Alpaca Finance: Chainlink and other on-chain security processes for Automated Vaults

Alpaca Finance is using Chainlink Price Feeds as part of its effort to ensure maximum safety for customers using the DeFi platform’s recently launched Automated Vaults.

While Alpaca integrated Chainlink’s price oracles in July last year, it only recently launched the Automated Vaults product. It means the platform needs to ensure its users’ funds are safe – hence the price feeds.

Are you looking for fast-news, hot-tips and market analysis?

Sign-up for the Invezz newsletter, today.

Chainlink’s oracles currently help to secure billions of dollars worth of digital assets in Total Value Locked (TVL) across protocols. Integrating the oracles is therefore critical for Alpaca Finance, a leading crypto lending and savings platform on the BNB Chain, that has amassed over $852 million in TVL.

Alpaca’s Automated Vaults

Automated Vaults are investment strategies run on behalf of customers, and which work more like an on-chain hedge fund.

According to the platform, the vaults offer an opportunity for users to farm yield via market-neutral strategies. It’s a model in which the provider opens simultaneous long and short positions, with the profits and losses outcome from both “equal out to zero.”

To maintain little to no market exposure for its customers, Alpaca chose to integrate Chainlink Price Feeds.

The price oracles will offer the vaults precise, high-quality data; access to reliable decentralised nodes to increase protection against downtime and other security threats, including external tampering. More than that, the Chainlink oracles are blockchain Agnostic, meaning accessibility on multiple blockchains.

Automation, double audits and ongoing bug bounty

Apart from price feeds, the startup has set up Alpaca Guard, an in-house security measure meant to protect users’ assets against price manipulation and possible flash liquidations.

Alpaca also relies on double audits, which see every module or smart contract audited twice to increase chances of getting as close as possible to maximum safety. 24-hour automation involving decentralised bots is another security measure.

The $100k bug bounty Alpaca has with Web3 bug bounty platform Immunefi is another targeted at bolstering security for the Automated Vaults. The bounty helps incentivize white hat hackers and other blockchain security experts to continually check Alpaca’s open-source code for potential security issues.

In case things go wrong, users can rely on the Alpaca Insurance Plan.

DeFi security is a big topic

Crypto heists in 2022 alone have seen more than $1.2 billion stolen across the industry, with some of the biggest exploits so far in the DeFi sector.

February’s Wormhole attack saw over $320 million stolen and hackers linked to North Korea hacked Axie Infinity’s Ronin Network in March, stealing $625 million in crypto. Last week, hackers stole $182 million from Beanstalk Farms.

The main denominator in all these attacks and exploits is the weak security systems of DeFi platforms. And according to a report published earlier this year by blockchain security and analytics firm Chainalysis, DeFi’s rise over the past year has also played a role. In 2021, the Total Value Locked in decentralised finance protocols rose from around $18 billion to more than $252 billion.

Today, the TVL is around $209 billion according to data from DeFi Llama.