As with most things in the financial world, when something promises extremely high rates of return there’s usually a catch. DeFi lending is no exception.

To put it simply, DeFi, shorthand for decentralized finance, is an ecosystem of blockchain-based applications that offer a range of financial services similar to those provided by traditional banks, insurance brokers, and other financial intermediaries. The main difference being, these decentralized applications, known as dapps, run autonomously without any third party acting in the middle. That’s because each dapp is powered by a smart contract – a special computer program that automatically performs a function when certain predefined conditions are met.

DeFi lending is just one type of traditional financial service that is now accessible through these peer-to-peer operated dapps. Similar to depositing funds into a savings account to receive interest payments, crypto investors can now lock up their funds or use them to provide liquidity across a range of decentralized platforms and receive regular interest payments.

Many of the interest rates offered on these dapps are significantly greater than anything currently available in the traditional financial space, making DeFi lending a highly attractive passive income stream for crypto holders. But before lending any assets, there are a number of associated risks everyone should be made aware of.

Read more: 5 Ways to Earn Passive Income From NFTs

When you commit your assets to a liquidity pool, you risk something known as “impermanent loss.”

Impermanent loss is when the price of assets locked up in a liquidity pool changes after being deposited and creates an unrealized loss (in dollar terms) versus if the liquidity provider had simply held the assets in a crypto wallet.

The change occurs for two reasons and has to do with the Automated Market Maker system DeFi liquidity pools use.

When arbitrage traders flood the pool with one token in order to remove the discounted token – in this example, adding ether to take out link – the ratio of coins changes. In order to regain balance, the liquidity pool automatically increases the price of the token in higher supply (link) and reduces the price of the token in lower supply (ether) to encourage arbitrage traders to rebalance the pool.

Once the pool rebalances, the rise in the value of the liquidity pool is often less than the value of the assets if held by the lending protocol. That's an impermanent loss.

Here’s a summary of the graph’s data and the relationship between price change and percentage loss:

In defense of these protocols, liquidity providers (LPs) are rewarded with a proportionate amount of trading fees for adding assets to the pool, which can often offset impermanent losses. Uniswap, for example, charges a flat trading fee of 0.3% which is distributed to LPs.

Top tip: The best way to mitigate impermanent losses is to provide liquidity to pools containing less volatile assets such as stablecoins.

Impermanent loss shouldn’t be something that scares you away from DeFi lending, but rather a calculated risk to understand before lending your assets.

Flash loans are a type of uncollateralized lending unique to the DeFi space. In the traditional, centralized model of banking, there are two types of loans:

Flash loans are a type of unsecured loan that uses smart contracts to mitigate all the risks associated with traditional banking. The concept is simple: A borrower can receive hundreds of thousands of dollars in crypto assets without putting up any collateral but the catch is they have to pay the full amount back within the same transaction it was sent (usually a few seconds).

If the loan isn’t paid back, the lender can simply roll back the transaction, like it never happened. Because there’s zero risk involved in issuing these types of loans, there is no limit to the amount a person can borrow. And because the entire process is decentralized, there are no credit scores or reports preventing a person from qualifying for a flash loan.

Flash loan attacks are when bad actors borrow huge sums of money using these special types of loans and use them to manipulate the market or exploit vulnerable DeFi protocols for their own personal gain.

A flash loan attack against the yield-farming aggregator PancakeBunny made headlines when the attackers caused the price of PancakeBunny’s token, BUNNY, to drop 95%. They did this by borrowing large amounts of BNB through the PancakeSwap lending protocol, manipulating the price of BUNNY in off-market lending pools, and then dumping that BUNNY on the open market, causing its price to crash.

As is the case with almost all flash loan attacks, the thieves escaped without repercussion. It’s estimated the attackers netted $3 million in total.

Once a liquidity pool is drained of a particular token, liquidity providers can become exposed to impermanent loss. Not to mention, lesser-known tokens hit by these attacks – such as BUNNY – cause investors to lose all confidence in the projects and they rarely recover in price.

Without traditional forms of regulation in the DeFi lending space, users have to develop a certain degree of trust with the platforms they’re willing to lend their assets to or buy tokens from. Unfortunately, that trust is often breached in the form of rug pulls.

Rug pulls are a type of exit scam where DeFi developers create a new token, pair it to a leading cryptocurrency such as tether or ether and set up a liquidity pool.

They then market the newly created token and encourage people to deposit into the pool, often promising extremely high yields. Once the pool has a substantial amount of the leading cryptocurrency in it, the DeFi developers then use back doors intentionally coded into the token’s smart contract to mint millions of new coins that they use to sell for the popular cryptocurrency. This completely drains the popular cryptocurrency from the pool and leaves millions of worthless coins in it. The founders then disappear without a trace.

A famed "billion-dollar rug pull" came in 2020, when SushiSwap developer Chef Nomi unexpectedly liquidated his SUSHI tokens after raising over a billion dollars in collateral. The price of the Uniswap competitor’s token fell to near zero in what is remembered as one of “the most dramatic moments in DeFi.”

DeFi fraud is a billion-dollar industry and, despite efforts to mitigate risks by developers, remains a prevalent aspect of the growing space. It was reported that the first half of 2021 brought triple the volume of DeFi hacks and fraud compared to 2020 altogether.

Despite the rampant increase in this type of malicious activity, there are methods to vet a company for potential exit scams before investing. These include:

Ultimately, the same permissionless designs that make DeFi protocols vulnerable to theft are its source of potential to disrupt the finance industry. Limited regulatory oversight paired with the open-source nature of blockchain means there will always be vulnerabilities for lending protocols dealing with large sums of money. As is true with almost all sectors of the blockchain industry, the goal is that these risks will be mitigated over time.

Here is what you need to know about “decentralized finance,” an umbrella term for Ethereum and blockchain applications geared toward disrupting financial intermediaries.

Thanks to innovative DeFi platforms, there are now more options available for student borrowers who wish to repay their loans using crypto.

If the terms “yield farming,” “DeFi” and “liquidity mining” and are all Greek to you, fear not. We’re here to catch you up.