Security vulnerabilities in DeFi protocols arise not only from coding flaws or hacks but also from external economic factors like market volatility, governance manipulation, and liquidity crises. While traditional technical audits concentrate on ensuring the code performs as intended, they often overlook the influence of external economic conditions, such as market stress or manipulation, on a protocol’s stability.

Technical audits aim to verify that the code runs as expected and is free from exploitable bugs. However, their scope is usually confined to analyzing the protocol itself, without considering broader economic environments or how interdependencies between protocols might introduce additional risks.

What Is an Economic Audit?

Economic audits extend beyond the technical scope of verifying code integrity. While technical audits focus on detecting bugs or vulnerabilities in the code, economic audits simulate real-world market conditions and conduct stress tests to assess a protocol’s resilience under various economic scenarios.

Economic audits emphasize understanding the internal economic dynamics of DeFi protocols and how external factors—such as market fluctuations, liquidity crises, and governance manipulation—can exploit vulnerabilities.

Key aspects of economic audits include simulating scenarios like extreme price swings, liquidity shifts, and changes in user behaviour. They also scrutinize governance structures, as poorly designed systems may allow malicious actors to gain control, as evidenced in incidents like the Beanstalk hack.

Additionally, economic audits examine incentive structures to ensure they promote healthy participation and deter malicious actions. Poorly designed incentives may lead to exploitation or destabilization. Economic audits also consider the ripple effects of attacks on individual protocols within the interconnected DeFi ecosystem, where failures can cascade and cause widespread disruptions.

These audits evaluate how a single attack might trigger a chain reaction, similar to how financial crises spread in traditional markets. Given DeFi’s interconnected nature, such cascading failures pose significant risks, with one protocol’s collapse potentially impacting liquidity, pricing, and governance across others.

Finally, economic audits assess whether a protocol’s risk parameters are well-calibrated to handle stress and manipulation. They provide a comprehensive security framework, identifying vulnerabilities that technical audits alone cannot uncover, to better safeguard the DeFi ecosystem.

Technical Audits vs. Economic Audits

Both technical and economic audits are essential, but they serve distinct purposes and cannot replace one another.

Atomic Operations vs. Complex, External-Dependent Operations

• Technical Audits: Focus on ensuring that code executes atomic operations—where tasks either fully complete or fail—minimizing risks associated with partial execution errors. These audits review specific code logic to verify that it works as intended and is free from bugs or vulnerabilities.
• Economic Audits: Address broader concerns beyond code execution, focusing on external economic factors such as liquidity, market prices, and governance decisions. By simulating these conditions, economic audits evaluate how these factors might exploit vulnerabilities or create risks for the protocol.

Code-Level Bugs vs. Broader Exploitability

• Technical Audits: Primarily identify code-level bugs that attackers might exploit, such as unsecured functions that could allow unauthorized access to funds or manipulation of key parameters.
• Economic Audits: Examine how economic conditions—like governance loopholes or market manipulation—could expose protocols to attacks. Poorly designed governance systems, for instance, might enable hostile takeovers or price manipulation, causing severe disruptions.

Internal vs. External Scope

• Technical Audits: Confined to review the protocol’s internal operations and codebase, focusing on fixing technical flaws and ensuring functionality.
• Economic Audits: Cover a wider scope, analyzing how protocols interact with the broader DeFi ecosystem, including liquidity, token dependencies, governance structures, and market conditions. This broader focus ensures a deeper understanding of risks within dynamic and interconnected ecosystems.

Real-World Vulnerabilities vs. Code-Level Security

• Technical Audits: Ensure the absence of specific bugs, like reentrancy issues or arithmetic errors, making the code secure in controlled environments.
• Economic Audits: Simulate real-world scenarios where external pressures—such as price manipulation or governance attacks—could expose vulnerabilities. These tests ensure the protocol remains robust even under such challenges.

Audit Scope Differences

• Technical Audits: Generally limited to internal operations and the codebase of the protocol. These audits focus on reviewing smart contracts to ensure they work as intended and contain no errors or logical flaws.
• Economic Audits: Cover a broader scope, taking into account external factors like market dependencies, governance structures, and liquidity stresses. Economic audits evaluate how the protocol interacts with the wider DeFi ecosystem and assess its resilience to economic pressures.

Technical and economic audits complement each other and are indispensable for building a comprehensive security assurance system.

Critical Vulnerabilities Uncovered by Economic Audits：Technical audits cannot address vulnerabilities caused by external economic factors, dependencies, and interactions with other protocols. These issues require economic audits for identification and mitigation.

Token Dependencies and Cascading Effects

Token dependencies pose a significant risk in DeFi, where tokens from different protocols often depend on each other. A sharp decline in one token’s value can trigger a chain reaction affecting multiple platforms.

• Technical Audits: Typically do not account for how external economic conditions, such as market downturns or attacks on related protocols, could cause cascading failures involving a protocol’s token.
• Economic Audits: Simulate such scenarios to evaluate the protocol’s resilience. For example, during the Terra Luna collapse, the de-pegging of its stablecoin led to widespread disruptions across the DeFi ecosystem.

Oracle Dependencies and Price Manipulation

Many DeFi protocols rely on oracles to obtain external data, such as token prices or interest rates. However, this reliance introduces a common vulnerability: if an oracle is compromised, or if the data it provides is inaccurate or manipulated, the protocol could face significant risks.

• Price Manipulation Attacks: A typical form of economic attack where attackers manipulate the token prices reported by oracles to profit, such as through arbitrage opportunities or forced liquidations.
• Technical Audits: Generally focus on ensuring the code interacts correctly with the oracle but do not assess the risk of price manipulation at the oracle level, which can have devastating effects on the protocol.

Governance Attacks

Governance vulnerabilities are another major risk in DeFi protocols, especially in systems where voting power is tied to token holdings. Attackers can exploit governance mechanisms to take over a protocol, propose malicious actions, or steal funds, as demonstrated in the Beanstalk exploit. In this incident, the attacker temporarily borrowed a large number of tokens through a flash loan, controlled 79% of the voting power, passed a malicious proposal, and stole $181 million.

• Technical Audits: Typically overlook governance structures and focus on smart contract code.
• Economic Audits: Analyze potential vulnerabilities in governance systems, particularly risks stemming from temporary increases in voting power through methods like flash loans, which are often undetectable by technical audits.

Liquidity Crises and Protocol Resilience

Liquidity crises are a major challenge for DeFi protocols. Sudden drops in liquidity can cause price slippage, forced liquidations, or collateral shortages, potentially spiralling into a system-wide collapse. Such crises can result from market downturns, token volatility, or large-scale withdrawals.

• Technical Audits: Ensure that contracts work correctly in normal conditions but rarely simulate scenarios involving liquidity shortages, where vulnerabilities might emerge.
• Economic Audits: Simulate high-stress conditions, such as liquidity crunches, to evaluate a protocol’s ability to withstand such scenarios and recover effectively.

Typical Cases of Economic Attacks

These cases detail how attackers exploit economic weaknesses in the design and structure of DeFi protocols rather than technical vulnerabilities.

Case 1: Mango Market Attack

Date: October 2022

Attack Method: Price Manipulation

Loss Amount: $116 million

In this attack, the attacker manipulated the price of Mango tokens ($MNGO), creating price discrepancies across multiple exchanges, which triggered massive liquidations and ultimately drained the protocol’s funds.

Attack Process:

* Initial Setup: The attacker used two wallets, each holding $5 million in USDC, to initiate the attack. Wallet 1 placed a large sell order for $483 million worth of MANGO tokens at a low price of $0.0382.
* Price Manipulation: Wallet 2 purchased all the MANGO tokens sold by Wallet 1 at this low price. The attacker then began aggressively buying MANGO tokens across several platforms, including Mango Markets, AscendEX, and FTX, driving the price up from $0.0382 to $0.91 in a short time.
* Exploiting the Price Surge: The sudden price spike caused mass liquidations of short positions as the MANGO token price exceeded the value of short sellers' collateral. The attacker profited from the price surge, after which the MANGO token price dropped to $0.0259.

Outcome: The attack led to significant liquidity losses for the Mango Market, with over 4,000 short positions liquidated, destabilizing the protocol. This economic attack relied on cross-platform price manipulation rather than technical vulnerabilities, highlighting the need for economic audits to simulate and mitigate the effects of price manipulation scenarios.

Case 2: Beanstalk Attack

Date: April 2022

Attack Method: Governance Manipulation

Loss Amount: $181 million

This attack involved the attacker exploiting governance systems to push malicious proposals. It highlighted that poorly managed governance vulnerabilities can cause damage as severe as technical flaws.

Attack Process:

• Governance Exploit: The attacker proposed two motions to transfer tokens from Beanstalk’s treasury to their wallet. These proposals were disguised as legitimate governance changes. Beanstalk’s governance system required an emergency vote, where motions needed a two-thirds majority to pass.
• Flash Loan Attack: The attacker used a flash loan to temporarily borrow a large number of Beanstalk tokens, gaining control of 79% of the voting power. With this majority, the attacker successfully passed the proposals, transferring funds from the Beanstalk treasury to their wallet.

Outcome: The successful governance attack caused the BEAN token to lose its peg, with its price dropping by 75%, severely impacting the protocol’s stability. The total loss amounted to $181 million. If an economic audit had simulated governance risks, particularly the potential for flash loan-enabled voting control, this attack might have been mitigated. Economic audits can identify governance manipulation risks that are often overlooked in traditional technical audits.

Case 3: Terra Luna Stablecoin De-Pegging

The collapse of the Terra Luna ecosystem is a significant case of protocol failure caused by economic mismanagement rather than technical vulnerabilities. This incident is often seen as a cautionary tale of economic mismanagement, illustrating how failures in one area can trigger cascading collapses across the DeFi ecosystem.

Terra’s stablecoin UST was algorithmically pegged to the US dollar, relying on its relationship with the Luna token to maintain price stability. The system allowed UST to be exchanged for Luna at a fixed ratio to preserve its peg. However, the model depended heavily on market confidence and liquidity, both of which collapsed under external economic pressure.

In May 2022, a major market event caused UST to lose its peg and fall below $1. This triggered a “death spiral” effect, as UST holders rushed to exchange their tokens for Luna. This rapidly diluted Luna’s supply, causing its price to crash. As UST’s de-pegging worsened, a feedback loop formed, causing both UST and Luna prices to collapse, rendering the protocol unsalvageable.

Impact: The Terra Luna collapse had far-reaching effects on the DeFi ecosystem. Many protocols interconnected with Terra through liquidity pools, lending platforms, and staking services faced liquidity crises, leading to widespread liquidations and fund losses due to their exposure to Terra.

This collapse was not caused by specific code vulnerabilities or technical flaws but by economic mismanagement, such as relying on an algorithmic stablecoin without sufficient reserves or safeguards against market volatility.

Layered Architecture of DeFi Protocols

DeFi protocols are typically composed of multiple layers, each playing a specific role in the overall functionality of the protocol. These layers generally include:

1. Core Protocol Layer:

This is the foundation of the protocol, comprising smart contracts that define protocol operations, such as lending, staking, or trading. Technical audits usually focus on this layer, ensuring that smart contracts execute as intended without vulnerabilities or programming errors.

1. Oracle Layer:

DeFi protocols often rely on oracles to obtain real-time data from external sources (e.g., price data, interest rates). This layer is crucial for the protocol’s normal operation, as incorrect data can lead to pricing errors, insufficient collateral, or other risks. Economic audits examine a protocol’s dependence on oracles and potential risks of oracle manipulation, which technical audits often fail to fully address.

1. Governance Layer:

Many DeFi protocols use decentralized governance structures to make key decisions. This layer involves voting, token-based decision-making, and protocol changes. Economic audits analyze vulnerabilities in governance structures, such as voting power manipulation or flash loan attacks, where attackers temporarily acquire large voting power to influence protocol decisions.

1. Liquidity Layer:

The liquidity layer ensures that the protocol has sufficient liquidity to function properly. In lending or trading protocols, this layer determines whether users can access funds or execute trades. Economic audits simulate liquidity stress scenarios to test how protocols perform under conditions of insufficient liquidity, such as large withdrawals or sudden market downturns.

Economic Risks in Layered Architecture

Interactions between layers in the layered architecture of DeFi protocols can introduce certain economic risks, which are often not covered by traditional technical audits.

1. Interdependence Between Protocols:

Many DeFi protocols depend on each other for liquidity, collateral, or data. For example, a lending protocol might rely on external stablecoins as collateral. If that stablecoin collapses or loses its peg to fiat currency, the lending protocol could face collateral insufficiency, leading to mass liquidations.

1. Cascading Effects Between Protocols:

Attackers can exploit one layer to affect others, leveraging interconnections between protocols to cause broader damage. For example, attackers might manipulate asset prices in one protocol (via Oracle manipulation) to influence lending, trading, or collateral operations in other protocols.

1. Liquidity Crises:

Layered architecture also introduces the risk of liquidity crises, where the liquidity of one layer depends on another. A sudden withdrawal of liquidity from a pool could disrupt the protocol’s operations, leading to cascading failures that affect other layers’ functions.

The interconnected nature of DeFi protocols means that risks often propagate across multiple layers. A vulnerability in one layer (e.g., the oracle or governance layer) can trigger chain reactions, leading to failures in other layers (e.g., the liquidity layer or core operations). Technical audits focus primarily on the core protocol, ensuring smart contracts function as intended, but they cannot simulate the systemic risks arising from interactions between these layers.

Conclusion

The layered architecture of DeFi protocols introduces complex economic risks that cannot be fully captured by technical audits alone. Economic audits provide critical evaluations of the interactions between different layers, analyzing how they can be exploited or stressed under real-world conditions to identify potential risk points.

Key Takeaways:

Relying solely on technical audits is insufficient to protect DeFi protocols from broader economic risks. Economic audits simulate real-world market conditions, conduct stress tests, and assess protocols’ resilience to risks such as price manipulation, liquidity crises, and governance vulnerabilities. The DeFi industry must prioritize economic risk management to safeguard protocols against systemic threats.

Currently, the economic auditing market remains underdeveloped, presenting significant opportunities for companies focusing on this field. The future of DeFi security will require a combination of technical and economic audits to ensure protocols can withstand a wider range of vulnerabilities.

Disclaimer:

1. This article was reprinted from [Jinse Finance]. The copyright belongs to the original author [TEDAO]. For objections to the reprint, please contact the Gate Learn team, which will process requests promptly according to relevant procedures.
2. Disclaimer: The opinions expressed in this article represent the author’s personal views and do not constitute investment advice.
3. Other language versions of this article were translated by the Gate Learn team. Unless otherwise specified, copying, distributing, or plagiarizing translated articles is prohibited.