Lossless Protocol:

A Timely Savior For DeFi Hacks

The recent market rally in the crypto space has seen the total value locked (TVL)
in DeFi protocols reach an all-time high of over $100B according to data from DeFi
Llama. This shows that more people are becoming interested and beginning to
trust DeFi for its promise of decentralization, immutability and absence of market
intermediaries.
As with every profitable movement, among the faithful followers, they will always
be a Judas Iscariot (in this case evil hackers) who are hell bent on betraying the
growing trust that DeFi is gaining from the large pool of investors entering the
crypto market. The actions of these hackers not only lead to loss of valuable
digital assets but causes reputational damage and loss of goodwill which impedes
the progress of DeFi towards mass adoption.
While the DeFi community is not sleeping on combating this problem, its efforts
so far has been limited to hack preventions (like bug bounties). The big question
now is, “what will be the case when these preventive measures fail and large
funds are stolen?” Forgetting about the stolen funds may have been the answer
previously but a Savior is in town to give these hackers a chase for their trouble,
Lossless: The first DeFi hack mitigation tool for token creators.

The Rising Cases of DeFi Hacks

According to data provided by Slowmist Hacked , over $6 billion have been lost by
blockchain hackers in 2021 for which DeFi related hacks account for 76% of these
hacks.
Zooming in to DeFi specific hacks, according to data aggregated from cryptosec on
timeline of DeFi exploits, it is evident that rate of attacks on protocols have
increased astronomically from about $134.2 million in the whole of 2020 to over
$232 million in Q1 of 2021. Q2 record of DeFi funds lost in hacks totaled to $476
million, which is over 100% of the report at the start of the year. In Q3 of 2021,
the losses still continued in the upside with a total of $482.6 million recorded as
loss.

$600,000,000.00

$500,000,000.00

$400,000,000.00

$300,000,000.00

$200,000,000.00

$100,000,000.00

$-
Q1 2020 Q2 2020 Q3 2020 Q4 2020 Q1 2021 Q2 2021 Q3 2021

The rate of DeFi hacks is already picking up in Q4 of 2021, with the most notable
been that of Cream Finance, a DeFi lending platform, was attacked and lost
approximately US$130 million.
With a total of approximately $1.5 billion stolen in over 70 DeFi hacks, the crypto
world including DeFi needs to take extra measures in protecting their platforms
by implementing systems like Lossless.

Introducing Lossless
The Lossless protocol is a piece of code that token creators insert into their tokens
which empowers Lossless to freeze any fraudulent transaction based on a set of
fraud identification parameters.
This piece of code that is inserted into the tokens is uniquely designed to allow for
easy freezing and reverting of funds in any transaction that is collectively agreed
to be a hack. The mitigation process works this way: once a hack is spotted by a
community finder, the stolen funds will be frozen and an independent decision
making body will review and confirm the transaction. If the hack is valid, due
process is followed to revert the stolen funds back to the original address while
the finder of the hack is rewarded a percentage of the retrieved funds. In the case
that the hack claim is invalid, the finder will be penalized.

How Lossless Works

Community Finders initiates the hack mitigation process by identifying hacks
usually by checking for unusual token activity (such as large transactions, liquidity
pulls), listening for on-chain events, and third party reports (such as public
reports). The finder can freeze the transaction address for 24-48 hours if they
stake $5000 worth of $LSS token. The frozen address will be reviewed by the
Lossless team to determine if it is valid or not. If it is valid, the finder is rewarded a
fee and the case is transferred to the independent decision making body-
(provide details) for further deliberation and actions. In the case that the
transaction is invalid, the finder’s staked tokens are confiscated and the address is
unfrozen.
For a valid hack-the transaction address will be frozen for additional 14 days
within which the independent decision making body (which consists of the token
creators, lossless company and independent committee) will issue a proposal for
permanent transaction freezing and reversing of the funds back to the original
address.

The Lossless Progress so far

Since its launch in June 2021, the project has been making evidential progress in
its ecosystem as it prepares for the public launch of the Lossless protocol in Q1 of
2022.
Earlier in September, it launched the Lossless DeFi hack explorer V1.0. The
explorer is an intuitive platform where finders can report hack cases and track the
progress of such cases. It anticipates that the platform will become the hub of
professional white hat hackers and crypto security enthusiasts, who are united in
their pursuit to create a safe and trusted DeFi ecosystem with minimal to no
losses.
As part of its expansion strategy, it has launched on the Polygon network in
addition to the Ethereum and Binance Smart Chain networks. With this move,
Lossless is now included in the tool list for Polygon developers which will
encourage more projects on the blockchain to adopt the LSS security standard.
In addressing the challenge of manually integrating the Lossless code for new
projects joining the ecosystem, it recently launched its token minter. The token
minter is a permissionless tool that makes it easy for anyone to create and deploy
a token smart contract in minutes. It currently supports ERC20 and BEP20 token
standards. One unique future of the token minter is that, it is infused with the
Lossless code which will become functional once the protocol goes live. It equally
provides an option for on-demand professional security audit report from Hackin,
a trusted cybersecurity company and a key partner of the Lossless protocol.
The team is currently working on releasing the Lossless Vault and Treasury
protection tool by the end of November. This is a b2b solution built for protocols
to secure individual vaults with large amounts of funds inside such as liquidity
reserves, development funds, company treasuries, etc. This will provide an
additional layer of security for protocols who have large liquidity reserves
particularly with the growing demand for permanent protocols in the DeFi 2.0
revolution.

What makes Lossless Unique?

The DeFi community have been relentless in its effort to curb losses due to hacks
by adopting such measures as auditing, bug bounty programs, etc. These
measures have done well in preventing many hacks but it is still limited in their
ability to detect, freeze and reverse lost funds like the Lossless protocol promises
to bring.
Lossless enjoys the first mover advantage by being the first DeFi hack mitigation
tool which gives it more room to set the standard for this new industry. Though it
has some indirect cybersecurity competitors like Kasperky blockchain security,
Slowmist, bugcrowd, ABDK consulting, but this competitors are not as effective
primarily because their solutions are not tailored uniquely for the DeFi market
and their decision making process in not decentralized.
Speaking of its decentralization, Tether has the ability ability to freeze and destroy
its USDT token in the event of a hack but its approach to achieving this
compromises the core principle of DeFi which is decentralization. The Lossless
protocol leverages the Tether model but adds a new layer of decentralization by
allowing anyone who stakes the required LSS token to initiate the transaction
freezing, while three independent bodies decide on the final fate of the
transaction.
Lossless equally provides a win-win situation for token creators since they are no
upfront cost to using the code but a percentage fee will be paid only when hacked
funds are recovered.

LSS Token Utility

The LSS token with a limited supply of 100,000 units, is core to the success of the
whole hack mitigation process. For a hack freeze to be initiated on any suspected
transaction, $5000 worth of LSS token must be staked by the founder and if the
hack is confirmed to be valid, the finder will be paid in LSS token after the fee is
collected from the hacked project.
LSS token is also utilized in the protocol’s governance process. Active users in the
ecosystem who have staked a significant amount of their tokens will be able to
provide feedback and make suggestions about the protocol, roadmap and the
overall growth of the Lossless ecosystem.

Lossless Growth Potentials and Challenge

Lossless has earned a good spot in the DeFi community for its effort in assisting
Cream Finance recover $16.7M from its hack in August, 2021. Though this was not
done with the use of the Lossless code but with the help of Pascal Caversaccio
who is a member of the Lossless community of white hat security experts. This
report serves as a testament of its commitment to its vision of saving the DeFi
market from evil hackers.
Lossless has secured over 35 partnerships since its launch with prominent
projects like DAOMaker, Harmony One, etc and many more in the pipeline. It is
also looking to introduce its wrapped token feature for existing tokens using the
ERC-20/BEP-20 standards. For example, tokens like BTC and ETH will have a
wrapped version of L-BTC and L-ETH which makes it easier to freeze and revert
these tokens in the case any hack.
While the project is not fully launched in order to identify an obvious challenge,
one key issue remains its decision making body which is perceived to wield much
power to be considered a fully decentralized entity. Hopefully, the project will
make more room for increased community involvement in the decision making
process.

Conclusion
While