fbpx

46. Vampire Attacks in Decentralized Finance (DeFi): Explanation and Examples

Rest assured – we won’t be talking about bloodshed, although because of the name, it might seem that way. Those sensitive to this topic can safely continue reading.

Vampire attacks in the cryptocurrency space do not even have anything to do with individuals. In fact, a Vampire Attack is one of the unethical methods of acquisition in decentralized finance (DeFi). It takes place when one protocol offers better rates and profits than another. In doing so, it steals all customers and investors, or to put it more bluntly, it sucks liquidity out of a given protocol.

In the cryptocurrency industry, such an attack is also referred to as an aggressive marketing or growth strategy.

Vampire Attack – definition

In the decentralized finance (DeFi) space, such an attack occurs when a new protocol in the market (usually a fork of an existing design) offers users and investors better prices, incentives, or profits compared to the original design.

Such a successful vampire attack results in a loss of fluidity for the main project. Interestingly, there have been cases in practice where, through such attacks, new projects have completely ‘killed’ the original ones. These projects were then abandoned in favor of the ‘new’ ones.

This type of attack is very common. Even Uniswap has fallen victim to it. Do you remember the famous airdrop of UNI tokens? Well, that’s right. The behavior had one purpose – to keep users on the platform and trigger DAO.

How is Vampire attack carried out?

The steps the attackers take are child’s play. First, they identify the platform on which they want to launch the attack. Then they offer users free airdrops, lower fees, higher profits. In a word, they present the new platform in all the best possible terms, in comparison with which the original project compares very poorly.

Secondly, they are gradually expanding their offerings, introducing, for example, new liquidity pools. And those who become liquidity providers will be rewarded with free tokens. The result? Increased liquidity and volume on the newly established platform.

You have already taken the time to notice that this whole “strategy” is highly unethical. It is 100% detrimental not only to the project under attack but also to the entire ecosystem of decentralized finance (DeFi). It only makes sense if old, non-innovative projects are eliminated through vampire attacks.

Who is being targeted by the Vampires?

In fact, most DeFi projects. Any project that relies on users and liquidity can fall victim to a vampire attack. In practice, this includes not only decentralized finance (DeFi) but also decentralized exchanges (DEX), farms, or other projects in any way linked to liquidity pools.

Projects that are targets tend to have certain characteristics. Which ones? These are:

  • First and foremost, high liquidity, which literally vampires suck up. They are attractive because they offer a large pool of capital to capture.
  • Another feature is users. A free community that attackers can access is a tasty morsel for them.
  • Fees. Projects that want to carry out a vampire attack can offer lower fees and thus draw users away from the original project.
  • Lack of development. Projects in any crypto sector that literally stand still and do not follow the spirit of innovation are prime targets for a vampire attack. They will easily be overshadowed by competing, growing projects.

How to avoid a vampire attack?

Using the so-called lock-in period. It is required of new liquidity providers and prevents liquidity from being provided only to be immediately withdrawn altogether. Collateral is increasingly used for new projects.

Another way to do this is to limit the number of LP tokens that users can withdraw in a given period. This prevents mass migration and loss of liquidity. As a result, a given protocol retains the liquidity necessary to function properly.

Greater rewards for loyal users. Those who have been with a protocol longer receive greater rewards for their commitment and time spent developing the protocol. A great way to retain existing users.

Vesting. Another great way to prevent vampire attacks. By giving rewards to liquidity providers, platforms are assured of keeping liquidity for longer. It works the same way the other way – taking away a guaranteed reward for withdrawing liquidity before a certain time.

First vampire attack

The first known example of a vampire attack is attributed to the SushiSwap exchange. The protocol was launched on 28 August 2020, when DeFi was booming. At that time, TVL (total blockchain value) had risen in DeFi to more than US$15 billion. Every day there were new projects that wanted to take over some of the liquidity flowing into DeFi. Competition was very high, and each project wanted to attract users.

When SushiSwap was launched, it attracted more than 100 million USD token LP in just a few hours. How was this accomplished? By distributing a large number of SUSHI tokens to users who pledged their LPs to the project. Initially, project users could only deposit Uniswap LP tokens into SushiSwap. This was the key to the vampire attack.

Over the next two weeks, the intelligent SushiSwap contract router – MasterChef – was launched. It automatically replaced all LP Uniswap tokens with basic ones, leaving them on SushiSwap, while migrating all liquidity to the protocol and giving users LP SushiSwap tokens. The result? An outflow of more than US$1bn from the Uniswap liquidity pool. The TVL of SushiSwap increased, and Uniswap halved.

Uniswap quickly responded by airdropping its token UNI to attract users back and regain lost TVLs. SushiSwap was successful and very quickly began to be copied by other industry protocols.

Further examples of vampire attacks

Dash/Masternode: The Dash project fell victim to an attack when it popularized the masternode concept. As a result, later projects such as PivX and ZCoin forked and modified the main Dash protocol and directly competed with it.

Blur/OpenSea: An example from the non-fungible token (NFT) market. Blur encouraged users to migrate from other projects by offering them free airdrops. Momentarily, the platform even overtook OpenSea in terms of trading volume.

Summary

Taking a critical look at the whole process, vampire attacks can even be seen as positive. They lead to fiercer competition between projects and force them to innovate and make improvements.

In practice, many projects that follow this practice offer nothing new. They are no better than competitors. Therefore, even vampire attacks have had to evolve. They currently no longer offer one type of incentive to users but a whole range with the emphasis on keeping them!

Sign up for the newsletter!

Receive the latest cryptocurrency news in your email every week.