New report: Most decentralized exchanges are not secure

The survey found that only two DEXs received high security scores, and most of the others were considered not safe enough.

By MICHAEL KAPILKOV

Translated by: Zion Editor: Rose

A recent report by crypto exchange ranking platform Cer Live revealed that 14 of the top 25 decentralized exchanges (DEXs) scored poorly in terms of cybersecurity.

The report examined the various unique issues faced by most DEXs, including fake token listings, widespread slippage, delayed trade confirmations, and lack of data on listed trading pairs. They also looked at whether each exchange had undergone security audits, whether it offered bounties to encourage the public to find bugs, whether it ensured adequate end-to-end security, and more.

Each exchange was then rated between 1-10 based on its overall security. CER considers any score above 8 to be classified as “high.” Scores between 6 and 8 are considered “good,” and any exchange below 6 is considered “low,” and therefore “unsafe.” Of the 25 exchanges analyzed, only two DEXs received a “high” security score: Uniswap and Syntetyx.

Source: CER

CER criticized the audit practices of low-scoring exchanges, saying that many exchanges failed to re-audit the services they provide after recent code additions. For any exchange that is considered outdated, its score will be reduced. Other exchanges do not publish public audit reports at all:

Six exchanges (24%) have not passed a security audit or have not publicly announced that they have been audited. It should be noted that unaudited exchanges cannot be considered safe.

Some of the 25 exchanges hired individual researchers rather than professional firms to complete the audits. The authors of the report strongly discourage this practice. Considering the astonishing growth of DeFi in the past few months, the researchers concluded that DEX users are generally more vulnerable to fraud than hacking:

Although decentralized exchanges have not suffered any major hacks compared to centralized platforms, DEX users are actually more vulnerable to fraudulent attacks.

The CER report concluded that 92% of the top 25 DEXs need to pay more attention to security. They encourage these exchanges to follow the industry's existing best practices in the future to ensure a safe trading environment for their users.