This chapter will unpack the risks associated with DeFi. DeFi is a highly complex system involving multiple layers of technology, financial arrangements, and human behaviors. Things can and do go wrong in crypto for a wide variety of reasons, many of which may be baffling for the average person, as they involve details that are very specific to blockchains, the protocols that are built with smart contracts, and the unique environment they operate in.

With the billions of dollars at play in crypto, it is also inevitable that this concentration of wealth on the internet attracts criminal activity, including fraud and other kinds of activity that most legal systems safeguard against. Having no legal jurisdiction, DeFi remains a wild west with little recourse if one gets hacked. The nature of cybercrime can be sudden, esoteric, and opaque.

Not a week seems to go by without a high profile hack or exploit, with losses numbering in the millions. It seems to be par for the course for DeFi, and has unfortunately been associated with DeFi for the general consumer and regulators. The tongue‐in‐cheek site “Web3 is Going Great” counts a whopping US$11b in losses in DeFi.¹

I have some personal experience with cyberattacks. In 2020, I was personally targeted for a call forwarding attack (a variation of a SIM swap attack), where my mobile phone provider was maliciously convinced to forward my calls and messages to the attacker in order to take over my Telegram account. ...