Decentralized Finance has garnered a lot of attention lately and has been a major player in drawing in the much eyed upon institutional investors. Over the years, the DeFi sector has grown immensely, and the total value locked in the market hit a high of $1.235 billion in February.

Ethereum has been leading the experimentation and exploration of new use cases in this area with the majority of DeFi applications based on its blockchain. However, there are still some flaws that often allow hackers to exploit various DeFi protocols and gain access to funds fairly easily. While developers continue to address these bugs, loopholes continue to exist.

$300,000 exploit

Most recently, a Uniswap-based pool was hacked for a hefty amount of ETH and an Ethereum-based tokenized version of Bitcoin, imBTC, worth approximately $300,000. The event was reported by blockchain developer Julien Bouteloup on twitter who wrote:

imBTC @tokenlon pool on @Uniswap has been attacked & drained🔥



Simple attack vector on ERC777 (with arbitrary code execution during transfer fct) on Uniswap to steal >$300k (#ETH+#BTC)



The vulnerability was described 16mths ago: https://t.co/a3AiJyY969 https://t.co/MKC2jNP1Y4 pic.twitter.com/cXOVu6le3P — Julien Bouteloup (@bneiluj) April 18, 2020

There have been no reports post the hack, but Bouteloup states that the exploit that allowed the hacker to get access to the funds had been reported in an audit of the Ethereum-based Uniswap’s protocol 16 months ago.

The exploit involves creating a fake exchange pool that accurately resembles the original pool. This, in turn, allows the culprits to manipulate the price of assets in the original pool and make it cheap. Thus, the hacker can walk away with tokens at a much lower price than it’s actual.

DeFi remains Flawed

This isn’t the first time a bug in the system has been exploited. Earlier in February, popular decentralized lending protocol bZx lost more than $900,000 to two consecutive hacks. DeFi critics have often accused the Tech of being too centralized.

Following the attack on bZx, Litecoin founder Charlie Lee had thrashed DeFi stating it is the “worst of both worlds.” Lee said:

This is why I don't believe in DeFi. It's the worst of both worlds. Most DeFi can be shut down by a centralized party, so it's just decentralization theatre. And yet no one can undo a hack or exploit unless we add more centralization.



So how is this better than what we have now? https://t.co/F1HMSeqb6q — Charlie Lee [LTC⚡] (@SatoshiLite) February 16, 2020

Maker, one of the earliest Ethereum projects and the dominant leader responsible for nearly 51% of the value locked within the lending sector, had to suffer heavy losses due to a glitch in MakerDao’s oracle.

Due to the high congestion in the Ethereum network, the glitch allowed some liquidators to be able to win the auction offering a 0 DAI bid, due to a total lack of competition. This has previously resulted in $4 million in collateralized debt.

Despite the bugs, DeFi has had a massive impact on the crypto market as a whole. From decentralized credit and lending systems, predictions markets, and asset management, DeFi’s applications have caused quite a stir in the mainstream space for their capacity for enabling multiple efficiencies.

The DeFi or Open Finance movement has the potential to become a global, open alternative to every financial service we use today like savings, loans, trading, insurance and more, accessible to anyone in the world with a smartphone and internet connection. This is now a reality on the Ethereum blockchain.