Security of a blockchain and/or a protocol built on a blockchain are heavily dependent on the mechanisms built on top of it and the coin or token used as the medium of transaction.  From a first principle look this is effectively the most important thing to do when designing a token in a protocol.  Just as Bitcoin is used to pay miners for economic security in the proof of work scheme and Cardano/Ethereum/Solana/etc… are used to secure their networks through proof of stake the goal remains the same.  There are many different methods of implementation of how the incentives align to ensure actors are doing the right thing to protect the system's integrity.  For projects that are planning to launch a token having an awareness of how the token plays into the protocol's health, growth, and sustainability are the key factors.  This is economic security. 

Flavors of Economic Security

Economic security is a general term that refers to maintaining the integrity of the system, but how the system is protected and/or conversely can be attacked comes in different flavors.  It can be broken down into three main categories that can affect protocols.  They are Fraud, Technical Exploits, and Market Volatility.  These categories are chosen because broadly most cases of where a protocol is exploited can be boiled down into one of these three categories.

Fraud (Human ←→ Token/Protocol)

When it comes to things of value, there will always be bad actors looking for ways to exploit a system.  In the context of fraud for economic security, it is how a bad actor can influence a protocol maliciously for their gain.  Even impeccably designed systems can have a bad actor cast their influence socially or financially (ie a whale).  This can come from actors ranging from founders and core team members that look to rug the ecosystem and extract value or simply financially-backed actors looking to manipulate a protocol and extract through financial measures.  There have been examples in the past most notably Sam Bankman-Fried (SBF) who through the FTX exchange took users' funds and gambled them through Alameda research.  Another notable example is the Luna collapse (which may be debated), where the undercollateralized stablecoin UST had artificially high yields and things going on in the background of Terraform labs that might not have painted the entire health of the protocol correctly to users.  Overall economic security compromised by fraud is done by withholding intentions or facts about how actors intend to use/build/interact with a protocol for extractive purposes.

Technical Exploits (Mechanisms/Contract ←→ Token/Protocol)

Technical exploits are exactly what the name implies, exploits that occur because of attack vectors in smart contract logic, poorly designed mechanisms, or lacking sufficient stress testing to protect the protocol.  The most common technical exploit is through smart contract exploits.  Many of the most expensive technical exploits have come from poor programming and auditing practices from the development team.  Rigor, implementing sound development/programming practices, R&D, and heavy doses of skepticism can help teams ensure that the attack vectors present in a protocol are minimized.  Beyond smart contracts or programmed code that can be exploited, poorly designed mechanisms can be at fault and exploited as well.  A mechanism in the blockchain sense is the method of how an algorithm is implemented in code and practice.  Mechanisms could include but are not limited to, oracle implementations, bridge implementations, and staking designs.  Many old Ethereum exploits have come from teams forking smart contracts with known bugs and not fixing them before launch such as the all the Compound forks that have been hacked.  Oracle and Oracle price manipulations are two other commonly used attack vectors that would be considered technical exploits.  It usually involves a bad actor either creating an LP that is then used as the price oracle and manipulating it to extract value or manipulating an existing LP pool to extract value from a protocol.

Market Exposure (Markets ← →Token/Protocol)

The degree to which a protocol, token, or project (or really any combination of them) is exposed to the brutal forces of markets can be an area in which a protocol is exploited.  Protocols through parameterization of key levers can make a protocol more flexible or rigid to the macro state of the larger market.  This is usually referred to as the “hardness” of a protocol, such as Bitcoin, which has many of its parameters hardcoded and requires a hard fork to make any meaningful changes to it.  Other protocols have more flexible or dynamic systems in that their parameters fluctuate with markets/utilizations or are just easier to change.  The stability and complexity of a protocol are the two main factors that should help steer how exposed to markets it is.  Purists may argue that protocols should be fully exposed to minimize centralized control or manipulation whereas more pragmatic teams might lean towards a stepwise approach to ensure building enough liquidity and structure in a protocol before unleashing it to the masses.  These type of decisions are critical to understand the risk appetite toward a protocol and it’s users.

If you are on a team developing a protocol and/or have questions on how to securable and sustainably build a token economy, reach out to The Token Lab!