2 Big DeFi Surprises in 2 Weeks
|By Chris Coney|
Uniswap (UNI, Tech/Adoption Grade “C”) just announced that it has built a new DeFi wallet for mobile.
Click here to view full-sized image.
The motivation behind creating this wallet lies in the thousands of support tickets Uniswap received from people who were confused about what self-custody over their assets means.
Now, that is more of a wallet question than a decentralized application question. So, those queries really should not have gone to the Uniswap customer service team.
In general, that team cannot be reasonably expected to provide support for products built by other companies that are trying to interact with theirs.
So, to alleviate this burden, Uniswap has gone and built its own wallet based on the content of all those support tickets.
Here are two neat features of this new wallet:
- Swap and trade seamlessly on Uniswap — and across any other supported networks — from inside the wallet.
- Access other trusted names in DeFi like Aave (AAVE, Tech/Adoption Grade “C”) lending markets or Uniswap’s own non-fungible token marketplace with a built-in web3 browser.
By being able to conveniently trade on the go, Uniswap is bringing the DeFi user experience closer and closer to what people are used to from popular traditional finance trading apps such as Robinhood or Plus500.
Except here, we have all the added benefits of DeFi such as self-custody and transparency.
And speaking of self-custody, the Uniswap Wallet allows you to securely back up your recovery phrase on iCloud. There is also an option to manually back it up, which I assume means on Google Drive, Dropbox or the like.
For me, Uniswap has always had a flavor of Google about it. By that I mean it knows how to build highly sophisticated web products while keeping the user experience simple — much like the Google search engine.
And on top of being user-friendly, Uniswap claims it is one of the most trusted names in DeFi. I would not only agree with this statement, but I believe it is evident and provable.
This is part of what makes Uniswap an ideal platform to have its own wallet.
DeFi Surprise No. 2
The advent of Uniswap’s new wallet leads up nicely into the second DeFi surprise in these past two weeks.
I would consider the wallet as good news, while this topic is relatively bad news.
Now, there is an acronym in DeFi called DINO, which stands for “decentralized in name only.”
This was a term that cropped up to describe projects that were using the term “decentralized” to hijack the hype and excitement that was being generated by the movement, while not really building in the spirit of it.
Keep in mind that decentralization is not an absolute thing. Rather, it is an analog scale. So, beware when you hear someone say something is completely decentralized.
Nothing is truly 100% decentralized because there are many different aspects of decentralization. Meaning, you can always find one facet where decentralization is lacking.
Decentralization-wise, Uniswap scores well. Principally because when it deploys a new version of their app — like v2 or v3 — it leaves no back doors or admin keys.
That means once it deploys the new version, Uniswap loses control over it. Even if a bug is found later on, tough luck.
On the plus side, this is what makes Uniswap one of the most trusted names in DeFi. With its smart contracts set up to be truly autonomous, I can trust that there is no way the Uniswap developers could steal any of the funds the contract handles.
On the minus side, this means the smart contract is not modifiable or upgradeable.
In fact, Uniswap v2 is still running and people are still using it. They are free to do so because it is still a perfectly viable app; but v3 is better.
With that in mind, I can now reveal the second big surprise.
Oasis — a DeFi platform and developer of a multi-signature software wallet — was able to seize $140 million in assets that did not belong to them.
The controversy is that Oasis seized these funds from a hacker who exploited the Wormhole (WHC, Not Yet Rated) Bridge some time ago and stole funds.
Even though Oasis was ordered to do this by a British court, this raises a moral dilemma.
Should it have even been possible for Oasis to comply with the court order?
I say no. Not because I want to break the law, but because in the world of smart contracts, the code is the law.
In DeFi, instead of statues written in English, we have smart contracts written in programming languages. Like a law, everyone in the network is subject to these rules.
Smart contracts are transparent in their terms, and anyone who interacts with them accepts them.
When someone exploits a legal loophole in the real world, that is akin to exploiting a bug in a smart contract. In other words, you end up being able to do something you technically should not be able to do.
The hypocrisy here is this: When someone exploits a legal loophole, do they get retrospectively punished when the law changes later? Of course not.
So, it should be the same with smart contracts.
If the code allowed a certain activity to happen at that time, as far as the “blockchain law” goes, that was valid.
By all means, I believe there is nothing wrong with updating the smart contract or deploying a new one with updated rules.
But the history stands.
I do not think Oasis intentionally left a back door in its software any more than a lawmaker intentionally inserts a legal loophole into a statute.
According to a blog post from Oasis, it had previously been notified of a vulnerability in their software by a security expert.
It was this vulnerability that they themselves exploited to steal the funds back from their own wallet software and comply with the court order.
Had that security hole not existed, Oasis would have been physically unable to comply with the court order. The hacker's possession of the stolen assets would be the law.
So, we must decide what kind of DeFi world we want.
Would you prefer a world full of brand names like Uniswap who are trusted because we do not have to trust them?
Or one where companies can use a secret back door in case of an emergency?
I would personally prefer the former.
But that is all I have got for you today. Let me know what you think about these two recent DeFi developments by tweeting @WeissCrypto.
I will catch you here next week with another update.