The composability of DeFi enables the Aave Protocol to connect with the rest of the ecosystem; however, it also exposes the protocol to various ecosystem risks. Tokens used in the protocol affect the protocol at its core (specifically tokens accepted as collateral which safeguard the solvency of the protocol). At least three different aspects of risk are important to assessing whether an asset exposes the Aave Protocol to undue risk: smart contract risk, counterparty risk, and market risk.
First, the Aave community must look at smart contract security and any risk presented by counterparties within the token’s protocol governance. If the risks are perceived to be unreasonably high, the tokens in question should be disqualified from usage within the aave protocol or be listed in Isolation Mode. Then, the Aave community should continuously monitors risks, in particular market risks, which can be managed via the protocol’s risk parameters.
The following risk scale is created by Aave team as a reference guide, which can be used by the Aave community, for asset risk analysis.
Risk scale ranges from lowest risk (A+) for the safest assets of the protocol (e.g., Ethereum) to the highest risk (D-). The assets exposed to high risk factors may still be considered for integration; however, they should not qualify as collateral or be limited to Isolated mode to shield solvency of the protocol.
The historical data can be quantified in three different aspects of market risks as follows:
- Smart-contract Risk: quantified by Days, Transactions
- Counterparty Risk: quantified by Holders, Permission
- Market Risk: quantified by Market Cap, Average Volume, Normalized Volatility
These ratings are calculated per sub-factor and then aggregated via a rounded up average to account for diversification benefits.
Risk Quantification Criterion
Smart contract risk focuses on measuring the technical security of the underlying code for any asset. Only code for assets that have undergone rigorous audits by well-respected auditors are appropriate for the Aave protocol. Beyond audits, smart contract risk remains (i.e., it can never be eliminated fully) and users must be vigilant in assessing such risk. Bug bounties can be used to help reduce smart contract risk. The maturity of any code can be assessed based on the number of days and the number of transactions with a particular smart contract — use, community, development and, in some instances, reliability are proxies for how battle-tested the code is.
Smart contract hacks have already resulted in billions of funds lost. Accordingly, tokens with the highest smart-contract risk (i.e., D+ and below), are extremely risky collaterals. They should only be onboarded with strict risk mitigation such as supply caps or isolation mode.
Counter-party risk assesses qualitatively how and by who the asset is governed. There are different degrees of governance decentralisation that may give direct control over funds (e.g., as backing) or attack vectors to the governance architecture, which could expose control and funds. Counterparty risk is determined by the level of centralisation, which is measured by the number of parties that control a token’s protocol, as well as the number of holders and the level of trust in the entity, project, community or processes.
Market risks are linked to the size of a particular asset pool in the protocol, as well as fluctuations in both supply and demand. The markets need to hold sufficient volume to account for any liquidations in the particular pool (i.e., sell offs which tend to lower the price of the underlying asset through slippage affecting the value recovered).
Market risk assessments should use average daily volume representing the availability of the asset to assess liquidity risk: E[volume]
These values should be assessed at the following intervals: 1 week, 1 month, 3 months, 6 months, and 1 year.
Tokens can be subject to sudden volatility spikes, and it is not uncommon to witness a 50% price change within a week or a month. When a price increase occurs, a parameter readjustment may be implemented to limit the risks of new operations.
Finally, we also consider the market capitalisation representing the size of the market and potential exposure.
Tokens with scores of D+ or below in any of these categories are very risky, which makes them poor quality collaterals. They should only be onboarded with strict risk mitigation in place either as borrow only or as collateral with a Supply or in Isolation Mode, which restricts them only back Isolated Stablecoins.