An analysis of Ethereum’s decentralized finance ecosystem in Q2 2021.
The DeFi data, context, NFTs, tools, and trends
that defined Web3 in Summer 2021.
Why Web3?
Web1
Web2
Web3
This report covers the economic patterns made possible by verifiable decentralized networks. Starting with stablecoins, to collateralized lending and borrowing protocols, to NFTs and gaming, the Web3 ecosystem now represents an expansive ecosystem of new ways for creators and communities to monetize, and new models for internet-native communities to collaborate. Web3 is still nascent, which is why we cover the new types of Layer 2 networks built to offload execution of programmable smart contracts from the Ethereum base layer to improve speed and reduce transaction costs.
Smart contracts themselves are a new type of programming, and it takes careful diligence and review to ensure secure, gas-efficient smart contracts that reduce the risk of vulnerabilities, which we cover in our section on smart contract security. And finally, governments and regulators around the world are beginning to decide how to enforce existing regulations, protect investors, and categorize these new types of assets.
Number of unique wallets which bought or sold an NFT
Source: Nonfungible.com
Growth of stablecoins supply continues to be diversified on Ethereum with USDC and BUSD increasing market share at the expense of USDT. On Ethereum, which remains the dominant smart contract protocol for stablecoins, USDC has consistently grown its market share year to date.
BUSD’s market share expanded over the same time horizon, while DAI market share remained stable. USDC is quickly approaching USDT’s market share.
The stablecoin peg performance graph below shows that most USD-denominated stablecoins have been able to keep peg close to parity with the US Dollar, with only moderate volatility.
DAI exhibited more volatility relative to the rest, but DAI is collateralized by other digital assets like ETH, BAT, or USDC, whereas USDC has a harder peg since each crypto dollar is backed by a US dollar held in reserve. All stablecoins had minimum values below and above par.
Source: Crypto Compare
While stablecoins have been able to maintain peg with some volatility around parity, reserve assets backing stablecoins differ in credit quality and risk. For instance, USDT has significant exposure to commercial paper and corporate bonds relative to PAX and USDC, which are a source of credit risk.
DAI is a DeFi stablecoin that is overcollateralized by cryptocurrencies such as ETH, WBTC, and USDC instead of fiat.
Borrowing and lending in DeFi saw significant growth in terms of outstanding loans in Q3, reaching an all-time-high on September 6th, with approximately $24.7 billion worth of debt outstanding. This dramatic rebound in Q3 came after a precipitous drop-off in activity at the end of Q2, where total debt outstanding stood at around $14.3 billion.
Aave leads the DeFi lending protocols with outstanding debt on the protocol standing at $7.4 billion. Interestingly, the market foresaw Aave becoming the leading lending protocol, as the AAVE token has significantly outperformed leading competitor Compound’s COMP token. Furthermore, Aave has attained an approximately $4.6 billion fully diluted market cap while Compound lags behind at around $3.1 billion fully diluted market cap.
Approximately 68.2% of outstanding loans reside in DAI versus 21.9% for USDC, indicating a growing level of trust in the decentralized stablecoin. The increasing level of trust for DAI is likely driven by concerns over the SEC’s ongoing investigation of Circle.
User growth for leading lending protocols, Aave and Compound, both slowed in Q3. While Aave’s user base grew by 42% in Q2, from 46,588 total users to 66,083 total users, and grew only 16% in Q3 to approximately 76,909 total users. Similarly, while Compound’s user base grew by about 4% in Q2, from 311,581 total users to 323,759 total users, their user base only grew by 1.9% in Q3 to a total user base of 323,759. While outstanding loans overall have increased dramatically, user growth has not experienced the same exponential growth, meaning that the average debt outstanding per user dramatically increased in Q3. This fact could be driven by the market rally we experienced starting in Q3.
The DeFi ecosystem has experienced an unprecedented surge in volume in 2021 as more participants enter the market and more sophisticated financial instruments are built. Popular protocols like Uniswap, PancakeSwap, and SushiSwap are now generating well over $100 million in annualized revenue.
dYdX, a decentralized exchange that supports perpetual, margin trading, and spot trading, realized over $45 million in revenue during the month of September.
Currently, governance drives changes in most of the major DeFi protocols. Token holders vote on proposals, which range from propositions on how a protocol should allocate its treasury funds, to more specific details, like changing a collateral factor for an asset on Compound Finance.
Users can clearly see major upcoming changes in DeFi protocols by following the governance updates.
Synthetix
Out of any protocol, Synthetix has the most active governance by far. Every week, there are always multiple updates changing the various parameters tied to minting synthetic assets based on posted collateral. Furthermore, Synthetix often changes the fees associated with issuing synthetic assets on the protocol. This quarter, Synthetix introduced a dynamic fee that aimed to neutralize front-running, lower the target collateralization ratio on L2 from 900% to 750%, enable a new exchange function that allows users to atomically exchange assets without fee reclamation by pricing synths via a combination of oracles like Chainlink, DEX oracles such as Uniswap V3, increase L2 inflationary rewards to 50K, and introduce two new decentralized governance bodies.
Below are the top changes this quarter:
AAVE
While Synthetix offers one of the most active governance systems in all of DeFi, Aave’s governance typically deals with bigger proposals. This includes changing the liquidation bonus for the assets they support, adding support for the algorithmic stablecoin, FEI, enabling Gauntlet to analyze the value at risk (VAR) of supported assets, adding support for the DeFi Pulse Index (DPI), and extending liquidity incentives for Aave v2.
Below are the top changes this quarter:
Airswap
AirSwap token holders are compensated for creating improvement proposals and voting. After voting, participants are able to claim from a pool of collected protocol fees, proportional to the weight of their vote. In Q3, the community passed protocol fee allocations and standardized contributor circle funding.
Below are the top changes this quarter:
Uniswap
Similar to Aave, Uniswap also does not have an incredibly active governance process. This lack of robust governance could stem from the fact that a vote requires 40 million UNI backing it to pass, and that a user must have 2.5 million UNI to submit a proposal. The only significant governance proposal that was passed this quarter was upgrading their governance contract to Compound’s governor bravo contract.
Below are the top changes this quarter:
Compound
Compound, like Synthetix, also has an incredibly active governance process. Major updates include temporarily disabling COMP rewards, creating a whitelist for addresses that can always make proposals without needing to keep the 65K COMP threshold, and distributing DAI to users affected by the DAI incident in November, 2020.
Below are the top changes this quarter:
Of all crypto assets locked in decentralized finance, Ethereum represents 77% of total value locked (TVL) when compared against the other top 5 smart contract blockchains, each representing 10% or less. Following Ethereum, the leading contenders in terms of total value locked in DeFi have been Binance and Solana. As a result, other blockchains have taken notice and launched incentivization programs. This has shrunk the market share of Ethereum for newer Layer 1 protocols like Hedera, Avalanche, Fantom, Terra, and Celo for a combined valuation of $47 billion as of September month-end.
Total Value Loked by Top 5 Smart Contract Platforms
Source: DeFi Llama
Web3 needs Ethereum to scale, but the scaling landscape can be confusing for first-time users. Many scaling solutions are still in the research and development phase, and the technology is evolving with new solutions coming out monthly. The most secure scaling solutions are Layer 2s.
Layer 2 solutions are designed such that Ethereum can act as a referee in case of a dispute. Rollups — a subset of Layer 2s — are highly promising solutions given their scalability capabilities and inherited security through Ethereum. However, rollups differ due to design and implementation choices by the development teams. In the following section, we attempted to provide an analysis of the five most used rollups in Q3. The results of this analysis are snapshots of the current state — less of the future capabilities of those solutions.
We identified three dimensions tied to DeFi user needs for scaling: how much money is on the Layer 2 (also known as Total Value Locked or TVL), how many transactions occurred over the course of Q3 2021, how many unique addresses, and finally, the costs for transacting on the L2.
Keep in mind that most presented solutions here are in beta and not as decentralized, economic, fast, and secure as they plan to be in the future. Also, only Optimistic Rollups, Arbitrum, and Optimism, have block explorers, which means comparing data one to one can be difficult. For the costs of transactions we were only able to snapshot the current costs using various data sources.
Greater usage of a Layer 2 means better prices for DeFi users, less slippage, and typically more liquidity. Arbitrum as a universal Optimistic Rollup shows the most usage at the end of Q3 in all categories.
It is, however, closely followed by Optimism that has a very similar approach design-wise. For the single-purpose rollups built for decentralized exchanges, dYdX has by far the most usage with 480k daily trades.
TVL 5 biggest L2s in Q3 2021
Source: L2beat.info
Daily transactions on universal Layer 2s in Q3 2021
Source: arbiscan.io, optimistic.etherscan.io
Unique addresses on Layer 2s in Q3 2021
Source: arbiscan.io, optimistic.etherscan.io, metabase.dydx.exchange, Dune Analytics @Brecht, zkswap.info
Note: zkSwap currently lacks a block explorer which is why we have only one historical data point.
All Layer 2s are able to significantly reduce costs. Zero Knowledge (zk) rollups show more potential for reduction of transaction costs. However, in those cases dYdX, Loopring, and zkSwap v2 have a fixed percentage of the volume as trading fee which is only indirectly caused by the solution’s gas fees.
Yet, when it comes to transferring ETH, one can see that Loopring as a zero knowledge-based rollup is the cheapest.
Snapshot costs in $ as of 30th September 2021
Source: L2fees.info
ConsenSys is making it easier for developers and end users to begin using Layer 2 solutions. If you want to begin exploring Layer 2 DeFi, be sure to check out our guide on adding custom networks to your wallet. If you are developing a dapp on a Layer 2 like Arbitrum or Optimism, our Infura and Truffle developer tools now support both.
2021 has without a doubt been the year of the non-fungible token. From the advent of novel mechanisms for turning songs into financial assets, like Royal, to Snoop Dogg claiming to be the renowned NFT collector Cozomo de' Medici, you would be hard-pressed to have escaped the hype.
And the proof is in the pudding with sales totalling $10.7 billion for Q3 2021 — up eight fold from the previous quarter — across 33,985,609 sales.
Total number of NFT sales in Q3 2021
Source: Nonfungible.com
USD Volume NFT sales in Q3 2021
Source: Nonfungible.com
As the ecosystem matures, we're starting to see secondary sales now outnumbering primary sales ($17.5 million vs $16.4 million) across the quarter, highlighting that whilst new projects are still attracting attention, older projects have retained attention.
Yet primary sales remain strong, with over $16 billion in primary sales in Q3.
NFT Unique Buyers and Sellers
Source: Dune Analytics @hildobby
The platform largely facilitating this revolution is OpenSea, an NFT marketplace where users can buy and sell pieces from almost any NFT collection out there. And the transactions going through OpenSea speak volumes: in the record breaking month of August, the platform accounted for $3.16 billion of the total $3.25 billion in NFT sales volume. Interestingly, Nifty Gateway was the dominant NFT marketplace until April this year with OpenSea cementing its place as the go-to platform in Q2 and Q3 2021.
SuperRare, Foundation, and Hic et Nunc are other leaders in the NFT marketplace space, but they hold a comparatively small minority with OpenSea accounting for 97% of marketplace volume over the past quarter. Another contender to be aware of, this time from the traditional world, is Christie's, who surpassed $100 million in NFT sales in September 2021, with a recent NFT auction in Asia fetching $15.6 million in sales on 28 September.
NFT Unique Buyers and Sellers
Source: Dune Analytics @hildobby
Crypto communities have become an expressive place where users depict themselves in various avatars through their profile pictures. Chances are, you’ve seen these pixelated punks, bored apes, and adorable felines floating in the Twitterverse, which will soon be verified. This is no longer a fad for the crypto-natives. PFPs are going mainstream with celebrities like Jay-Z and Snoop Dogg buying and choosing Cryptopunks as their profile pictures on Twitter, payments company Visa adding a Punk to their collection, and society continuing to embrace this cultural bull market.
What started as a quirky art project has mushroomed into an entire crypto art movement. CryptoPunks are an internet artifact that inspired the ERC-721 standard which powers digital art and collectibles today. There are 10,000 unique CryptoPunks, with each boasting randomly generated attributes. These pixelated characters are a mix of guys and girls, rare zombies, apes, and aliens.
Since launch, Bored Apes have exploded in popularity, with NBA stars like Steph Curry now donning a Bored Ape profile picture on Twitter. With Bored Ape Yacht Club (BAYC) your Bored Ape NFT doubles, as does your Yacht Club membership and grants access to exclusive perks like mutant apes, 3D models, and graffiti board collaboration. This gated society demonstrates a successful attempt at creating private clubs where the NFT grants verifiable access.
Hailing from the minds behind CryptoPunks is this 3D voxel character project whose avatars can be used in games and the Metaverse. With a Meebit, you get access to additional asset packs which allow you to animate your NFT for a more entertaining experience. Whether you want to dance in Decentraland, perform stunts in your gaming world, or 3D print your avatar for a tangible decoration, Meebits’ customization and flexibility allow you to direct your Metaverse journey to your liking.
The surge in PFP NFTs also indicates a broader cultural movement. Trading JPEGs seem to be steered by the cultural and symbolic value inherent in these creative interactions instead of exchanges governed by pure utility. PFP NFTs allow people to signal status, build community, and encourage artistic expression. Larva Labs and Yuga Labs’ Hollywood deals suggest projects like CryptoPunks, BAYC, and Meebits will gain even more media exposure through film and television. Owning one of these NFTs doubles as your ticket to internet native social clubs, which continue to grow in size daily.
Total Value Loked by Top 5 Smart Contract Platforms
Source: DeFi Llama
Because NFTs are inherently composable with other Ethereum smart contracts and protocols, they are suitable for financialization. We look at three main types: collective bidding, fractionalization, and using NFTs as collateral for loans.
First up is PartyBid, a product that allows you to team up with friends to collectively bid on NFTs. By pooling together funds consumers can acquire higher value pieces that wouldn't otherwise be possible (like CryptoPunks).
Not only does this act as a cool way to buy beyond your means and to build an NFT collection with friends, but it gives users access to some of the most exciting projects on the market, with potentially higher returns. This innovation is only made possible by the digital nature of NFTs, whereby people across the world can enjoy ownership of the same digital good without the difficulty of physically sharing something like a piece of art. In one special case, that has even meant partial owners of one CryptoPunk were airdropped part of another rare CryptoPunk, for free.
A variation of this is the fractionalisation of NFTs, where companies like Fractional allow you to bid for and buy fractions of an NFT. The total bids from all users amount to the total sell price, with fractions of the NFT dolled out depending on the amount you invested. Fractional plays on the same premise as PartyBid, with the exception of getting strangers involved for increased purchasing power. Not only does this democratize ownership on a greater and more global scale, but it improves the chances that artists and content creators can monetize their work in a capital efficient manner.
Lastly, we have platforms like NFTfi that are offering NFT collateralized loans. By putting up any ERC-721 token up for collateralization, other users can begin offering you a loan. Once accepted, the ETH gets paid to you and the NFT is locked in the NFTfi smart contract, only to be returned once your loan is paid. If you can't pay back the loan then the NFT is then transferred to the lender. NFTfi has already supplied nearly $4 billion USD in loans.
Whilst this is simple in theory, in practice there are a few risks to be aware of. Firstly, smart contract risk is prevalent in the industry, whereby hackers identify a flaw in the code and are able to steal the funds or NFTs locked into the contract. A recent example of this is Poly Network, which had $600 million worth of assets stolen through smart contract flaws. Another risk is loan to value ratio, where the value of the NFT may fluctuate greatly, potentially leaving the NFT used as collateral to be worth much less than the loan. This risk is particularly high for longer term loans, especially given the nascent state of the industry. Lastly, many NFT projects have low liquidity, which may give them an artificially high floor price as sellers do not want to sell cheap, but buyers are not active. This can lead to lenders mispricing the NFT that is being used as collateral; if the loan defaults they may receive an NFT of lower value than they had bargained for. In summary, projects like NFTfi are yet to have had smart contract exploitations, but that’s not to say they won’t in the future, and if you’re looking to borrow, always be wary of the NFTs used as collateral.
Source: Dune Analytics @masonnystrom
Organizations’ interest in DeFi continued its upward trajectory this quarter as well. While DeFi applications have been around since 2017, organizations started adopting the digital asset class in 2020.
This interest could be attributed to the exceptional investment returns offered by DeFiand the rise of crypto custodians to facilitate participation. Here are five factors for organizations to consider before engaging in DeFi.
Access
Access to DeFi can be gained through two methods: indirectly via centralized crypto exchanges and directly through DeFi wallets. The latter choice provides access to a large number of DeFi tokens and protocols, as compared with the often limited choice of DeFi tokens available on centralized exchanges. MetaMask, for example, is integrated with almost all DeFi protocols, offering access to over 17,000 venues for trading, staking, lending, borrowing, derivatives, and more.
Custody
Access goes hand in hand with risk management. Organizations must access DeFi in a way that aligns with safety, security, and operational requirements. This entails the institutional requirement of storing private keys, most often held on Hardware Security Modules (HSMs) or Multi-Party Computation (MPCs) custody tech and qualified custodians.
Monitoring
When crypto trades are executed on centralized exchanges, it is easier to keep track of all transactions. Accessing DeFi tokens and protocols through the direct access route makes it difficult to track assets, yields, and risk in one place. However, many DeFi wallets help solve this problem by displaying these metrics directly in the wallet.
Reporting
When fund administrators invest money on behalf of their clients, they need to report metrics like total return performance and capital gains. Since DeFi is a nascent investment space, fund administrators may not yet fully understand all the jargon, conventions, technical details, and reporting. This may make reporting performance to their clients difficult.
Regulation and Compliance
With any investment product that is new and innovative, financial regulators take time to understand its scope and develop mechanisms to safeguard investor interest. DeFi by its very architecture is distributed and decentralized, and cannot be regulated in a single jurisdiction. Therefore, it presents further challenges to regulators since “its activities are not confined to individual institutions, intermediaries, or jurisdictions that can be regulated in silos,” according to an EY report.
With any investment product that is new and innovative, financial regulators take time to understand its scope and develop mechanisms to safeguard investor interest. DeFi by its very architecture is distributed and decentralized, and cannot be regulated in a single jurisdiction. Therefore, it presents further challenges to regulators since “its activities are not confined to individual institutions, intermediaries, or jurisdictions that can be regulated in silos,” according to an EY report.
Of the above considerations, custody in particular is integral in the world of institutional crypto. For crypto funds, market makers, and trading desks to access DeFi, they need to meet several safety, security, and operational requirements. This is where custodians step in.
Custodians are organizations that hold and move cryptocurrencies on behalf of clients. Think of a custodian as a gatekeeper who ensures the safety of your tokens, and your private keys. Apart from holding the tokens, custodians also approve and facilitate crypto transactions on behalf of fund managers. Most often, crypto funds require that private keys are held on Hardware Security Modules (HSMs) or Multi-Party Computation (MPCs) custody tech and qualified custodians.
MetaMask Institutional recently partnered with three leading custodians: BitGo, Qredo, and Cactus Custody to ensure that investors have complete access to DeFi and Web3, while satisfying the most rigorous institutional requirements. These partnerships respond to different needs of organizations, from small crypto startups and DAOs to multi-billion dollar crypto funds.
AUM BitGo: $40B
BitGo is one of the oldest crypto companies and was part of the crypto sector’s first billion-dollar deal earlier this year. The custodian was acquired by Galaxy Digital in a deal worth $1.2B. BitGo was also rumoured to have been courted by PayPal, however that deal fell through. BitGo was founded in 2013, and currently has over $40B in assets under custody. The custodian pioneered the multi-signature wallet and is the first digital asset company to focus exclusively on serving institutional clients.
AUM Cactus Custody: $10B
Cactus Custody™ is a trust company based in Hong Kong with over $10 billion USD in assets under custody. It is the third-party institutional custody service provided by Matrixport, Asia’s fastest growing digital assets financial services platform. Cactus Custody™ offers cold and warm storage, enterprise crypto management features, and DeFi connectivity for miners, corporates, funds, and projects.
Qredo
One of the features that differentiates Qredo from its counterparts is its use of Multi-Party Computation (MPC), which allows Qredo to enable transactions without requiring private keys. This feature makes transactions on Qredo more secure since the risk of private keys being compromised is removed. Qredo supports institutions—from small-cap crypto funds to global asset managers—that are very active in their DeFi yield farming. Its Layer 2 blockchain also enables seamless, low-cost access to a growing ecosystem of cross-chain trading and liquidity opportunities.
In Q3, Fireblocks, a crypto custodian, created a proposal for the Aave Governance community to approve the appointment, adoption, and authorization of Fireblocks LLC, as a “Whitelister'' for one or more deployments of Aave Arc.
Whitelisting is the gatekeeping function performed by whitelisters on users of Aave Arc and refers to the process of conducting KYC/KYB checks on the user, onboarding the user with appropriate disclosures, terms, and conditions, and granting specific permissions (e.g., borrow, supply, liquidate) to the Ethereum wallet addresses provided by the user.
If the proposal passes, Aave would provide institutional investors with strict regulatory requirements with access to DeFi protocols. The permissioned solution would offer private pools of funds where only participants who pass KYC/KYB can enter the pools, on both the lending and borrowing sides. Institutional investors have to consider the risk based compliance process when investing in DeFi. In order for custodian to be whitelisted for Aave Arc, it needs to meet certain conditions: (a) a licensed/registered entity in its operating jurisdiction; (b) subject to KYC/KYB principles in accordance with FATF guidelines; and (c) required to adopt, and has adopted, a robust AML/CFT compliance program.
One of the potential issues is the difference in yields between permissionless and permissioned pools. The private pools may end up with different yields to the public pools, since participation is restricted. However, participants with access to both the private and public pools, could arbitrage the difference and market inefficiency which could help to ensure the private pools maintain similar interest rates.
The "metaverse" as a term officially entered the popular lexicon in Neal Stephenson’s 1992 science fiction novel Snow Crash where he used the term to describe a virtual reality-based successor to the Internet. The word is used to describe the concept of a future iteration of the Internet, made up of persistent, shared, 3D virtual spaces linked into a perceived virtual universe. If you want to experience a "metaverse" for yourself, you can check out ConsenSys' headquarters in the Ethereum-based world, Decentraland.
One of the clearest examples of the Metaverse in the context of the blockchain is the concept of play-to-earn gaming. The traditional model of gaming back in the days of “Age of Empire” was simple: consumers had to pay a fee in exchange for the “playing” experience. While money is typically required to play metaverse games, the revenue model continues to change and is no longer as simple as it was.
With Facebook’s rebranding to Meta, the term is increasingly getting misused, but the idea in Web3 is that products and objects that you can collect in one virtual world can move across to other virtual worlds via tokens built on collectively-owned protocols. Let's dive into some of the bigger projects in the Metaverse space to add some color.
Source: Nonfungible
Note: Chart only includes Axie Infinity sales from Axie Marketplace
Data as of Apr. 1, 2021
During Q3 the play-to-earn industry grew enormously. Standout games and economies were Axie Infinity, ZED Run, Sandbox, and Yield Guild Games.
Sky Mavis, creator of Axie Infinity, raised $152M at a valuation of nearly $3 billion USD. Axie Infinity is a game in which players collect Axies which can battle, perform tasks, and breed to create more Axies of varying value and rarity.
The ultimate goal of the game however is to obtain SLP (smooth love potion) tokens which can be sold. Axie creatures themselves can also be traded as ERC-721 NFTs. In the third quarter of 2021 alone, Axie Infinity generated more than $720M dollars through NFT trading.
Axie Infinity currently boasts over 300,000 daily active users (DAUs), an increase of more than 30x since the beginning of the year. Furthermore, growth in their Discord has gone parabolic, making them one of the largest Discord servers globally.
Axie Infinity's monthly revenue in July surpassed $23 million, double June's revenue numbers. Axie Infinity’s revenue in January was only $100,000. This informal market has grown into a formal play to earn financial services. Users in the Philippines are quitting their jobs and making 10x their income playing Axie.
Source: Axieworld
Another of the largest and most prominent companies creating this financial services ecosystem is a project called Yield Guild Games, who recently announced a raise of $4.6 million USD, led by a16z . Since 2020 they have been accumulating yield producing NFTs and stakes in great gaming protocols and projects.
YGG recently released its treasury report where they list new partnerships, acquisitions, scholarship updates, and examples of games they invested in. All of these games focus primarily on NFTs - assets that can operate, loan, trade, and sell. This short documentary shows how the play to earn economy is growing and transforming the lives of people participating.
One of the most developed virtual worlds in the Metaverse is Decentraland — a world created and owned by the users. It's a place where users can create an avatar, interact with friends and strangers, build houses on your own digital plot of land (known as LAND), or simply check out an art shows. To start building, people can purchase a parcel of LAND, either from Decentraland if unsold, or from someone else at a price they determine. And just like real-world real estate, the more coveted the spot the higher the value, with some plots fetching up to $900,000.
The world itself is fueled by NFTs, which make up the majority of in-world items, from the plots of land to the clothes avatars wear. In effect, the world acts as the building blocks for the virtual world of the future, allowing users to build and monetize the services they create. Currently the median price for a Decentraland NFT sits at almost $5,000, and the average weekly sales across Q3 totaled $772K across an average of 300 sales.
Loot has been another stand-out NFT project in the last quarter. At its core, Loot consists of a unique list of items that you would expect to find in a game. The hitch is that the NFT is just that: nothing more than a list of words, with no item specs, appearance, or traits, other than what your imagination can put together. The genius behind the concept lies in the community's reaction to the Loot bags as their price began to rocket. Community members flocked together to create artwork for the items and derivative projects like Loot Realms where adventurers, equipped with their Loot gear, can explore.
It's effectively NFT improv, with the community collectively building out a virtual world limited only by their coding ability and imagination. The reason this has been revolutionary is that it sets the scene for future builders of the Metaverse. With collective contributions we can build worlds based off of the smallest of starting points into the most diverse and elaborate worlds imaginable.
Smart contracts hold large amounts of digital assets. As with anything that holds value, there are inherent risks that must be mitigated at every stage of development. In addition to continuously securing one’s own smart contracts, it is imperative that smart contracts interacting with other smart contracts (external calls) are secure as well.
The development cycle does not stop once the first iteration of a smart contract is deployed. An ongoing security strategy ensures that smart contracts are continuously well protected against vulnerabilities.
Q3 witnessed two of the biggest hacks in the history of blockchain. Both networks were unaudited after state changes.
August 10th saw the largest crypto hack ever on Poly Network, with over $611M USD hacked. In an interesting twist, the hacker returned the vast majority of the funds ($578M USD) and has been offered a position as Chief Security Advisor to the Poly Network.
Compound lost $147M USD on September 29th because they failed to do a security check on their updated Compound Controller. This of course, could have been prevented with constant diligence and security checks.
ConsenSys Diligence has a multilayered smart contract security that promotes continuous security checks on smart contracts.
Smart contract developers want to minimize risk and maximize productivity. Using layers of security minimizes the risk of being hacked from the beginning of the smart contract development cycle by identifying and solving issues as soon as they are detected.
This will, in turn, maximize productivity and the likelihood of not rewriting your smart contracts. Prevention is better than the cure, especially when millions of dollars are at stake. ConsenSys Diligence offers security tools, or layers, for each step of the development cycle.
MythX is an automated security analysis tool that performs static analysis, dynamic analysis, and symbolic execution. It finds known vulnerabilities and generates a detailed report with a summary of all the issues, including the source lines where they can be found. MythX is the first layer in your security strategy to find vulnerabilities in your smart contracts. It has the lowest barrier to entry as you can simply get started by creating a free account on the MythX website. It can be used continuously through your development cycle. Using an automated, easily accessible tool like MythX will eliminate avoidable vulnerabilities, and maximize productivity by preventing smart contract rewrites at a later stage.
Scribble is a prerequisite for Fuzzing. It is a specification language for writing properties specific to your smart contract as well as a runtime verification tool to turn Scribble properties into concrete Solidity assertions. Scribble allows other tools such as your existing test suite, fuzzers, and symbolic executors to automatically test the properties. Scribble is the second layer of your Diligence security strategy. This product finds vulnerabilities by inserting Solidity assertions to check your specification. Scribble can detect bugs that your test suite doesn't have the Solidity assertions to detect. Using Scribble easily documents your code and enhances your test suite with extra checks.
Diligence Fuzzing enables users to find bugs immediately after writing their first Scribble property. Fuzzing uses the grey box fuzzing technique that automatically tests Scribble properties. Fuzzing is the third layer and ideally should be used continuously after you’ve written your Scribble properties. Fuzzing brings a significant improvement to the security of your smart contracts. The Fuzzer minimizes risk, and checks that your smart contracts are doing what they should be doing through the execution of millions of intelligently selected inputs.
Diligence’s 1- Day Spot Checks are 8 hours of a high-level review of your codebase. The goal is to find any overarching design inconsistencies. Our team of auditors makes recommendations on how to better integrate security into your overall system design patterns. Spot checks are a very time-limited review that are intended to be a preliminary check before a full manual security audit. Spot checks should be the penultimate layer of your security strategy in preparation for a full manual security audit. Spot checks are no longer offered as a standalone service. Spot checks help to identify design inconsistencies in preparation for an audit and are complementary to MythX, Scribble, Fuzzing, and a full audit.
Last but not least, the Full Manual Security Audit is an in-depth code review with our veteran smart contract security auditing team who will manually double-check your code to identify vulnerabilities. A full manual security audit is the final layer of your security strategy. A human auditing your code prevents potentially catastrophic vulnerabilities after launch. Audits are most valuable when you’ve used other security tools in conjunction like MythX and Fuzzing to prepare for your audit. Skipping an audit means you may end up on rekt.news.
Regulatory news mirrored the rapid crypto bull market pace in Q3, and we’ll break down the following highlights: Wyoming Blockchain Bill and DAOs, FATF Guidance - Part 2, Regulatory Turf Wars, and the US Infrastructure Bill.
On July 1, 2021, Wyoming’s Decentralized Autonomous Organizations (DAO) Bill came into effect recognizing DAOs as a type of Limited Liability Company. DAOs are entities owned and managed by their collective membership with no central authority and operating through smart contracts that automatically execute whenever a specific set of criteria are met. The bill created a supplement to Wyoming’s existing Limited Liability Company Act providing rules for the creation and management of a DAO. Special provisions allow the company to be althorigamically managed (either in whole or in part) by smart contracts and also provides definitions and baseline requirements for DAO formation, management, voting rights, membership interests, operating agreements, member withdrawal, and dissolution. This type of legislation makes it easier, more cost-effective, and provides legitimacy to such DAO projects. Within days of the bill going into effect, Wyoming approved legal status for a DAO — the first in the United States.
The Financial Action Task Force (FATF) issued its second 12-month review of Virtual Asset Service Provider-related standards in which it analyzed trends relating to crypto middlemen (i.e. centralized exchanges) and P2P transfers. Using data provided by blockchain analytics firms, FATF concluded that the percentage of P2P transactions is not going up relative to middleman-enabled transactions in any meaningful sense. This meant that there has not been a “strong move towards P2P transactions” over the last five years, but that observation focused more on how bitcoin and tether were transferred, as opposed to ether. In fact, the report noted that “there are significant differences” between how the three tokens are used in relation to VASPs and P2P transactions, and predicted that “future virtual assets may have different profiles in terms of their P2P usage.” The FATF’s final report is expected in October, in which it may focus its guidance on VASP middlemen as opposed to P2P transfers. This guidance is expected to be adopted by financial crime enforcement agencies around the world in the next year or two.
US regulators continued focus on crypto. SEC Chairman Gary Gensler said the cryptocurrency space can only exist within a public policy framework, not outside of one. Gensler’s position is that, while not all tokens would qualify as a security, hosting the trading of many tokens means it is very likely that at least one if not more are securities. Any securities on a trading platform requires that platform to register with the SEC. Meanwhile, before resigning his post, CFTC Commissioner Brian Quintenz took exception to the SEC’s calls for broader authority by stating on Twitter, “Just so we’re all clear here, the SEC has no authority over pure commodities or their trading venues, whether those commodities are wheat, gold, oil….or #crypto assets.” The CFTC also saw an update in its commission leadership, with Rostin Behnam nominated as Chairman, as well as two additional commissioners, one of whom has taught a law school course on cryptocurrency. In addition to a growing turf battle between the SEC and CFTC over jurisdiction, the Biden Administration has taken aim at ransomware in part by adding “specific targets” to the list of sanctioned entities with which any US-related person or entity cannot legally conduct any transactions. The Office of Foreign Assets Control sanctioned a crypto exchange for the first time for facilitating crypto currency transactions in ransomware attacks.
In late July, the Senate considered and ultimately passed an amendment to the US tax code that would require “brokers” of digital tokens to report to the IRS the crypto trading transactions that they facilitate. The amendment was included in a massive infrastructure spending bill that had broad bipartisan support. Given the breadth of the term “broker,” the crypto industry mobilized and demonstrated its political strength, but ultimately was unable to prevent the measure from passing the Senate. The bill remains in the House where it has yet to come to a vote. In addition to the problematic broker reporting requirement, the amendment includes a general reporting requirement which would obligate anyone receiving digital assets to verify the sender’s personal information and reporting that information to the government within 15 days of the transactions, under the penalty of perjury that the information was correct. Crypto advocates and allies in Congress have been lobbying hard to remove both amendments from the final infrastructure bill. Moreover, there remains a chance that the House will vote down the infrastructure bill altogether.
2021 has already proved to be the most pivotal year in DeFi and crypto regulatory news yet, and we anticipate that trend to continue. We have seen a shift in regulatory approach, in conjunction with mainstream adoption, from an educational exploration about the technology and the instruments to an effort to establish regulatory authority with various agencies jostling for position.
MetaMask is a crypto wallet and gateway to blockchain apps. Trusted by 20 million monthly active users worldwide, you can start exploring decentralized applications in seconds. Available as a browser extension and as a mobile app, MetaMask equips you with a key vault, secure login, token wallet, and token exchange—everything you need to manage your digital assets. MetaMask provides the simplest yet most secure way to connect to blockchain-based applications. You are always in control when interacting on the new decentralized web. MetaMask generates passwords and keys on your device, so only you have access to your accounts and data. You always choose what to share and what to keep private.
The global NFT market has emerged as a significant and growing subsegment of the digital assets market in recent months, with a gross transaction value of $370 billion. At ConsenSys, we leverage our deep understanding of the NFT market to build a white-label NFT experience for your lifestyle brands, sports, and gaming organizations. Check out our NFT solutions.
Crypto exchanges and exchange aggregators need reliable infrastructure to access this data, in addition to scaling capabilities in order to meet large request volumes. The Infura API suite helps cryptocurrency exchanges like Uniswap and exchange aggregators like Paraswap meet the data demands of their users, with easy integration and high volume scaling capabilities.
ConsenSys is the leading Ethereum software company. Our mission is to unlock the collaborative power of communities by making Web3 universally easy to use, access, and build on. Our product suite, composed of Infura, Quorum, Truffle, Codefi, MetaMask, and Diligence, serves millions of users, supports billions of blockchain-based queries for our clients, and has handled billions of dollars in digital assets. Ethereum is the largest programmable blockchain in the world, leading in business adoption, developer community, and DeFi activity. On this trusted, open source foundation, we are building the digital economy of tomorrow.
.jpg)
.png)
