Blog

Fordefi Launches First Institutional DeFi Wallet & Security Platform

Written by Josh Schwartz | Nov 7, 2022 11:27:58 PM

Driving Institutional Adoption in DeFi

We’re proud to announce the launch of Fordefi, the first institutional MPC wallet, security platform, and Web3 gateway built for DeFi. With Fordefi, our goal is to enable institutions to securely hold digital assets and safely transact across decentralized finance. We’ve been working in close collaboration with our design partners – industry leading trading firms, funds, and custodians – to ensure that we’re building for what DeFi demands. Together, we can unlock DeFi’s full potential and drive further adoption. We’re excited for what the future holds and would like to give a special thanks to our investors for making this possible: Lightspeed Venture Partners, Electric Capital, Jump Crypto, Castle Island, Pantera Capital, Illuminate Financial, PayPal Alumni Fund, Nima Capital, Digital Currency Group, Defiance Capital and StarkWare.

For more on why we built Fordefi, the future of trustless finance, the barriers to DeFi adoption and how we plan to solve these challenges, continue reading. We break down why this launch is so important – not just to us, but for all of DeFi. 

Blockchain’s Trustless Promise

The market has evolved from one where institutions were simply holding digital assets and transferring them for payments or settlement, to one where we now have a truly decentralized approach to accessing financial services.

In other words, one of blockchain’s original promises was that everyone would have a trustless network on which to transact, cutting out our reliance on middlemen like banks or the government. However, as institutional and commercial interest began developing, solutions brought to the table mostly relied on centralized financial structures, a carry-over from traditional financial systems. Despite the development and value of certain tokens tying back to this promise of a trustless network – take for example the utility of Ethereum – middlemen were still involved because the infrastructure required to support a decentralized and trustless network still needed to be built. 

There were two problems with this. First, blockchains didn’t actually do the things people were imagining – they only had the potential for it. The second problem was that despite digital assets being created on the blockchain, buying and trading the assets were still being done mainly through centralized solutions. The actual utility of blockchain in creating a decentralized and trustless network wasn’t being leveraged.  

When I first purchased crypto on a popular centralized exchange, I went to the blockchain to find the transaction and of course could not find it. In reality, we still didn’t have decentralization. Instead, we had new middlemen, centralized exchanges, custodians, and digital banks, who were providing valuable resources and solutions while decentralized infrastructure was still being developed. 

DeFi finally changed this. We saw massive growth in applications being built on top of blockchains. Decentralized applications (dApps) utilize smart contracts that automate certain functions and are called to operate on a blockchain, where the code cannot be changed and the transactions performed by the programs are irreversible. You can see examples of this today with dApps such as lending platforms that require collateral to be deposited into an address that will automatically liquidate the collateral if the loan is not repaid and the collateral drops in value, or an exchange operating as an automated market maker (AMM) that ensures no one sends funds without guaranteeing that their trade takes place, essentially removing the settlement risk layer. 

This is a paradigm shift in the way traditional financial markets operate. In the past, we needed centralized finance (CeFi). They provided trust. How else could you lend to a stranger? What if they don’t repay you? How could you trade with someone? What if you send them money and they don’t give you what you purchased? DeFi solved this problem. Instead of middlemen, we now have software programs that are transparent and unchangeable. Now people can transact with anyone in the world without needing to trust them or know them.

As a result, DeFi has seen massive adoption from both retail and institutions. Billions of dollars have rushed into this market. Decentralized exchanges have seen volumes that surpass those of the largest centralized exchanges. Decentralized lending dApps are doing more volume than many centralized finance lenders. We’re beginning to see unprecedented adoption in DeFi from both major technology players and traditional financial institutions. DeFi has the potential to grow to the trillions of dollars and rival volumes in the traditional financial markets. 

DeFi’s Barriers To Further Adoption

Representative of the broader crypto ecosystem, there are several areas that have been identified as the biggest blockers to DeFi adoption from both institutions and retail customers. 

Regulatory Oversight and Sanctioning Programs

Financial regulations and user protection laws act almost as a historical record, reactive to the industry as the space and technology evolves. The uncertainty or debatable state of certain regulatory requirements has created a quelling in adoption from more risk-averse institutions and individuals. The nascency of the crypto space and nature of its infrastructure make this issue perhaps more pronounced, as regulators are just beginning to understand both the technology and its use cases. 

Smart Contracts Can Be Flawed

The second issue is that while smart contracts are transparent, they can be flawed. The code is there for everyone to see, but sometimes there are bugs that are not readily apparent and only learned of after someone compromises the code and steals money. If you happen to find a bug, it’s dangerous for you to tell anyone, even if you are just trying to be a good guy. If you tell the wrong person, someone can exploit this information and steal funds before users are able to withdraw their money.

Wallets Need to Evolve to Protect Against DeFi Attacks

The third issue is that the infrastructure and tools that have been designed to secure digital assets were not built to also protect against malicious DeFi activity. Of course, this is because DeFi didn’t even exist in this form when most of the existing wallets were created. Unfortunately, wallets created before DeFi as it exists today are essentially ineffective at protecting against DeFi attacks. 

When the main use case was holding and transferring funds, the infrastructure was designed to protect the private key. Private key compromises were the cause of billions of dollars lost or stolen from exchanges and wallets over the last 14 years. To protect against this, wallet providers beefed up their approach to key management by replacing a single key with multiple shares/signatures/shards and/or making it more difficult to access the key material through HSMs, secure enclaves, cold or offline storage. Policies were also put in place around who can transfer funds, how much they can transfer, and ensuring the transfer was going to the right place. Before DeFi as we know it, crypto wallets were also initiating the transfers, whereas in DeFi the dApps are initiating the transaction and therefore, without clarity of the smart contract, users aren’t able to ensure that the transaction they’re approving is safe.     

Much of the funds lost to date in DeFi have not been because of private key compromises. Today, funds are often lost due to users not understanding the transaction they were approving. A smart contract is code and has no meaning to someone who looks at it, so even if multiple people are required to approve a transaction, they will have no idea what they are approving. Attackers in DeFi today are exploiting user blindspots and targeting holes in security. These attacks are making major headlines in 2022, as funds stolen this year amount to the most ever in crypto history. 

The Role of Fordefi in Driving DeFi Adoption

Fordefi’s institutional MPC wallet and security platform tackles head-on, the challenge of wallets needing to evolve to meet the complexities of DeFi and protect user funds from DeFi attacks. 

Multi-Chain dApp Connectivity

Connecting to dApps is currently a challenge on its own, especially as we move to a multi-chain future. Though dApps began integrating with the most popular wallets, if your wallet was not supported, then the dApp wouldn’t be able to create the transaction for you and you wouldn’t be able to interact with the dApp as intended. We decided that a ubiquitous connection and unified experience was both more secure and more user-friendly. To that end, Fordefi has built a browser extension – a singular interface – that connects to all dApps across multiple chains. Not only are you saved the trouble of switching wallets but you also won’t have to worry about the dApp integration.

Unprecedented Smart Contract Clarity

It doesn’t help to have a wallet if you don’t know what you're approving. Fordefi solves this challenge by providing smart contract verification and producing a transaction to review. We take every smart contract and translate it into language the user can understand. We independently verify the dApp name to make sure the contract matches our database of known contract addresses. We simulate every smart-contract transaction and show the user what will happen if they approve it, including what their new balances will be. Providing this level of detail and verification is unique among wallets in the space. We’re the first ones to actually put smart contract transactions in a format that can be understood by everyone. 

Granular Self-Serve Policy Management

Policy management to tackle the complexities of DeFi has been limited or lacking in wallet platforms until now. Fordefi offers users the ability to define and manage their own policies for every transaction, dApp, and operator. Our policy engine is completely self-serve, allowing you to directly edit and manage your own policies. To ensure a balance between security and flexibility, each policy change requires the approval of multiple admins. You’ll be able to set fine-grained DeFi-first workflows, enabling you to confidently stake, trade, lend, and approve transactions. You can set firm compliant risk controls, manage token allowances, and automate approvals. Any rule that can be conceived can be created with our policy engine, the most robust in the market. 

MPC Key Management and Hardware Enclaves

MPC is the best-suited technology to protect from key theft while striking a balance between security and utility. That’s why it is at the core of Fordefi’s key management solution. Fordefi was designed by a team of experts in cryptography and cybersecurity. Our system is built to protect against any single point of failure. Our system is structured so that the user has a share secured by a hardware enclave in their mobile device, while Fordefi has a share in our own secure enclave. The shares are used to collectively generate the public addresses as well as sign transactions.

Fordefi’s Mission and DeFi’s Future

Fordefi’s mission is to enable institutions to securely hold digital assets and safely transact across decentralized finance. As we continue our work, there is a palpable sense of excitement among the Fordefi team for what it could mean for the future of DeFi adoption. As both institutions and individuals gain more visibility into the workings of blockchain and smart contracts, the unlimited opportunities, use cases, and benefits of DeFi will be realized. Thank you for joining us on this journey and we’re proud to trailblaze towards a truly decentralized and trustless financial future.