as of 01/30/2023
The composability of DeFi enables Hatom Lending Protocol to connect with the rest of the ecosystem. However, it also exposes the protocol to financial contagion. Crypto assets used in the protocol affect it at its core, which safeguards its solvency. We investigate three levels to ensure a currency holds a reasonable risk.
First, we look at smart contract security and counterparty in governance. After that, we look at market risks that can be managed via the protocol’s parameters. If these risks are too high, the protocol will disqualify the currencies.
The risk scale ranges from the lowest risk A+ for the safest assets of the protocol (usually MultiversX) to the highest risk D-. The assets exposed to high-risk factors can be considered for integration.
Smart contract risk focuses on the technical security of a currency based on its underlying code. If one of the supported currencies is compromised, collaterals will be affected, threatening the solvency of the protocol. Projects must have undergone audits to be considered, yet smart contract risk is significant. Bug bounties can help, but they cannot be fully mitigated. We assess maturity based on the number of days and the number of smart contract transactions as a representation of use, community, and development. These proxies show how battle-tested the code is. Smart contract hacks have already resulted in billions of funds lost on other networks. Accordingly, tokens with the highest smart-contract risk (i.e., D+ and below) are extremely risky collaterals.
Counterparty risk assesses qualitatively how and by whom the currency is governed. We observe different degrees of governance decentralization that may give direct control over funds (as backing, for example) or attack vectors to the governance architecture, which could expose control and funds. The counterparty risk is measured from the level of centralization corresponding to the number of parties that control the protocol, the number of holders, and the trust in the entity, project, or processes. Currencies with a high counterparty risk below D+ cannot be integrated.
Market risks are linked to the size and offer and demand fluctuations. These risks are particularly relevant for the assets of the protocol: the collateral. If the collateral value decreases, it might reach the liquidation threshold and start getting liquidated. The markets then need to hold sufficient volume for these liquidations - sells, which tend to lower the underlying asset price through slippage affecting the value recovered.
We look at the average 24h volume representing the availability of the currency to assess liquidity risk:
The volatility risk is based on the normalized fluctuations in the currencies price and calculated as the standard deviation of the logarithmic returns:
This metric is in line with industry standards used by Gauntlet.
We look at these values at one week, one month, three months, six months, and one year.
Cryptocurrencies can be subject to sudden volatility spikes; it is not uncommon to witness 30% changes in price within a week or a month. When this is a price increase to protect our users, it might be followed by a parameter readjustment to limit the risks of new operations. Finally, we also consider the market capitalization representing the market size. Market risks are used for the calibration of the model’s risk parameters. The volatility helps define the required level of collateralization, the Loan to Value. The liquidity risks are contained by liquidation incentives: the liquidation threshold and bonus.
The historical data supporting the analysis is extracted from CoinGecko's API as of the 15th of January 2022 and is combined with on-chain data. The methodology to link historical data to risk factors has been formalized based on rigid criteria for each factor and rating.
The matrix below shows the figures used to quantify risks per factor. This table is based on historical data to which we have applied the above calculations.