Crypto lending has boomed over the past few years, leading to billions of dollars of crypto becoming locked in the smart contracts of DeFi protocols.
These innovative blockchain-powered protocols enable anyone to borrow and lend without intermediaries. But as with other decentralized protocols, using them involves risk.
In this post, we cover the different types of crypto lending protocols and how to use them safely.
There are three main types of DeFi lending protocol, each with their own use cases and associated risks.
Collateralized lending, offered by protocols such as Aave and Compound, is by far the most common form of crypto lending.
These protocols work like pawn shops, which offer cash-strapped borrowers the ability to take out loans secured by possessions such as jewelry or electronics. When the loan is paid back, then the valuable item is returned. Otherwise the pawn shop gets to keep the collateral.
Similarly, collateralized lending enables you to borrow against your digital assets by depositing them in a smart contract. Then if you don't repay the loan, the assets collateralized in the smart contract are converted into cash to settle the debt in a process called liquidation.
The big advantage of collateralized lending is ease-of-use: borrowers can take out loans quickly without sharing their identity, safe in the knowledge that the entire lending process is secured transparently by the blockchain.
However, collateralized crypto leading does come with specific risks.
The biggest single risk associated with collateralized lending is the possibility of losing your collateral when prices fall below the liquidation level.
Given the enormous price swings that are commonplace in crypto, this can happen fairly often, and hundreds to millions of dollars worth of loans are liquidated every day on protocols like Aave.
Avoiding liquidation is a matter of keeping your collateral topped up. The amount of collateral needed is determined by the loan-to-value ratio, which is typically around 70%, meaning that to borrow $7,000 worth of crypto, you would need to deposit $10,000.
Should the price of your crypto collateral fall, however, you may find yourself needing to top up the collateral or repay part of your loan. Otherwise you could face automatic liquidation.
The problem with collateralized loans is that they require you to deposit more assets than you borrow. This is not only very capital inefficient, but it can also preclude those who most need a loan from being able to get one.
As such, the next wave of lending protocols are uncollateralized.
This model of crypto lending is more aligned with traditional financial lending in that it allows the recipient to borrow without pledging any collateral to the lender. Instead, credit is extended on the basis of an underwriting process, which assesses creditworthiness based on identity, income, assets, and debt.
This approach will be familiar to both individuals who have taken out a loan from a high street bank, and financial institutions that are accustomed to meeting short-term cash needs with a line of credit (LOC), which constitutes a legally-binding uncollateralized loan agreement.
As a borrower, taking out an uncollateralized loan means risking damage to your credit score and potential legal ramifications in the event that you fail to repay the loan.
Lenders on the other hand, face the risk of incurring bad debt.
These risks came to light across the crypto industry in the downturn of 2022, when several trust-based lending platforms filed for bankruptcy following the collapse of a large crypto hedge fund.
Meanwhile, decentralized collateralized lending protocols continued to run smoothly and even experienced user growth, weathering the broader downturn with grace.
A unique feature of the crypto ecosystem, Aave's flash loans enable borrowers to access funds without pledging collateral or entering into a legal contract.
That might seem unbelievable, so what's the catch?
As flash loans involve bundling the loan and repayment transaction together into the same block, the loan must be repaid in the same blockchain transaction in which it is granted.
This makes flash loans ideal for fast-paced financial maneuvers such as arbitrage (the simultaneous purchase and sale of the same digital asset in different places), but not practical for longer-term borrowing needs.
The possibility of defaulting on a flash loan is almost non-existent, as the transaction will be void if the borrower does not return the funds within the same block.
As such, flash loans are almost risk-free for both borrowers and lenders.
In fact, the biggest risk associated with flash loans is the possibility of the protocol itself falling victim to a flash loan exploit. These attacks, such as the $100 million Mango Markets heist, can occur in some instances when an attacker flash loans a large number of tokens, in order to either manipulate prices, or unilaterally pass malicious governance proposals.
In addition to the specific risks associated with different types of crypto lending protocol, all DeFi activity is subject to the same general risks.
Dodgy smart contracts
Smart contract hacks account for around 90% of all attacks on DeFi protocols, and can usually be traced back to a bug in the underlying code.
The right to anonymity is a key cypherpunk value, but it can also increase the risk of “rug pull” tactics where unscrupulous developers abscond with users’ funds.
As the collapse of Terra Luna so powerfully illustrated, the promise of unrealistic returns is perhaps the biggest red flag of all.
Aside from DeFi protocols, centralized (CeFi) lending platforms have also attracted millions of users by offering tempting yields and competitive loans.
But while these platforms may offer their services through a familiar bank-like interface, they are not banks, and can still be subject to the same crypto lending risks if they deploy customer funds to DeFi.
In addition, CeFi platforms also represent a trusted third party; but one that isn't necessarily bound by the regulation of banks and other traditional financial entities. History has shown that this can make them even more prone to the abuse of user trust.
To avoid falling victim to flawed or fraudulent crypto lending infrastructure, make sure to only use protocols that are:
Although audits can grant a false sense of security, they can also help reduce the odds of your assets being drained by a hacker taking advantage of poorly-conceived code. The key is to look for protocols that are thoroughly audited — making sure all components of the protocol are covered — by the most reputable smart contract auditors. These include Halborn, OpenZeppelin, Certik, Consensys Diligence, and Trail of Bits.
Decentralized systems that have proved their resilience and weathered multiple market cycles are typically more trustworthy.
Created by verified teams
Although DeFi is open source and any smart contracts can theoretically be proven to be secure, more cautious users may prefer protocols created by development teams with public profiles and a strong track record.
Wherever you are deploying assets across the crypto lending ecosystem, your priority should always be returning assets to the security of self-custody as soon as possible.
That's because the longer assets are held elsewhere — whether on DeFi protocols or CeFi platforms — the more you are exposed to what is ultimately an unknown degree of risk.
Returning assets to the security of self-custody enables you to assume full responsibility for safeguarding them, and gives you the ability to instantly and independently deploy them to take advantage of financial opportunities when they arise.
Qredo Web3 Wallets Are the ideal institutional wallet to take self-custody of assets, and enable you to implement your own governance policies without the need to trust a third party custodian.