The Dangers of Copy Paste in the DeFi industry

The Dangers of Copy Paste in the DeFi industry

What made Apple such a successful company? You will not be so very far from the truth if you say Steve Jobs or his pursuit of perfectionism. At a young age, he learned the importance of “painting the back of the fence” as good as the front even if no one else will see it. Later, this will become his calling card – making the perfect product first as revenue and profits would follow.

Following the quality, uniqueness plays a huge role in creating loyalty from the current customer base. When Steve Jobs first unveiled the iPhone, he described it as “a revolutionary mobile phone.” Everyone wanted it, and especially nearest competitors. 14 years later Apple still has a huge base of loyal customers. Can you imagine something similar happening to a company that simply copies others?

The same approach applies to any other sector in the economy, whether it be a shoe store, bakery, or even the IT industry. In the latter case, a poor code quality could lead to financial losses or waste of time due to maintenance, modification, or adjustments and, of course, hacking attacks. If you need an example, just google “Colonial Pipeline case” and how the US largest fuel pipeline had to pay $4.4m to a gang of hackers who broke into its computer systems.

We could even say that they were lucky to pay such a low price. Such mistakes are not forgiven in the crypto industry. A couple of weeks ago, for example, the DeFi industry has been hit by the news that Binance Smart Chain DeFi protocol Pancake Bunny has been exploited via a flash-loan attack, in what the community initially believed to be a record-setting $1 billion loss. Hardly anyone, besides the users, will face any consequences.

For that reason, before choosing the DeFi project for staking it is of vital importance to check the quality and uniqueness of the code. In other words, if the team simply copy-pasted the Uniswap code then something is not right. You cannot call it a unique product but a dangerous cacophony.

It is crucial to understand that by copying code developers duplicate bugs and security vulnerabilities. Additionally, subtler semantics could emerge when programmers try to edit the copied code. No surprise recently there were so many hacking attempts and most usually successful. Only in the DeFi industry, since 2019, hacks have caused losses in the region of $285 million (~£202 million).

Thus, lesson number one is to “check the code”! Forewarned is forearmed – if you know what to look for, you may be able to decrease the chances of scammers taking advantage of you. Even if you don’t know how to code, don’t panic – if the project has an open code and if there’s enough interest around it, others will surely conduct their research and hopefully share their conclusions with the rest of the community.

As a case example, let’s look at Nimbus, an automated DeFi platform that offers 16 revenue streams for users based on IPO participation, Lending, Crypto Arbitrage-Trading, and so on. The first good sign about the project is that its team is trying to bring value to both the industry and platform users. In other words, they are not here just to make a quick buck.

It should be noted that Hacken, one of the most active and reputable security auditors in the crypto industry has audited Nimbus smart contract and didn’t find any vulnerabilities. Launched in 2017, Hacken’s security data product, CER has audited more than 280 exchanges and provided more than 80 security certificates. In July 2020, Hacken partnered with the biggest independent crypto aggregator CoinGecko, which saw them adopt CER cybersecurity data as a crucial part of CoinGecko’s TrustScore.

Moreover, the external technical audit also hasn’t identified any errors and confirmed that the Nimbus Platform is fully functional and safe. Besides that, Nimbus launched Bug Bounty programs — where participants can test code performance and receive rewards if they find bugs. All of this greatly reduces the risk of using projects’ contracts. If you want to learn more about the bounty, check this post where you will find all the necessary information including links to the Github repository.

As well noted by the Binance Academy, “One thing to note here is that audits are expensive. Legitimate projects will typically be able to pay for audits, but scam projects usually won’t bother.”

Talking about platform improvements, in a matter of weeks, Nimbus is going to be deployed on the Binance Smart Chain. It will allow increasing scalability in transactions, at the same time making them cheaper. Currently, the Ethereum network has an average gas fee of $5 per transaction, while transactions on Binance Smart Chain cost around $0.2–0.3. Once again, for more info go check this article.

Last but surely not least, it should be noted that the Nimbus platform offers 16 earning strategies for users boosted by multiple layers of risk management. No one else on the market can offer this unique combination of values:

  • Diversified revenues from Nimbus dApps for IPO participation, Startup Crowdfunding, Lending & Borrowing, and so on. No other project in the crypto industry gives access to IPO.
  • Nimbus Governance token, GNBU token, which lets holders receive portions of 10 platform’s revenue streams by simply holding the token (as well as participate in the governance process through DAO).
  • Nimbus Smart contracts boast not only a top security score but also several layers of financial risk management for ultimate efficiency.
  • Source