DeFi Risk Tools Lag Behind Protocol Complexity

As a percentage of total assets parked in DeFi – decentralized finance that allows users to lend, borrow and trade crypto assets without traditional intermediaries – the headline number is relatively contained. The signal it carries is not. Even the most battle-tested, most liquid, most institutionally endorsed protocols in the ecosystem are not untouchable. That realization changes the calculus for every allocator with onchain exposure – positions held directly on blockchain networks.

The tools to price that risk have not kept pace. In TradFi, credit ratings go stale over quarters, a cadence that fits assets that change slowly like corporate bonds or fixed-term structured products. DeFi does not change slowly. Risk profiles shift at block speed – the pace of individual blockchain transactions – reconfigured by oracle prints – external data feeds, governance votes, liquidity migrations, and collateral reuse happening continuously and in parallel.

An assessment that does not update against live data is not a risk rating but a record. By the time a DeFi credit event is severe enough to trigger an off-cycle revision under traditional methodology, the capital is already gone. 

Yield versus hidden downside

The asymmetry of information has compounded that problem at the user level. Yield has always had a front-facing number – APY, or annual percentage yield, is the first figure every interface surfaces, and for most allocators it has functioned as a proxy for the entire investment case. The other side of that trade has no equivalent representation. Downside exposure sits dispersed across protocol parameters, liquidity depth assumptions, oracle architecture and collateral dependency chains that are seldom aggregated into a single readable signal.

DeFi losses rarely trace back to one clean failure point – they are products of leverage, collateral reuse and liquidity constraints compounding against each other in ways that remain structurally opaque until the position is already underwater.

Risk-adjusted return is the first question every serious allocator asks. It has also been, until now, an unanswerable one in DeFi. That is the gap Credora is built to close.

“It's not about removing high-yield options, it's about making users aware of what they're signing up for."

Marcin Kazmierczak, co-founder of Credora,  at EthCC[9] 

Why DeFi needs a different risk model

Traditional risk frameworks were built for a different set of assumptions – human intermediaries with discretion, staggered information flows and stable settlement infrastructure. In onchain reality, none of that holds. Collateral liquidations – forced sales of collateral when positions become undercollateralized – move markets against themselves, depositors react to the same data simultaneously, and smart contract rules – self-executing code on the blockchain – cannot be overridden mid-crash. DeFi does not just require adapted risk management – it requires a fundamentally different one.

The DeFi risk surface does not map cleanly onto anything TradFi has built frameworks for – and that gap is precisely where capital gets destroyed. But beyond the structural divergence from traditional finance, the ecosystem carries its own category of risks with no legacy analogue.

• Smart contract risk is the most visible vector, but the mechanism is often misunderstood. A smart contract is immutable by design – once deployed, its logic executes exactly as written, which is both its strength and its liability. The attack surface concentrates either at initial deployment, where unaudited or under-audited code can contain exploitable logic flaws, or at protocol upgrades, where new code introduces new assumptions and potential backdoors into a system that users trusted under the old ones. Compressed time lock periods between upgrade and activation leave no buffer for the ecosystem to stress-test the changes – and every line of new code leaves the contract exposed as a potential entry point.

• Oracle risk operates one layer above the contract itself and is more insidious, precisely because the underlying code can be perfectly written and still fail. An oracle is the mechanism by which a smart contract receives external price data it cannot generate itself. There are several distinct architectures, each with its own failure surface. Market oracles – the most common, used by Chainlink (LINK) and most major DeFi protocols – aggregate price feeds from multiple sources and push them onchain at defined intervals. If the feed lags during a fast-moving market, the onchain price diverges from reality long enough to trigger unintended liquidations or create exploitable arbitrage – risk-free profit opportunities. Hard-coded oracles fix a price or exchange rate at deployment – eliminating staleness risk but introducing rigidity, meaning any structural shift in the underlying asset’s value is permanently mispriced. TWAP oracles – time-weighted average price oracles, used heavily in automated market maker (AMM)-native protocols like Uniswap (UNI) – derive price from time-weighted average trading activity onchain, which makes them resistant to single-block manipulation but highly vulnerable to sustained low-liquidity attacks where an attacker gradually moves the average. Oracle errors do not announce themselves, and even a configuration-level discrepancy between a stale feed and live market rate can detonate a well-constructed position.

• Governance risk is where the attack surface becomes human. Most protocols vest administrative control in a multisig structure – a shared key arrangement requiring a minimum threshold of signers to approve any protocol-level action. But the model carries an implicit assumption that rarely survives contact with a sufficiently patient adversary: that every signer will independently verify the full content of every transaction they approve, every time, trusting context provided by teammates rather than auditing raw transaction data themselves. The multisig is only as secure as every party behind it. The governance attack surface extends well beyond key compromise. Protocol parameters that determine the health of every active position – collateral loan-to-value (LTV) ratios – the maximum percentage that can be borrowed against collateral, oracle configurations, borrow caps – are all adjustable through governance mechanisms that, in many protocols, trigger no user-facing alert. A curator or a lending protocol governance can reduce a collateral asset’s LTV to zero, effectively rendering every position using that asset immediately liquidatable, without a single onchain warning reaching affected borrowers. Time locks exist precisely to create a detection window between a governance proposal passing and its execution – giving users, security researchers and protocol teams time to identify malicious or erroneous parameter changes and respond. The recent Drift exploit (Drift is a leading Solana (SOL) perpetuals decentralized exchange) is the most expensive illustration of governance risk.

What makes all three risks systemically significant rather than episodic is composability – the ability of DeFi protocols to interconnect and build upon one another. DeFi’s deepest structural advantage – the ability to stack protocols, nest collateral and route yield across multiple layers – is also the mechanism through which a localized failure becomes a balance sheet event everywhere the affected asset was trusted as collateral.

The interdependency is the core problem. Every protocol that accepts an asset as collateral implicitly inherits the full risk history of everything that asset touches – its issuer, its oracle, its custody structure, its reserve composition. Those dependencies are rarely linear and rarely fully visible. A failure at any node propagates instantly to every protocol that treated that node’s output as a trusted input, regardless of how many layers separate them. A portfolio can carry that exposure without a single direct position in the affected protocol.

Credora’s layered rating approach

Naming the risk is the first step. Quantifying it across every layer it touches is the gap Credora is trying to address this with an architecture built specifically for onchain risk – and with a structural advantage most rating tooling in the space lacks.

Where traditional frameworks assess a single instrument in isolation, Credora operates across three distinct layers simultaneously: the underlying asset, the lending market it sits in and the vault strategy built around it. That vertical coverage matters because risk in DeFi rarely lives at a single layer – a well-rated asset can sit inside a poorly configured market, and a sound market can be packaged into a vault with reckless curator behaviour on top. Rating any one layer without the others produces a partial picture.

The institutional framing is deliberate. Credora maps its output onto the letter-grade conventions TradFi allocators already operate with – not as a cosmetic choice, but because the BBB+ investment-grade threshold is a regulatory and operational reality for a significant share of the capital the industry is trying to attract.

(Source: Credora)

As institutional capital piles into vaults and reaches DeFi pools, Credora is translating DeFi risk into the language they already use to make allocation decisions. The RedStone acquisition in September 2025 sharpens that proposition further. Being a native DeFi oracle network, Redstone's integration gives Credora direct access to live price feed infrastructure, closing the loop between the data used to price risk and the framework used to rate it.

The methodology underneath operates through two core probability metrics. At the asset level, the framework produces a Probability of Default (PD) – the likelihood that an asset issuer or borrower fails to meet its obligations within a twelve-month window – and the Loss Given Default (LGD) downstream estimating capital destroyed should the default materialize. Those figures are derived from historical default data, then adjusted through a series of modifiers: audit depth and recency, custody structure and whether the underlying strategy is static or actively traded. Reserve management history feeds in as well – past depeg events – when a stablecoin or token loses its peg to its target value, redemption friction and governance track record all shift the anchor probability before a final rating is assigned.

At the market level, the relevant metric shifts to Probability of Significant Loss (PSL) – defined as the likelihood that a lending market accumulates bad debt exceeding 1% of principal, the threshold at which liquidation mechanisms have demonstrably failed to protect depositors. Six distinct dimensions inform that figure: structural market mechanics, including the liquidation LTV threshold and the incentive bonus governing liquidator behaviour; oracle characterization, distinguishing between live market feeds and hard-coded exchange rates; borrower position distribution, measuring how aggressively active positions are sized relative to liquidation thresholds; rebalance profile, capturing whether borrowers historically add collateral or reduce debt when their health factor deteriorates; collateral asset rating, feeding the asset-level PD directly into the market simulation; and pair liquidity depth, assessing how much of a given collateral position can realistically be liquidated at current decentralized exchange (DEX) and centralized exchange (CEX) market depth without material slippage. That last dimension is particularly acute for RWA collateral – real-world asset collateral, where onchain liquidity is often functionally nonexistent.

The vault rating aggregates upward from there. Individual market PSLs are weighted by allocation size, then adjusted for curator track record, governance quality, concentration risk and protocol-specific factors. A vault curator who consistently runs positions close to liquidation thresholds, or who has demonstrated poor governance hygiene in past cycles, will see that behavioural history reflected in the vault rating, regardless of how clean the underlying assets look in isolation.

The Monte Carlo engine – a simulation method that runs thousands of random scenarios – sits underneath all three layers, running repeated simulations across price paths, including tail events to map the probability distribution of positions breaching their LTV trigger under stress. It is the difference between rating a position under normal conditions and rating it under the conditions that actually produce losses.

Traction and next steps

The coverage already in production is significant: billions in TVL rated, with 125 Morpho vaults at 90% TVL coverage, 250 Morpho markets, and every Spark. The beta platform unveiled at EthCC Cannes makes that universe navigable in a single interface, with 179 lending markets filterable by network, loan asset, collateral, risk-adjusted APY and letter grade. Yield and risk, finally side by side in the same table, bringing the first iteration of risk-adjusted return to DeFi.

Already embedded in Morpho and Spark, historical data revealed that rated vaults accumulate capital faster than unrated ones and retain it under stress – users exit less during drawdowns, and mercenary capital self-selects toward unrated venues. The rating does not just signal quality. It shapes the depositor base differently.

Three extensions announced at the conference push that further: a unified aggregator for portfolio simulation before execution, a wallet rating feature assessing live position risk across any connected address, and an alerts API delivering real-time notifications when a rating deteriorates. That last product is the operational argument against periodic review made concrete – Resolve depositors waited four hours for a public announcement after the hack. Continuous monitoring does not wait.