The new rules from the EEA are intended to provide a standard for risk mitigation in DeFi protocols, which will benefit users, developers, and regulators alike.
To identify and reduce the risks associated with the DeFi protocol, the Enterprise Ethereum Alliance (EEA) has released Version 1 of its decentralized finance (DeFi) Risk Assessment Guidelines.
The EEA’s DRAMA Working Group created the rules with Bitwave, Consensys, Hacken, CertiK, Quantstamp, OpenZeppelin, Banco Santander, and other companies.
Regulators, developers, investors, and users of the DeFi protocol can utilize the document as a resource for risk detection and management measures.
The rules provide a complete standard that “resource founders and dev teams can rely on while working on their products,” according to Dyma Budorin, CEO of Hacken and co-chair of EEA DRAMA.
Specifics of the guidelines for DeFi Protocol
A variety of risks regarding governance, tokenomics, software, liquidity, regulatory compliance, and external market conditions are covered under the DeFi Risk Assessment Guidelines.
The guidelines cover potential security and interoperability concerns and challenges affecting different software types, including bridges, intelligent contracts, and oracles.
In the domains above—user education, bug bounty programs, stress tests, security upgrades, data encryption, and more—the document outlines DeFi best practices for risk management.
The EEA’s director of technical programs, Chaals Nevile, stated that “the Working Group proposes to maintain the Guidelines, publishing periodic updates as necessary.”
“This is specifically intended to respond to new threats and changes in technology, but also to deal with the fact that the standards and regulatory landscape continues to evolve.”
Consequences for various parties
The recommendations include the procedures, practices, and documentation needed to help developers and founders create and maintain DeFi protocols securely and dependably.
The recommendations serve as a framework for regulators and licensing bodies to evaluate and license DeFi projects.
Updates to the requirements for DLT foundations applying for licenses from the Abu Dhabi Global Market (ADGM), the UAE regulator, are already being made using this framework.
The rationale behind the necessity of the Guidelines
An illustration of the need for DeFi risk assessment and feasible preventative measures in the sector is the July 16 attack on the De-Fi protocol.
After taking advantage of a particular contract address, the hackers stole over $10 million in cryptocurrency before transferring the money via Railgun, a zero-knowledge (ZK) protocol.
This breach exposes the fundamental vulnerability in DeFi protocols, even though it was promptly contained and the community informed to avoid additional losses.