<p>Decentralized finance (DeFi) platforms have gained in popularity over the last few years, as they offer a wide range of accessible, innovative, and complex financial services. Because they evolve quickly under limited regulation, it is easy for malicious parties to target them for profit when they notice a vulnerability in these emergent protocols. Existing work has focused on understanding typical attack flows and securing the technology to alleviate crime. However, little is known about what other attributes, beyond technical vulnerabilities, may put DeFi actors at risk. Drawing on Cook’s (Crime Justice 7:1–27, 1986) crime opportunity framework of target attractiveness, this study investigates which attributes are associated with an increase or a decrease in the likelihood of DeFi victimization. We compare actors victimized in 2022 with those that were not across several target dimensions: propinquity, vulnerability, potential payoff, main area of operation, and self-protection activities. Results show that being listed on a popular centralized exchange, operating on a layer-2 blockchain, offering lending services, and having high trading volumes are associated with an increased likelihood of victimization, while operating a dApp and having experienced past victimization are associated with a decrease. By contrast, self-protection measures such as publicly disclosed audits, and bug bounty programs show no measurable effect, likely reflecting variation in their quality and implementation or the fact that undisclosed audits could not be observed. By integrating criminological theory into DeFi security research, this study provides a holistic framework for understanding crime opportunities in this novel ecosystem, while informing potential prevention strategies to reduce associated harms.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Crime opportunities in decentralized finance: how actor attributes shape target attractiveness

  • Catherine Carpentier-Desjardins,
  • Masarah Paquet-Clouston

摘要

Decentralized finance (DeFi) platforms have gained in popularity over the last few years, as they offer a wide range of accessible, innovative, and complex financial services. Because they evolve quickly under limited regulation, it is easy for malicious parties to target them for profit when they notice a vulnerability in these emergent protocols. Existing work has focused on understanding typical attack flows and securing the technology to alleviate crime. However, little is known about what other attributes, beyond technical vulnerabilities, may put DeFi actors at risk. Drawing on Cook’s (Crime Justice 7:1–27, 1986) crime opportunity framework of target attractiveness, this study investigates which attributes are associated with an increase or a decrease in the likelihood of DeFi victimization. We compare actors victimized in 2022 with those that were not across several target dimensions: propinquity, vulnerability, potential payoff, main area of operation, and self-protection activities. Results show that being listed on a popular centralized exchange, operating on a layer-2 blockchain, offering lending services, and having high trading volumes are associated with an increased likelihood of victimization, while operating a dApp and having experienced past victimization are associated with a decrease. By contrast, self-protection measures such as publicly disclosed audits, and bug bounty programs show no measurable effect, likely reflecting variation in their quality and implementation or the fact that undisclosed audits could not be observed. By integrating criminological theory into DeFi security research, this study provides a holistic framework for understanding crime opportunities in this novel ecosystem, while informing potential prevention strategies to reduce associated harms.