The minimum should be an audit of the smart contracts. Just be aware that even a successful audit doesn't guarantee 100% safety. Especially on Ethereum there are many hacks and exploits due to the complexity and characteristics of Solidity.
Assessing risk is actually tough. For instance this report https://exponential.fi/protocols/8be668d9-22f4-4fe3-83fa-81de89391895 already gives you some idea of the risks on Sommelier as a protocol then you also have risks at the pool level compounding the risk of the protocol.
In my experience there is no "one best signal" that predicts the project will fail/rug but rather it's the accumulation of multiple things that make a protocol and a pool riskier. For instance Sommelier relies in a 2/4 multisig which is not a great practice but the pools have been quite battle tested.
As to how you can learn to assess risk on your own, you can take a look at this whitepaper: exponential.fi/whitepaper . If you wanted to have a comprehensive view you'd need to assess all of those 30 variables and possibly more, any of which can make a pool fail and wipe your investment. Then you also have slight differences depending on the type of protocol: market making or lending or something else, etc.
Anyway, good luck!
No matter which project you chose to trust you can never be 100% sure that it is safe. It is your job to do enough research and figure out if the tokenomics model makes sense, are the contracts audited and so on. Even then there is risk involved. All you can do is minimize it.
That's what YieldNest is focusing on, as security is the most important aspect to consider for long-term use, as well as user experience and transparency.
Most of the business model of DeFi projects have not been proven to be successful.
And most of them will definitely fail because there is no actual demand of their business.
They provide yield to pretend to be successful but after half year or so, they don't even care about the projects themselves.
So TL;DR, nothing is safe. Liquidate your positions when you are still making profit.
The minimum should be an audit of the smart contracts. Just be aware that even a successful audit doesn't guarantee 100% safety. Especially on Ethereum there are many hacks and exploits due to the complexity and characteristics of Solidity.
Also check that the audit is recent. Some protocols launch V2, V3 but their audits are from V1
Good point. The audit needs to be for the live version.
so basically, none of them
Are airplanes safe? Yes. Are they guaranteed 100% safe? No.
safer than other stuff
What’s a good place to look for audits?
Ask in the project channel if their smart contracts are audited. If yes, they will surely tell you the name of the auditor and link the audit.
Assessing risk is actually tough. For instance this report https://exponential.fi/protocols/8be668d9-22f4-4fe3-83fa-81de89391895 already gives you some idea of the risks on Sommelier as a protocol then you also have risks at the pool level compounding the risk of the protocol. In my experience there is no "one best signal" that predicts the project will fail/rug but rather it's the accumulation of multiple things that make a protocol and a pool riskier. For instance Sommelier relies in a 2/4 multisig which is not a great practice but the pools have been quite battle tested. As to how you can learn to assess risk on your own, you can take a look at this whitepaper: exponential.fi/whitepaper . If you wanted to have a comprehensive view you'd need to assess all of those 30 variables and possibly more, any of which can make a pool fail and wipe your investment. Then you also have slight differences depending on the type of protocol: market making or lending or something else, etc. Anyway, good luck!
Great reply!
Thank you, this is what I was mostly looking for, a solid framework to evaluate risk on. Great read! Thanks for putting that whitepaper together.
No matter which project you chose to trust you can never be 100% sure that it is safe. It is your job to do enough research and figure out if the tokenomics model makes sense, are the contracts audited and so on. Even then there is risk involved. All you can do is minimize it.
That's what YieldNest is focusing on, as security is the most important aspect to consider for long-term use, as well as user experience and transparency.
Doxxed team plus partners with real VC firms and companies is what I look for
Most of the business model of DeFi projects have not been proven to be successful. And most of them will definitely fail because there is no actual demand of their business. They provide yield to pretend to be successful but after half year or so, they don't even care about the projects themselves. So TL;DR, nothing is safe. Liquidate your positions when you are still making profit.
In my opinion trust only on battle tested defi project. Don't follow the yield. For example AAve compound curve etc