will eventually follow and uh and have have essentially uh supports the the ecosystem uh uh by putting the right uh guard rails but without constraining it either that would be the dream essentially and I think you'll move in that direction eventually yeah
Interest In DeFi Has Peaked? Investing In The Future
When we think about this industry in general even though things have blown up there's this perceived risk that you all are highlighting is it still growing or has it plateaued in terms of growth like how do you all think about uh where we are today and where maybe it's going from like a growth standpoint I mean in terms of numbers uh you you have like uh care metrics that show that it plateaued uh for and it's probably going to Plateau for the bull cycle the the bear Market uh that's that's how we look at it but it's not necessarily in terms of like decreased amount oh it's you have less leverage in the system that's good and that that means like there is less job of lending and borrowing the other job that you have is automated Market making which is like the job of trading you can like coinbase uh exchanges uh they show that like uh the volumes decreased and so this similarly you would see that in terms of automated Market making so with these two jobs lending and borrowing and Market making you probably like have um like headwinds however we also see like a lot of new protocols we'll also see a lot of more uh composability in DeFi and there are like there are a lot and also like um there is more and more people getting into the the this ecosystem every day and so um I think it's just a question of time fundamentally Defy is here uh like has really good reasons to to be there we we need a more uh transparent system we need a more decentralized system and so we are making a bet on the future but I think everybody every hodler is making a bet on the future of crypto look it's winter so let's not sure go ahead uh and um uh and DeFi has has taken the hit as well but if you look at what's happening is unsustainable plays are going away sustainable plays are surviving where are the sustainable plays in defy and and and particularly the protocols are designed right that would be rated aob for example and and so that is very promising for the ecosystem because it means that the way it's built the trustless manner everything collateralized for good protocols and so on and so forth is uh Will Survive a major crisis like uh as bad as as it gets and so um it is uh currently winter but as the ecosystem uh or overall heals uh money will flow back into DeFi the right way and that that's that that's our that's our goal here um and um yeah how does Bitcoin fit into all of this right um many people myself included would argue Bitcoin is decentralized Bitcoin has uh the lightning Network there's all kinds of uh experimentation Innovation happening on side chains and and various other types of uh things that people are trying to build is it defy and Bitcoin are separate are they related to each other in some way do they coexist in the future is it a zero-sum game like how do you all think about these two things which I think get talked about in silos usually but like is there a relationship or a competition like how do you think about it.
Bitcoin & It’s Role In DeFi
I'll make a quick comment and then um so um metaphorically speaking if Bitcoin is your apartment if I gives you your rent so they're very complementary actually it the beauty of DeFi is it allows you to access yield that was previously reserved for banks and so you can take your assets including Bitcoin and put them to work on DeFi by lending them or doing Market making and generating yield so the two are are very complementary they feed off each other effectively and Medi um you know you yeah I think that there are like two big stories it's almost like having two revolutions at the same time and trying to mix both of them with the same words they're both Finance but it's very different Finance Bitcoin is about revolutionizing the Central Bank like changing money separating the States from money and that's like a very big undertaking it's phenomenal it's going to bring a lot to humanity and uh I'm very bullish on that um DeFi is something different it's about intimidation it's about disrupting intermediation replacing uh humans by blockchains about code and providing a system that is more open more transparent and without counterparty risk as much as possible and so that in itself is a different Revolution a it's very important for Humanity and is going to bring a lot for everyone the reason it's also so good a revolution you see like you have robotics you have ai and let's say you have blockchain and Robotics is probably going to be a few companies creating the best robots same thing is going to happen with AI it's like going to be like a few coders who have all all the benefits of that in DeFi it's all flipped and anyone can actually participate in that so it is actually also something that's very important in terms of uh Pro there is the opportunity to give access to everyone to defy and so that's why it became such an important mission for us to make to Level Playing Field to make it easy for people to get access to the information understand risk or have a good way to to to assess it and be able to have access to to defy talk a little bit about your backgrounds right I invested in the company and I think that uh I invested at the best time which was like you guys had a couple of ideas of things to go work on but I was like oh here's two smart guys who um are gonna go and try to figure it out right and you've tried some things you've tried other things and you kind of continue uh to get to a point that you are now which I think is like very clear hey we underwrite the risk uh and we're able to transparently explain that to people I think a lot of people are shocked frankly by some of the things you all have uncovered but what are your personal backgrounds and and why are you so interested in coming and building these types of companies in in this space.
Background & How It Got Started - Bridging Web2 & Web3
Yeah so there are three we're three co-founders uh and uh so Medi comes uh from uh traditional Finance background but uh this whole thing started as it was helping his friends and family invest in crypto and then move to defy and he was like sitting on my couch and looking perplexed and and I'm like what you up to is like I'm trying to invest in DeFi for for one of my like uh LPS quote unquote which was a family or a friend there and and he was doing a bridge and uh super nervous because he was a large amount and I'm like okay show me what it's all about that sounds a lot more interesting that's what's going on and and and and that that kind of that's the Genesis of exponential right there I was like oh my God we got to productize that that's incredible your Market making on my couch I was like okay your Market's making on my couch that's super cool let's do it and then so that was the beginning so midi brings in the the finance and crypto expertise um uh Greg our other co-founder uh and CTO is uh X Amazon uh led the the acquisition for a company into Amazon uh deep fintech background um and so on and so forth and myself uh product uh and looked after everything fintech at uh at Uber for a while so we have kind of very complimentary backgrounds between technical product management crypto and defy in in the team at the founding level and then when we started hiring we're like who should we hire right so uh and so uh one uh one one one of our investors says you should sprinkle in some degens that was the the term and I was like no uh we are a bridge between web 2 and web 3 effectively that's what we're building and so we're we're about our entire team is in Shirley hybrid we bring the best of web 2 people who comes from fintech who understand like that side of the world and we bring people who are like super djans into web3 as well as part of the core team and you see it every day there is like some heated debates now we should do it this way no we should do it that way to have a deal and and that's what and essentially enables you to build a bridge or an access Gateway because we have those type of debates and that type of like mixed skill set in in the team that creates very interesting conversations yeah why are people leaving their jobs now like it makes a lot of sense in the bull market yeah right people like oh I'm gonna go and I'm gonna make money or it's exciting or I'm reading in the news all the time my family's talking about it like this is like the thing I should go do in a bear Market it's almost the exact opposite like everyone's like this is dying it's going away whatever why do you see people quitting jobs and traditional Finance or Tech or wherever and joining now I think it comes down to whether you see the light it's um Defy is definitely the future there is like a lot that is there in terms of like transparency in terms of like building the Lego blocks of Finance from start and building it the right way everything should be asset collateralized at a more than 100 percent everything should be uh if there is risk you could you should be able to see it and so um basically like it comes down to people who believe in it and that's something actually like one of the criteria that we have uh is is definitely going to be uh able to understand what DeFi means and what's it is about to become
Convincing People To Work In DeFi In A Bear Market
it's like each types of candidates if they come from traditional uh fintech or or just uh web in general um the do you introduce them to crypto and DeFi actually so typically there are different levels effectively what we do is uh uh first thing we do before after our first call is we send them like uh there is like a PDF that has everything about DeFi as well as links to code bases to go look at and play around with uh to understand uh DeFi better and use is simple you get one of two reactions about a week or two later it's either okay it's not for me or oh my God or have I been this entire time what's up like so so and so and and you get like about like maybe 20 of the people in that second category but those those are the people you want who will like realize the power of decentralization the power of like how the ecosystem is built to provide opportunities to to to everyone uh how um yield uh and people don't underestimate the power of compounding like if you give yield to uh an average investor uh with compounding they will build their wealth over time and then now they can access real yield in DeFi that's that's very powerful if they do it the right way and uh and when people dig into uh that and get excited about it then we're like okay they're they're ready for a conversion obviously if they're already into Define crypto that that's a different type of hire as well yeah
Popular Protocols With F Ratings?!
Is there a specific product protocol smart contract that is very popular like has gotten an F yes like what like what is like the most uh uh mispriced uh one in terms of like tons of people use it but you guys are like holy [ __ ] this is a huge problem so issue the warning it's it's a um it's it's moving like so for us frax was a problem it was basically the same architecture uh as Luna with higher qualitization ratios but for us anything that is related to assets that are a little bit porous is a problem and so USD was porous uh what does that mean porous meaning that behind the UST you don't have a dollar you actually have five cents of a dollar so if you have a 95 cents on a dollar then you create a risk of reflexivity of that spiral why because when there is a bank run the first ones are selling their USD for dollars and so that 95 ratio becomes 90 and it goes down and down and down so the last ones have zero and so that's the kind of risk that we don't like so frax is actually doing a lot in terms of like building more of these barriers to sustain the one dollar pack and so we have to look into it every three months because they do adapt to the market and change things so we have a review of frax that's coming uh this month another thing that we don't feel comfortable with and we think that it's actually like the opposite of DeFi is and collateralized lending if you have n collateralized Lending then the only way to sustain that is probably going to have a level of centralization and when we look at centralization we don't like it like because the uncoateralized lending basically the only way to do it is to have decentralization and that's where you all see a lot of risk
Uncollateralized Lending
Yeah so if you have in collateralized lending you have credit risk or counterparty risk counterparty risk is the opposite of what DeFi is built for DeFi is built so that every Lego block is something that you can trust because it's fully backed if you have uncollateralized lending it means that you have to trust the the the borrower to pay you back but they have actually bad incentives to pay you back so what these and collateralized lending protocols do is that they build all these incentives for the uncoateralized lender borrower to pay you back but then what is going to happen when you have to move from metaverse to meet space what does as as like the liquidity provider you are going through a smart contract let's say this is a decentralized autonomous organization that is lending to someone who's actually outside the chain who actually has a credit a good credit but then what happens when they don't pay back are you going to go to the judicial system to force the execution of a contract that was half on chain uh how are you going to actually get all that money back um so there are a lot of you know there is a lot of innovation there and we don't want to go against Innovation but this is like highly risky it sounds opposite to the philosophy of DeFi it has level of centralization that we think are real flags and most likely we think we are going to have a lot of pain there and so we're tracking that we're saying that this is going to be painful uh but we don't want to close on Innovation either yeah it's um it's fascinating to think about uh you all have these risks identified you're able to grade them and still lots of people are using these products and almost don't care to some degree like like is there an element of like no the most risky thing is where the most return potentially is so like I want to go invest in all the F's like that would be insane to me but maybe I'm just uh I'm too risk-averse I don't know so um you guys are laughing so like it seems like maybe yeah like it's a debate we're having all the time internally that's what I'm laughing but so um the worst thing that can happen is you invest in an f and you don't know it that's what we're trying to avoid and so so first step is you know what you're getting into and as long as that's happening there is transparency uh and the user know what's up now when we allow investing where do we draw the line for exponential RFI our platform and so uh we we're still debating but we think we'll draw the line probably at C you can invest in ABC and stay away from dnfs because if you want to do it at your own risk with metamask and so on and so forth uh that that decision has not been finalized but that's what we're throwing around internally so number one priority let the user know what's up number two Priority One Year building an investment platform then then build it in a way that that like helps uh people help themselves and and invest in in things that are reasonable effectively yeah uh oh yeah got it the um as you look forward what are you most excited about that you all are building is it the continuation and like getting better and more accurate and under writing the risks or is it something else the risk is a means to an end I was like uh okay we want to allow people to access yield we can't do it if they can make the right decision so we have to build that if there was a third party that did it well we would have used them they wasn't we built it uh so ultimately we want um to be the Gateway into DeFi we want people to Access Financial Freedom through yield because compounding is super powerful we all know that and so if you can take uh choose your investment strategy whatever it is like I want a third cash a third Bitcoin a third ethereum for example that's your strategy instead of letting it sit and do nothing you take uh you take that put it on defy and get healed on your core assets effectively that's what we're about we're about creating the access gateway to yield in a way that's simple compliant secure uh uh where where things are completely back to back like we don't mess with customers funds uh things are if you invest in a pool um you your your funds are effectively secured in that pool and that's it there is no leverage or or so on and so forth we invest heavily in security uh like like basically a lot of our things are multi-sig like for example uh to change or risk rating it's multi-stage single person cannot do it so we need to like we we have a review process where multiple people need to debate and agree to to that uh so that it it so that no single person can go and say oh this is an a now and let's draw it so so there's a lot of like core principles that we're putting into this so that people access this incredible ecosystem the right way that that's what we're about it's like and we try to do it we debated a million ways to like figure out how to best communicate that and we find great is easy with a color coding and then uh
Avoiding Investing In An F Rating
Greg make with a transparency where you go and like can look into everything that's going into it but yeah that makes sense at the end of the the day all we do is like bring a user-centered approach to defy investing yeah and so we start we like looking at DeFi is an amazing opportunity and yield in DeFi is the killer app so we want to give access there is an issue of accessibility that we want to fix so in order to do that we had to first start to look at all the processes the in the decision making process that you are going to take as an investor before you click invest in a pool so it means that first you need to be able to discover the pools see and there was like no Central marketplace where you can see all the investment opportunities that are available and then once you have the like the holistic view you have to understand a lot about what are the jobs being done what does it mean that this protocol is there is it reliable and things like that so we went into uh an educational part which is related to the risk as well like before investing you should think about risk and so we brought all of these together be in order to build what is the end product for us which is a one-click invest into DeFi pools once we do that we are going to be able to basically have level the playing field for investors to have access to these amazing new job opportunity jobs that are built in DeFi from like lending and borrowing Market making staking which is like basically validating mining uh transactions on chain and all these other jobs that are coming on stream on chain and so once we do that we are going to be able to look into the other things that DeFi proposes like for example options or being able to actually not invest but borrow all of these things we can make even easier through Exponential.fi. Yeah, it makes a lot of sense. Where can we send people to find out more about the business about the risks, or well the business in general that you all are building and then obviously also get their assets rated? Exponential.fi is where they can find the Rate My Wallet as well, right? Rate My Wallet is available. We also have a lot of information, educational data. You have the best risk-reward pools, you can follow pools and get alerts when the yield or the risk changes, for example. You can compare pools across chains by TDL, by rating, by a bunch of things. So there's a lot of tools that we've built to help people make the right decision. We also send a weekly Roundup email which is useful for people who want to follow what's going on, where things that are trending, where risk is changing and so on and so forth.
Where To Find Out More
Awesome, and then where can they find you all on the internet, on Twitter?
On Twitter, our handle is @ExponentialDeFi and myself it's @elmidou, so it's my full name. But I would follow @ExponentialDeFi.
All right, well listen, I appreciate you guys coming on. I think this is a little bit of a wake-up call, right to some people. It's like, hey, look, I don't understand what the risks are, let me go and use some of these products to better understand what that risk could be and maybe you're using things that have no risk or very little risk and then you may be using things that have an incredible amount of risk and if you don't understand, using something like this to identify that I think is obviously very important. So I hope people go check that out and then we'll definitely do this again in the future as you guys continue to build out the product.
Awesome, sounds great, thank you for having us and yeah, to better decision making. We're super excited about DeFi and what we're going to do is make that accessible and make sure people get that awesome yield, so yeah. Awesome guys, alright thank you.
Alright, thanks.