System Review made by Crypto_Steward at 22 Sep 2020
The rise and the rise of DeFi was propelled by the sudden (but not unexpected) advent of the decentralized exchanges / swaps protocols after their initially more successful and marginally older brotherins — custodial platforms — had gradually succumbed to severe regulatory pressure and one by one started to introduce humiliatingly annoying and highly controversial KYC/ AML procedures.
Here I have to mention that, to the credit of our freedom-loving and oppression-defying industry, there were some who tried to actively resist by moving their businesses into more crypto-friendly jurisdictions reducing their degree of interference with users privacy to a reasonable minimum.
(Some, however, might object that it was more the matter of pursuing business interests rather than following the ideological adherence).
Totally with accordance to a free-market’s magic of ‘an invisible hand’, those users, which have to enjoy a particularly high level of their governments’ ‘care’ about how and where they dare to spend their hard-earned dimes, happily embrace the brave and rapidly expanding world of DEXs.
One of those new species — ‘Kyber Network’ (KNC) — I have decided to review and to rank on the SVET scale (‘System’ — ‘Vision’ — ‘Execution’ — ‘Trust’) today.
SYSTEM (Security — Velocity — Engineering — Transparency)
According to its WhitePaper (v0.1 ‘An On-Chain Liquidity Protocol’ as of 22 April 2019): ‘Kyber, a fully on-chain liquidity protocol for implementing instant cryptocurrency token, swaps in a decentralized manner on any smart contract enabled blockchain.’
The one crucial characteristic of DEXs — that they have a serious incentive to stay opened for an external scrutiny — makes them very attractive for public auditors like me.
That also helps them to maintain an important competitive advantage, creating a level of transparency (in our space often associated with an attractiveness for developers and individual security-focused users) unattainable for even the long established custodial exchanges.
Kyber Network (in addition to the habitual and extensively populated GitHub account) maintains in a number of dedicated web-pages a very thorough record of its overall contracts design features and a description of its core contracts functions for external developers’ access (see link below). Only that alone induces me to raise Kyber’s ‘Transparency’ straight up to ‘a-’ level (‘minus’ is explained below).
As to Kyber’s ‘Engineering’ (‘a’) it is the simplicity itself, which within its two main contracts (KyberNetwork.sol and IKyberReserve.sol) connects Proxies and Maintainers (see below) to the Network, which then, in its part, connects to the Matching Engine, the Storage, Fees Handlers and the Reserve.
(Kyber’s list of main contract functions includes: getExpectedRateAfterFee; tradeWithHintAndFee; addReserve; removeReserve; listPairForReserve; getConversionRate; and trade.)
Basically, it means, that anyone (have to get through Maintainers first :) can create its own Reserve and then control its level and a pricing mechanism. All Reserves allow funds pulling and, in a bunch, create an indispensable feature of the Kyber core protocol — an instant market making, which is based on the best prices discovery among different reserves.
[ Btw, those ‘maintainers’ force me to pull Kyber’s ‘Transparency’ to ‘a-’ levels.
Extract: ‘Maintainers refer to anyone who has permissions to access the functions for the adding/removing of reserves and token pairs, such as a DAO or the team behind the protocol implementation.’ ]
Here we come to one of the major disadvantages for users of decentralized exchanges. ‘Instantaneous’ matching and free-market based Fees Handlers (combined with a relatively small numbers of Reserves) mean that those fees can get astronomically high (as it is currently the case with Kyber where the price paid for one transaction reaches now up to $20).
For a regular, ‘none-wale’ trader, which usually places a large number of relatively small orders that might be a party-crasher.
That reality (combined with the ‘maintainers’ institution and the fact that Kyber has presently only 70 reserved coins) pulls Kyber’s ‘Velociy’ to ‘c+’ level.
As to its ‘Security’, although, I’ve got a relative confidence that the open-for-all parties’ investigations Kyber’s contracts have already provided a practical safeguard for its users, we all know too well that there’s no such a thing as the ‘bullet-proof contract’. It has to withstand the test of time before I can move Kyber’s ‘Security’ up from the present ‘b-’ level.
Result for ‘System’ (Security — Velocity — Engineering — Transparency): b-/c+/a/a-