Decentralized Finance (DeFi) is a fast-growing blockchain-based movement that offers the fundamental benefits of transparency, security, immutability, and efficiency over the traditional financial system. It’s on pace to augment conventional financial services as fintech organizations are beginning to integrate blockchain tech into their existing apps and services. But there’s a learning curve as users navigate their way through the new DeFi technology.
The sheer speed of innovation means that advances in DeFi tech often outpace improvements in user experience, which only adds a hurdle to learning. Moreover, some of the assumptions users carry over from their knowledge of traditional, centralized finance (CeFi) applications can be unhelpful. For example, in DeFi, user funds are held in crypto wallets, not in banks. Users are “self sovereign”—in sole control of their assets and entirely responsible for all transactions and for safeguarding their funds. In DeFi, there are no brick-and-mortar branches, administrators, or other centralized middlemen to assist users. Consequently, it’s possible to make frustrating and sometimes costly mistakes.
Common Crypto and DeFi User Mistakes, and How to Avoid Them
Some of the missteps described below are common to all types of users, even those more experienced in crypto and DeFi; the last few are specific to Dai and Maker Protocol users.
1. Rushing in with little knowledge of blockchain tech and the crypto/DeFi space
Decentralized finance systems differ significantly from conventional fintech applications. At almost every level, they operate in ways that can feel alien, causing users—even those experienced—to easily make mistakes.
Some of the key differences between DeFi and CeFi include:
- The user bears full responsibility for their funds at all times.
- No company or organization controls any aspect of the system.
- There are no middlemen, administrators, or official customer service representatives.
- Transactions are permanent and cannot be reversed.
As tempting as it might be to jump into DeFi, the space moves fast and tech updates are released frequently. It’s well worth taking time to familiarize yourself with popular applications, including crypto wallets like Metamask, and the different types of exchanges before diving in. It’s equally as important to refresh your knowledge periodically.
2. Misunderstanding the differences between centralized and decentralized exchanges
A decentralized exchange (DEX), such as Oasis.app or Uniswap, allows for direct peer-to-peer cryptocurrency transactions; a centralized exchange (CEX), such as Coinbase or Binance, is controlled by a third party, which has control of user funds. DEXes and CEXes each enable users to trade cryptocurrency tokens; however, they work in different ways, which can cause user confusion.
One benefit of a DEX is that users can trade tokens directly from their external crypto wallets, which offer far more security than trading and holding funds on CEXes. Funds held on a CEX are more open to hacking and theft.
Another key difference between the two is that many DEXs provide algorithmically-calculated prices based on supply and demand1https://academy.binance.com/en/articles/what-is-an-automated-market-maker-amm, instead of using order books and matching buy and sell orders. This makes the user experience simpler and more convenient.
3. Sending crypto to the wrong address
Blockchain transactions are irreversible by design. While a bank may be able to return funds to your account if an error was made or you were a victim of fraud, all crypto transactions are permanent. That means users must take great care in sending tokens to correct addresses, and in providing their addresses to others in order to receive transfers.
Users are offered one safeguard, though: Crypto addresses have a form of built-in error checking called a checksum2 https://news.coinsquare.com/learn-coinsquare/checksum-addresses-how-blockchains-add-security to help prevent address typos (accidentally leaving off a character, for example). Ethereum addresses have both checksummed and non-checksummed versions. The checksum version of an Ethereum address contains some capitalized letters; the non-checksummed version contains only lowercase letters. It’s always better to use the checksummed version. In fact, some wallets only accept that version.
- Checksummed address: 0x4a44A0XXXXXXXXXX290217C51Df0c6158a59CAD2
- Non-checksummed address: 0x4a44a0xxxxxxxxxx290212721df0c6158a59cad2
While there’s protection against typos, there are a few other address-related mistakes a user could make:
- Sending tokens to a smart contract address. Smart contracts are operations written in software code that runs on the blockchain. Every Ethereum token is represented by a smart contract, which manages token balances for users (like a real-world bookkeeper). Like every other operation on the blockchain, token contracts are associated with an address. One misstep of Maker Vault users is that they sometimes send Dai to the token’s smart contract address, thinking that this will redeem Dai generated from their Vault, instead of interacting properly with the contract via Oasis. Tokens cannot be reclaimed when this happens.
- Sending tokens to the wrong exchange deposit account. Exchanges sometimes generate a different deposit address for each Ethereum token they support (ETH, DAI, BAT, USDC, etc). Because these all use the same blockchain, some users assume that the same deposit address will be valid for all Ethereum tokens. Alternatively, users might accidentally click on the wrong token and copy the address to make a deposit in another token. The exchange may not credit the deposit if an address receives an unexpected token, so it’s best to take care to avoid the error.
- Sending crypto to an address for a different blockchain. Most but not all blockchains have a unique address format. For example, Ethereum addresses begin with 0x, while Bitcoin addresses start with 1, 3, or the less common bc1 (for SegWit-enabled addresses). So, it’s not possible to send Ethereum tokens to a Bitcoin address. However, blockchain forks or closely-related blockchains often do have the same format. For example, every Ethereum address also exists on the Ethereum Classic blockchain. So it can be confusing.
The solution in all of these cases is to double-check both the address and the blockchain to which you are sending tokens.
4. Failure to keep private keys/seed phrases safe
DeFi apps (dapps) and services require a user to hold a private key—a long, unique string of characters that provide access to a cryptocurrency “address” and the funds in it. A private key replaces the standard username or email and password model used to access an account in the traditional financial system. Often, a key is derived from a randomly generated “seed phrase” consisting of 12-24 words.3https://iancoleman.io/bip39/. Securing the private key or seed phrase is vital, since this is all that is needed to access funds from an address and there are no trusted administrators to help users if they accidentally lose their keys.
Keep a copy of your seed phrase offline instead of unencrypted in the cloud or on a local device. Keys can be stored using a dedicated hardware device, such as a Ledger4 https://www.ledger.com/ or Trezor, with a mobile wallet, a browser extension like MetaMask, or one of the many other options for Ethereum wallets. Each solution has its pros and cons and must be used correctly to ensure security. Only you can decide which solution best meets your needs.
Maintaining good computer health is also vital to asset security. Download malware and antivirus software from reputable sources and run checks frequently. Beware of suspicious emails and links.
5. Not paying enough in transaction fees
Blockchain users are required to pay fees to miners, who expend time and energy to process and record transactions. On the Ethereum network, these are known as gas fees. The fee amount depends on several factors, including the complexity of the operation and the number of transactions submitted to the blockchain at a given time.
Before completing a transaction, a user tacks on the gas payment. If the payment amount is too low, the transaction may take many hours to complete, or may even be rejected. Most Ethereum wallets estimate gas fees for users, but sometimes the actual fee is more than the amount suggested due to a high amount of blockchain activity. To avoid long transaction delays and rejections, check Eth Gas Station for current fee rates before proceeding. Finally, the progress of any transaction can be monitored by entering the address into a block explorer, such as Etherscan.io.
6. Not using official or secure interfaces
Scammers exist to trick you. They create fake interfaces, ask for your private keys on social and messaging platforms, and use other ways to attempt to steal funds. Any time you’re using a DeFi app, browser extension, software you download from an app store, or a website interface, take care to interact with only an authentic version.5https://medium.com/metamask/rotten-seed-phrases-a-new-scam-targeting-crypto-users-b414f9ef292e
7. Confusing Sai and Dai
Sai was the original single-collateral Dai token. With the launch of Multi-Collateral Dai (MCD) in November 2019, Sai was shut down. At that time, users were instructed to migrate their Sai to Dai, and many did. That option is no longer available, but users can still redeem Sai for its underlying ETH collateral. Because Sai and MCD are both referred to as Dai, and because some platforms have been slow to update their language, if you still hold Sai in your wallet, you might think it’s MCD. Hence, user confusion. If you still hold Sai, there is limited liquidity on certain exchanges, like Uniswap, where you can trade it for MCD or other tokens.
8. Confusing the Maker Protocol, MakerDAO, and the Maker Foundation
The media, Maker Protocol users, and even members of the Maker community sometimes confuse the Maker Protocol, the Maker Foundation and MakerDAO. The three are often conflated as “Maker,” which adds to the confusion. So, let’s quickly review the terms and what they mean:
First, the Maker Protocol. This is a system of blockchain-based smart contracts and decentralized price feeds (oracles) that enables the generation of Dai as a store of value.
Second, MakerDAO. The stability of Dai and the security of the Maker Protocol are maintained by the global community of MKR token holders, who use the Protocol’s blockchain voting system to set key parameters such as the Stability Fees charged on Vaults, debt ceilings, and the addition of new collateral types. Together, the Maker Protocol and Maker community constitute the decentralized autonomous organization known as MakerDAO.
Lastly, the Maker Foundation. This entity contributed to bootstrapping MakerDAO. WIth that process complete, the Maker Foundation is steadily working towards its long-promised dissolution while providing the final assistance to the DAO in order for it to become self-sustainable and fully decentralized.
9. Not learning about community governance by failing to interact with a growing ecosystem of DAOs, like MakerDAO
MakerDAO has a large global community and a completely open decentralized governance process that starts with discussions on the MakerDAO forum. Anyone can offer opinions and suggest ways to improve the Maker Protocol or change the parameters that help maintain the stability of Dai. Holders of MKR, the governance token of MakerDAO, can vote in Governance Polls, which signal the intention to move forward on certain proposals (like adding a new collateral type), and in Executive Votes, which put proposals into action and result in changes to the Protocol.
DeFi offers grassroots users far more than the chance to access decentralized financial services. Due to the decentralized and community-led nature of DeFi initiatives, anyone can get involved—from creating their own dapps to participating in governance and shaping how these platforms operate.
Embrace the Potential of DeFi
Dai and the Maker Protocol offer new means to interact with the world of DeFi. While there are always risks in using experimental technologies, research and due diligence can help users avoid missteps.