DeFi Security: Turning the weakest link into the strongest attraction

4 min readApr 20, 2022


Article 1 of 7

Executive Summary

  • The Eiffel Release adds a protective shield against internal theft and external intrusion. It’s a proprietary innovation, entirely custom built to safeguard our workflow, and we call this, The Safe House.
  • The Safe House is the combination of a novel software engineering architecture and automated/manual processes, specific to handling fund movements, with certain multi-signatory approvals required for changing key governance policies.
  • This approach will limit any potential one-time loss to a negligible amount and keep a detailed history of all the transactions linked to specific internal staff responsible for fund movements and trade execution. All personnel in the process will be fully KYC’ed.

Necessity is the mother of all creation / invention / innovation, but the often forgotten father is frustration.

Over the next seven weeks we will present seven articles, as part of our Eiffel release plan, describing the main components we are building to reach our goal of bringing Risk Parity to the decentralized finance world. We start now with the first article of this series, which will focus on what we consider to be the foremost priority for us and also for other organizations with similar endeavors, to provide an overview of our strengthened security blueprint.

The enhanced security features we are building at Formation Fi are, no doubt, very necessary. But the essence of the security innovations we are creating are borne out of the numerous troubles several (all?) protocols are encountering due to unauthorized parties trying to access their funds.

The same could be said about the rest of the investment vehicles we are building at Formation Fi. Our innovations are very necessary. But the key motivation for the products we are creating are due to the main issues that we have encountered while trying to obtain:

1. unencumbered access to decent investment opportunities in the traditional financial world, and
2. peace of mind while investing in crypto assets.

In today’s blockchain environment, many protocols are constantly under threat wherein their assets can be taken out or withdrawn by unlicensed individuals. Cryptographic methods used in blockchain protocols, do provide a certain amount of security. But, most projects are still vulnerable either when cryptographic keys, corresponding to fund movements, are compromised or when internal parties, who have access to the keys, have the intention of misappropriating investor funds.

The extent of the perils are magnified in the blockchain environment, since a few parties with malicious intent can reach numerous victims, given the distributed nature of this technology. This adds to the perception that security dangers are commonplace and that hackers are ruling the roost. The many security related incidents stand in the way of the mass adoption of blockchain technology, which otherwise has the potential to transform all human interactions. We wish to do our part to grow this ecosystem by mitigating the harmful influences and restoring the balance of power to groups that are actively trying to develop this landscape.

To counter these hazards, we are introducing several new innovations that will increase the overall defense mechanisms of our protocol. The novel security innovations, which we are developing, are to ensure that our system cannot be compromised by either internal or external actors. Our multi-pronged protection scheme refines the existing cryptographic cover by adding extra layers of protective shields. By making these upgrades, we are converting one of the major drawbacks of the Defi space to one of the major strengths of our protocol.

The central element of our security innovations is the creation of a safe house, which will be guarded by private-public key cryptographic methods, to store all our assets. As an additional measure to enhance the security, access to the safe house will be provided only upon verification of the identity of the person requesting the permission. Our identity verification methodology is above and beyond the security provided by existing blockchain public-private key cryptographic methods.

The safe house has also been designed to detect and neutralize dangers such as attempts to withdraw by players without the right credentials. If a real threat is determined, the safe house will go into a locked state. It will not allow anyone to take out any assets or funds from it until the severity of the danger has been assessed and it is deemed safe to resume further operations.

In the event of an extreme situation, such as a malicious party breaching the safe house, the extent of damage will be limited due to numerous safeguards on the mobility of funds. This scenario can occur if an internal member, or an employee, decides to turn rogue. In such a case, the identity of the person who stole the funds would be established with certainty, due to our identity verification methodology, and the amount lost would be minimal. Even if the missing amount is very small, further action will be taken to recover the lost funds since the identity of the individual, who took the funds, will be known.

While building the new security features mentioned above, the overriding challenge was to ensure that the improved safety procedures would not become too cumbersome. The objective was to be able to accommodate more security guidelines and yet operate quickly and effectively to take advantage of market conditions. This will be discussed further in the next article, where we consider our trade execution related innovations. But to summarize, we have accomplished this by matching fund flows, which are governed by security parameters, to asset management principles and requirements. The result is a system that will protect investor assets and yet allow smooth functioning of our investment machinery.

Where to Find Us?