- DeFi security should shift from reactive patches to built-in safety rules that block invalid transactions.
- Daejun Park of a16z proposed using standardised specifications or invariant checks to enforce correct protocol behaviour.
- Many recent hacks could have been halted by such runtime checks; the sector lost large sums last year.
- Experts warn invariant checks raise costs and can be hard to design without false positives or missed attacks.
- Some projects, including Kamino and the XRP Ledger, already use invariant checking tools and practices.
Daejun Park, a senior security researcher at a16z, said in a January 11 post that decentralized finance must embed safety guarantees into protocol code to mature. He argued developers should adopt standardised specifications that constrain allowed actions and automatically revert transactions that violate assumptions. “Almost every exploit to date would have tripped one of these checks during execution, potentially halting the hack,” he wrote, adding that “So the once-popular idea of ‘code is law’ evolves into ‘spec is law.'”
The push for runtime enforcement, also called invariant checks, comes as DeFi sustained heavy losses to code exploits last year. A security report found attackers stole more than $649 million, and even established systems like Balancer lost about $128 million in November after a bug. The sector overall is valued at roughly $168 billion.
Experts caution that invariant checks are not a cure-all. Gonçalo Magalhães, head of security at Immunefi, said the added checks would raise gas costs and could cost protocols users who compete on low fees, adding “It’s not the silver bullet.” Felix Wilhelm, co-founder of Asymmetric Research, noted design challenges: “For many vulnerabilities and real-life hacks, it is difficult or even impossible to write an invariant that detects the hack without also triggering under normal circumstances.” He added that runtime enforcement often detects anomalies or limits damage rather than fully stopping attacks: “While helpful, this often serves only to limit impact or alert the team, rather than stopping the attack outright.”
Some projects are adopting these measures. Kamino, a Solana lending protocol, began checking critical invariants with Certora Prover in March. The XRP Ledger, which underpins the $120 billion XRP token ecosystem, has implemented invariant checking and explains the approach in its documentation. A wider industry report on last year’s breaches is available from SlowMist.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Pudgy Penguins to apologise after racist X post sparks a row
- Revolut Applies for Peru’s Banking License, Eyes Remittances
- Tudou Guarantee Halts After $12B Scam; Operations Freeze Now.
- Solana decentralization row: 84% claim disputed, 5,000 nodes
- S. Korea Customs Busts Alleged Crypto Laundering Ring $101M.
