- The amount of money investors on BNB Chain lost last year dropped by 85% compared to 2022.
- AvengerDAO is claiming responsibility for the marked year-over-year drop in lost funds.
- The number of attacks continues to rise in the face of the DAO's efforts to protect its community.
AvengerDAO has been working hard at keeping crypto users safe.
Now, that hard work appears to have paid off, the group claims in a new report.
BNB Chain’s community-led security team says it’s reduced DeFi losses on the $3.5 billion blockchain in 2023 by a whopping 85% compared to the year before.
“[We] focused on protocols with the most liquidity like PancakeSwap and increased [the] number of security reports,” a member of the BNB Chain core development team told DL News. The DAO, or decentralized autonomous organization, notifies users via real-time reports of any potential threats on the network.
PancakeSwap is BNB Chain’s biggest DeFi protocol, boasting $1.5 billion in user deposits. Like Uniswap, it’s a decentralised exchange where users can swap tokens, including those linked to potentially fraudulent projects.
While BNB Chain trails Ethereum in terms of investor deposits, it has more daily active users, per data from the on-chain data platform TokenTerminal. The network’s popularity hasn’t been without its headaches, however.
Per another report by Solidus Labs, 12% of all tokens on BNB Chain were labelled as scams as of the end of 2022. The security firm also indicated that “8% of all Ethereum tokens are programmed to execute rugpulls.”
BNB Chain responded by launching the AvengerDAO — a community-based security team tasked with monitoring the network. Members include Binance, BNB Chain, and blockchain security outfits such as CertiK, SlowMist, and BlockSec.
BNB Chain’s claim to fame
BNB Chain came to the fore in 2021 when PancakeSwap began gaining market share during DeFi summer, a Cambrian explosion for decentralised apps that saw investor interest spike as high as $177 billion across all chains at its peak in May 2021.
The blockchain’s low network fees offered a viable alternative to Ethereum, which was plagued by high transaction fees at the time.
This increase in investor interest was accompanied by more than $833 million lost on the network via security incidents in 2021. The following year was even worse for investors, with losses topping $1.1 billion.
That number fell to $161 million last year, indicating losses plummeted by 85% between 2022 and 2023. That drop also occurred in parallel to a hefty drop in overall value, as measured by total value locked, in DeFi during the same period.
And though the dollar-figure losses have dropped, there’s still been a 44% increase in the number of attacks.
”The total number of attempted hacks and scams did not actually decrease last year,” the team told DL News. “AvengerDAO worked hard to alert the community as early as possible so that users would not participate in potential scam projects,” the team said.
By comparison, Ethereum, the largest DeFi blockchain, had over $1 billion in security-related incidents, the report said.
Ethereum’s DeFi market is nine times larger than BNB Chain, with almost twice as many protocols.
The rug pull problem
Despite the gains achieved last year, so-called rug pulls continue to plague blockchain networks, including BNB Chain.
Rug pulls happen when the creator of a project withdraws all or most of the liquidity, including the deposits made by investors, leaving tokenholders in the lurch.
“The most financially damaging attack vector belongs to rug pulls, with $49 million in 165 incidents,” the AvengerDAO report stated.
More than 70% of all alleged rug pulls in the first quarter of last year happened on BNB Chain, blockchain security firm Immunefi reported in April. This figure dropped by 75% as of the end of the third quarter of the year, according to AvengerDAO’s report.
The security DAO can only do so much. User safety also lies in the hands of investors.
The BNB Chain core development team said blockchain security is a collective responsibility of all participants, not just security researchers.
“A lot of developers still lack basic Web3 security knowledge,” the team said. “[But] we have also observed that users are doing more of their own research before participating in projects.”