CertiK - Tokenomics Failures in 2022

Back to all stories

Technical Blogs

Technical Insights

Tokenomics Failures in 2022

2/22/2023

Tokenomics is a crypto-native term that refers to the creation, management, and interaction of tokens with holders and their respective ecosystems. It is complex and interdisciplinary, combining elements of economics, finance, and many other fields, with significant variations among different token mechanisms based on the unique characteristics of each ecosystem.

Typically, the tokenomics models in Web3 include the following elements:

Token Issuance: The total supply of tokens and the mechanism for their creation (e.g. mining, staking, or a token sale).
Token Use Cases: The purpose of the token (e.g. payment, voting, authentication).
Token Distribution: How tokens are distributed among participants (e.g. allocation to the founding team, early investors, and community).
Token Incentives: The way tokens are used to incentivize desired behavior (e.g. staking, voting).

The risks related to the design of the tokenomics model are usually not covered in security audits. Once these risks materialize, they can result in unexpected financial losses, as observed in the recent collapse of numerous projects due to tokenomics design flaws or inadequate risk management. The cumulative losses from these failures are estimated to be an amount in billions of dollars.

$790 Million of Tokenomics-Related Losses: A Risk Primer

In 2022, CertiK conducted investigations into several prominent tokenomics-related incidents, including Terra, Celsius Network, Beanstalk, Fortress, Axie Infinity, Solend, and Babylon Finance. These widely reported incidents have caused over $790 million in direct asset losses and have affected billions of dollars worth of other assets. There are numerous less-known projects that have suffered losses or gone bankrupt as a result.

There are three distinct categories of risk:

unnamed

Model Structure Risk

The risk associated with the model structure originates from the project's design. The tokenomics model is arguably one of the most important aspects of any blockchain project. Inadequate preparation for these risks can lead to significant problems that can endanger the long-term viability of the project. The following table outlines several examples of projects that failed due to issues related to the model structure.

Screenshot 2023-02-23 at 9.57.41 AM

Terra

Terra's ecosystem, which included LUNA – the reserve asset backing the UST stablecoin –, was unable to maintain the UST-dollar peg.

unnamed (1) UST relied on arbitrageurs to maintain its peg to the US dollar

Terra, the issuer of the stablecoin UST, collapsed in May of 2022 due to spiraling losses related to its token design. The value of the UST stablecoin was pegged to the US dollar. It relied on the minting and burning of collateral token LUNA (through the central platform Terra Station) to adjust its value in the case of deviations. There was an overreliance on arbitrageurs to maintain the peg of the stablecoin UST to the US dollar.

The sharp price drop of UST depegging from its

KaTeX can only parse string typed expression

1 p e g (w hi c ha r bi t r a g e u rsco u l d n o t correc t) in d u ce d w i d es p re a d p ani c in t h e ma r k e t an d c a u se d t h e p ro j ec t, or i g ina ll y v a l u e d a t

60 billion, to lose nearly all value in a matter of days. The prices of both LUNA and UST eventually dropped by more than 99%. Risk analysis and stress testing related to the risk of depegging and the behavior of stakeholders such as arbitrageurs could have helped to prepare for the risk of the inevitable event.

Celsius Network

Unsustainable rewards offered to users without consideration of adverse market conditions.

unnamed (2) Celsius users were offered high yields of up to 17% APY

Celsius Network was a decentralized lending and borrowing platform that allowed users to earn returns on their crypto assets. In June 2022, Celsius Network filed for bankruptcy and impacted more than 600,000 accounts that held assets valued at $4.2 billion. The collapse of Terra played a role in the platform's failure, but another root cause was the unsustainable staking rewards offered by the platform. Under extreme market conditions, the project was unable to maintain the excessive rewards passed down to the users, highlighting the importance of proper risk parameter management for the long-term success of the project.

Beanstalk & Fortress Protocol

The attacker was able to manipulate the governance mechanism.

unnamed (3) Beanstalk proposal to migrate user balances to recover network after hack

Beanstalk is a permissionless fiat stablecoin protocol that uses credit rather than collateral to issue its native stablecoin. An attacker took advantage of a flash loan to amplify their governance power, passing a malicious proposal and ultimately draining

KaTeX can only parse string typed expression

182 mi ll i o n f ro m t h e p ro t oco l . A na tt a c k o f a s imi l a r na t u re t oo k pl a ceo nan o t h er d ece n t r a l i ze d l e n d in g an d s t ab l eco in pl a t f or mnam e d F or t ress . B y mani p u l a t in g t h e p r i ceo f i t s g o v er nan ce t o k e n, t h e a tt a c k ers u ccess f u ll y p a sse d ama l i c i o u s p ro p os a l, d r ainin g a pp ro x ima t e l y

3 million from the Fortress protocol. These exploits reveal that vulnerabilities in governance models are often overlooked.

External Environment Risk

External factors, which are beyond the control of the project team or community, may also pose risks to the project. Being aware of potential risks and monitoring changes in the environment can provide the necessary flexibility to respond effectively to unexpected events and take appropriate action. Babylon Finance is a project that was impacted by such unexpected external factors.

Screenshot 2023-02-23 at 9.57.47 AM

Babylon Finance

Significant loss of value as a result of the Rari/FEI hack.

unnamed (4) Babylon’s founder addresses the impact of Rari hack on his project

Babylon Finance suffered a loss of

KaTeX can only parse string typed expression

3.4 mi ll i o nan d s h u t d o w nin S e pt e mb er 2022 d u e t o a c hain re a c t i o n c a u se d b y a d e p e n d e n cy i ss u e kn o w na s t h e R a r i / FE I ha c k . F o ll o w in g t h e ha c k, u ser w i t h d r a w a l s l e d t o a d ro p in o v er 75

10 million lending market on the Fuse pools of Rari was lost since the value of its native token BABL lost so much value that it could no longer be used as collateral. The failure of projects like Babylon is not due to internal issues but rather to reliance on external platforms that fail. By monitoring and analyzing external accounts and markets, projects can make timely responses and judgments to such risks.

Participant Behavior Risk

Participant behavior risks refer to the potential for the actions of key players or the behaviors of key components in the ecosystem to negatively impact the demand and value of a cryptocurrency or token. By understanding how different scenarios impact the behavior of different components of a project, the team can be better prepared for potential challenges and mitigate the risk of negative behaviors. The following are projects that suffered losses that could have been limited and reduced with better management and observation of users and components within the ecosystem.

Screenshot 2023-02-23 at 9.57.52 AM

Solend

Lack of proper monitoring and management of token offerings in low liquidity isolated pools.

unnamed (5) The attacker manipulated isolated pools which are low liquidity and high-risk sandboxes

Solend is a lending project that leverages the scalability of the Solana platform for delivering innovative financial solutions. The Solend incident on November 2, 2022 occurred when an attacker manipulated the price of stablecoin USDH on a particular liquidity pool that was mainly used for the USDH price feed. The attacker was able to inflate the price of USDH from

KaTeX can only parse string typed expression

1 t o

8, whereby the attacker was able to borrow other tokens in multiple isolated pools using USDH as collateral. The exploit resulted in a loss of around 41,000 SOL ($1.26 million). Although part of the issue was the price oracle’s reliance on a low-relevance liquidity pool, the fact that USDH was present in numerous isolated pools was a major contributing factor in the exploit. Proper monitoring and management of tokens in various liquidity pools would have alerted the team of such vulnerabilities and could have helped to reduce the profitability of such attacks.

Conclusion

2022 saw a number of significant incidents related to tokenomics, highlighting the need for improved risk management practices within the market. While security audits are undoubtedly critical, these events serve as a powerful reminder of the importance of tokenomics analysis and that risk management cannot be overstated in today's rapidly growing and evolving crypto market. As we look ahead to the future, it's clear that tokenomics will continue to play a vital role in shaping the direction of the crypto industry. The community must remain engaged and committed to working together to build a better future for all.

Please stay tuned for our future blog posts, where we explore how tokenomics analysis and responsible risk management can help build a more secure and stable environment for all participants.

Products & Technology

Featured Ecosystems

Company

$790 Million of Tokenomics-Related Losses: A Risk Primer

Model Structure Risk

Terra

Celsius Network

Beanstalk & Fortress Protocol

External Environment Risk

Babylon Finance

Participant Behavior Risk

Solend

Conclusion