A16z Crypto wants DeFi to ditch ‘code is law’ for ‘spec is law’ to combat $649m exploit problem

DeFi protocols must move beyond “patch-after-the-hack” security and hard-code safety guarantees into their software if the $168 billion sector is to mature, according to a16z Crypto.

In a January 11 post, Daejun Park, a senior security researcher at the firm, argued that DeFi developers should adopt a more principled approach to security instead of relying on trial and error.

At the core of that shift, Park said, is the use of standardised specifications that constrain what a protocol is allowed to do, and automatically revert any transaction that violates those predefined assumptions about correct behaviour.

“Almost every exploit to date would have tripped one of these checks during execution, potentially halting the hack,” Park said. “So the once-popular idea of ‘code is law’ evolves into ‘spec is law.’”

Such an idea, sometimes referred to as runtime enforcement or invariant checks, isn’t new. But it’s getting a fresh look as DeFi protocols struggle to defend against hackers exploiting bugs in their code.

Last year, hackers swiped over $649 million through code exploits according to a report from Slowmist, a blockchain security firm.

Even battle-tested protocols like Balancer, whose code had been live on the Ethereum blockchain since 2021, were not immune. It lost $128 million in November after a hacker exploited a code bug.

In recent months, DeFi developers fear hackers are increasingly using artificial intelligence to find DeFi protocol vulnerabilities and exploit them.

‘Not the silver bullet’

Park’s suggestions, if widely adopted, could go a long way in preventing exploits. But they’re not without downsides.

DeFi protocols often gain an edge over their competitors by having the cheapest fees. Adding extra checks on transactions would increase gas costs, potentially losing them users, Gonçalo Magalhães, head of security at Immunefi, told DL News.

Magalhães said invariant checks are a great security strategy, but they can’t account for everything — especially exploits that a protocol’s developers can’t reasonably anticipate. “It’s not the silver bullet,” he said.

It’s also tricky to get the checks to work properly, Felix Wilhelm, co-founder of Asymmetric Research, a crypto security firm, told DL News.

“For many vulnerabilities and real-life hacks, it is difficult or even impossible to write an invariant that detects the hack without also triggering under normal circumstances,” he said.

Wilhelm said runtime enforcement is an important part of protocol security. But it is typically used to detect anomalies, like an unusual flow of funds in a short timeframe.

“While helpful, this often serves only to limit impact or alert the team, rather than stopping the attack outright,” he said.

Many protocols are already adopting invariant checks.

Kamino, a Solana-based lending protocol, began checking for critical invariants using Certora Prover in March last year.

The XRP Ledger, the blockchain behind the $120 billion XRP token, has also implemented invariant checking. The blockchain’s developers said the checks are necessary because XRP Ledger is complicated, and there is a high potential for code to execute incorrectly.

“Invariants should not trigger, but they ensure the XRP Ledger’s integrity from bugs yet to be discovered or even created,” XRP Ledger developers said.

Tim Craig is DL News’ Edinburgh-based DeFi Correspondent. Reach out with tips at tim@dlnews.com.