Protocol Risk Assessment Framework

High Level Framework

At its core, LazyOtter's protocol risk assessment framework encompasses a comprehensive evaluation of not just the technical risks (e.g. smart contract logic faults or errors, which are mostly covered by the auditors), but also the economic and operational risks. This structured approach allows for a thorough examination of potential vulnerabilities and threats in the realm of DeFi. To achieve this, our analysis is meticulously divided into five categories within each of the three overarching risk domains, resulting in a robust framework comprising a total of 15 categories.

To ensure the validity and applicability of this framework, we have conducted an extensive study that scrutinizes over 300 DeFi protocol incidents. Through this analysis, we have identified recurring patterns and root causes, which have been skillfully organized into relevant categories. By leveraging real-world events that have unfolded within the dynamic DeFi landscape, the risk assessment framework remains grounded in actual occurrences, thereby substantiating its credibility and efficacy in evaluating the risks associated with various protocols.

Risk Weighting

A final risk rating is based on a weighted average scoring of the three categories. The designated weight is

• Technical Risk (40%)

• Economic Risk (40%)

• Operation Risk (20%)

Note that this weight is applicable for Lending protocols only> The weight for DEX or other types of protocols may differ.

The weight designation is based on the following factors:

• Frequency & severity of past incidents that fall into the category (e.g. higher weighting indicates a relatively high frequency or severity)

• Objectivity of the assessment (e.g. a more objective or fact-based assessment is assigned a higher weight).