Decentralized finance (DeFi) is an emerging financial technology that challenges the current centralized banking system. DeFi eliminates the fees that banks and other financial companies charge for using their services and promotes the use of peer-to-peer, or P2P, transactions.
This Repository contains list of Common DeFi threat and Attack Vectors. This repository will be actively maintained and updated by QuillAudits.
If you find any attack vectors missing, you can create a pull request and be a contributor of the project.
| Serial No. | Attack Vectors |
|---|---|
| 1 | Governance Attack |
| 2 | Social Engineering |
| 3 | Impermanent Loss |
| 4 | Insecure front-end |
| 5 | Oracle Attacks |
| 6 | Exit Scams |
| 7 | Social Accout Takeover |
| 8 | Admin Private Key leak |
| 9 | Flash Loan Attacks |
| 10 | Replay Attacks |
| 11 | Accidental Loss |
| 12 | Unlimited Permissions on Token Approval |
| 13 | Influencer / Shilling |
| 14 | Re-entrancy |
| 15 | Price Feed |
| 16 | Price Induced Oracle Votality |
| 17 | Token Inflation |
| 18 | Structuring |
| 19 | Circulating Supply Impact |
| 20 | Slippage Exploit |
| 21 | Bots Attacks |
| 22 | "Fake" News |
| 23 | Incorrect Fee Charged |
| 24 | Excessive Leverage |
| 25 | Smurfing |
| 26 | Arbitrage Attacks |
| 27 | Influencer's Pump & Dump |
| 28 | Interlocking Directorate |
| 29 | Liquidity Squeeze |
| 30 | Network Congesting(uDoS) |
| 31 | Gas Griefing(DoS) |
| 32 | Rug Pull |
| 33 | Sandwitch Attack |
| 34 | Front Running Attack |