CertiK is launching a Security Leaderboard live AMA series featuring some of the top DeFi projects featured on Certik.org. While we’ve made our name providing industry-leading pre-deployment smart contract auditing, dozens of projects also utilize our end-to-end security solutions to safeguard their platforms and investors’ funds.
We’re kicking off a series where we’ll check back in with some of these projects we’ve worked with in the past. We’ll hear about how the auditing process went, how far the project has come since its deployment, as well as anything and everything blockchain and security-related that comes up.
First up is Multiplier Finance. Multiplier Finance is a fork of AAVE that brings lending and borrowing capabilities to Binance Smart Chain. Users can utilize flash loans for cross-chain lending, earn yield on their deposits, and borrow against collateral assets. Multiplier Finance currently has more than USD$28M worth of assets locked, a figure which has grown exponentially since their launch in January 2021.
CertiK has audited Multiplier Finance twice. We’re excited to get together with the team to hear project updates and their experience with the CertiK auditing process.
CertiK’s Aaron Leibowitz was joined by Yewnan — Multiplier Finance’s CTO — and Vinish — Head of Risk — to discuss the auditing process and how CertiK’s security suite has enabled their rapid growth.
<iframe width=”560" height=”315" src=”https://www.youtube-nocookie.com/embed/xMdqmx6cMxE" title=”YouTube video player” frameborder=”0" allow=”accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture” allowfullscreen></iframe>
The AMA started off with an introduction of Multiplier Finance and the specializations that Yewnan and Vinish bring to the project. Vinish was previously a foreign exchange trader before moving to a crypto arbitrage firm. These roles prepared him well for his job at Multiplier where he oversees tokenomics, liquidity, and overall financial risk metrics.
As CTO, Yewnan brings more than two decades of experience in the IT and gaming industries. At Multiplier, Yewnan has a hand in all technical aspects from smart contracts to front-end design, and he works closely with quality assurance and external auditing firms like CertiK.
Yewnan and Vinish explain that their transition from centralized finance to decentralized finance was largely motivated by the rapid rate of change in DeFi. Regulation was stifling innovation in centralized finance and the level of friction between products and services was much higher than in the decentralized ecosystem.
Security is of paramount importance in DeFi and CertiK provides a number of security solutions that safeguard protocols. Auditing is the first step, as it allows smart contract bugs and vulnerabilities to be discovered before deployment. CertiK has audited Multiplier Finance twice, and Yewnan remarks on the streamlined auditing process. Feedback and recommendations are provided quickly, giving teams time to update their code even on the tight deadlines that characterize DeFi.
Multiplier Finance took the additional step of protecting their users with a CertiKShield. This currently provides 80,000 CTK (~$180,000) of protection to users via the CertiKShield decentralized risk sharing protocol. A CertiKShield provides invaluable peace of mind to investors as well as project owners, who can rest safe in the knowledge that their reputation will be protected even in the event of a protocol hack or exploit.
Shields are available for DeFi projects on all Layer Ones. Multiplier, for example, transitioned from Ethereum to Binance Smart Chain when it became clear that BSC’s lower fees were opening up opportunities to users who would otherwise have been priced out of transacting on the Ethereum base layer.
Next up is a discussion of the risks and benefits of flash loans, a capability which Multiplier is bringing to BSC. Flash loans are notorious for the damage they’ve caused to protocols that did not adequately protect themselves from this risk. Many of the exploits that drained more than half a billion dollars from DeFi protocols in 2020 were done using flash loans. As a blockchain security firm, at CertiK this is a functionality with which we’re very familiar.
However, flash loans are not inherently malicious. They merely grant any user the power to become an extremely well-capitalized actor within the space of one block.
Flash loans can be used for good, such as facilitating trustless migration (like in AAVE’s v1 to v2 migration tool), more efficient arbitrage, and essential DeFi functions like liquidation and collateral swaps.
In light of all this, the team at Multiplier was pleasantly surprised by the warm welcome they received when bringing flash loans to BSC. Hopefully this is a sign that the industry is maturing and responding to the risks posed by improper security in a constructive way.
By protecting against flash loan exploits, DeFi protocols are hardening their product in a future-proof manner. This raises the standard of security across all of DeFi and prepares the space for the influx of money many are crossing their fingers for.
Back to Multiplier, Vinish explains the purpose of the project’s two tokens and their differences. The MXX token is Multiplier’s Ethereum-based ERC20 token, while bMXX is native to BSC. These two tokens are pegged at a 1:1000 ratio. Multiplier provides an Ethereum-Binance bridge, where users can swap their MXX tokens for bMXX. In an effort to get more users onto the lower-fee BSC Multiplier platform, this is a one-way bridge.
Multiplier incentivizes users to migrate with its community reward program. This is done in part via liquidity mining rewards on PancakeSwap and BSC yield optimizers like AutoFarm and Beefy. There are also incentives for governance proposals and participating in ongoing marketing campaigns. This multi-pronged approach is helping to bootstrap the newly-launched protocol, with the goal of getting as many bMXX tokens in the hands of users as possible.
In response to a question from the audience, Vinish speaks generally about the state of the market and the excitement he has for the future of the industry. The Bitcoin bull run is not just reflected in the price of one asset, investors’ expectations and ambitions echo across the whole crypto industry and bring everything up. All in all, it’s an exciting time to be in DeFi.
For more AMA sessions with top DeFi and crypto projects, keep an eye on our social channels.
🌏 Auditing and Pen test Website: https://certik.io/
🌐 Skynet & CertiKShield Website: https://certik.org
🐦 Twitter: https://twitter.com/certik_io
🐦 Twitter: https://twitter.com/certikorg
💻 Github: https://github.com/CertiKProject
📚 Medium: https://medium.com/certik
✉️ Telegram: https://t.me/certikfoundation