Lossless Whitepaper
The Decentralized Finance (DeFi) market grew rapidly in 2020: the true potential of blockchain technology and decentralized systems allows us to control our privacy and finances. People are interested in decentralized markets more and more every day, and this presents new opportunities and challenges.
According to the DeFi Pulse, the Total Value Locked (USD) in DeFi has been hitting all-time highs almost daily since the Q2 of 2020. This shows that people are starting to trust the DeFi structures that have been based on value-driven foundations: decentralization, immutability, and absence of overpowered third parties.
Uniswap, providing a decentralized Ethereum-based protocol that allows users to exchange ERC-20 tokens safely, has reached $4 billion in total value locked, surpassed 250,000 unique addresses, and supported over $100B worth of trades.
Several DeFi lending platforms - MakerDAO, Compound, Aave - enjoyed success, each locking north of $5B to date.
The DeFi market is still at its early stage, though, and there are many things to improve: security being the top priority.
Even though DeFi is proliferating, it is worth noticing that its technology, UX, accessibility, and security are still in early development stages. The constant hacking of core crypto platforms is hurting the crypto world. The latter is one of the core obstacles for a more comprehensive trust of the investor pool and adoption outside of the crypto world.
According to the research done by Atlas VPN, there have been more than 122 major hacks, and a total of $3.8B has been stolen in 2020 alone. As cryptocurrencies become regulated, going from a niche investment to a mainstream asset held by millions of consumers, banks are expected to take the plunge into the digital asset space. With big banks joining in, hackers will become more incentivized to attack than ever before.
Ethereum's smart contract Turing-completeness makes many DeFi projects prone to being exploited and hacked, resulting in investors' loss of funds.
Flashloans. Loans that have to be paid back in the same block they are taken. Can be used maliciously to extract money from Smart contracts. One way to utilize those loans, for example, is to trade big amounts and cause on-chain liquidations.
Exchange hacks. Both centralized and decentralized exchanges can be hacked, and the stored funds can be extracted.
Wallet hacks. Holding the user’s funds, wallets are a massive target for hackers. Security leaks can lead to hackers gaining access to user’s funds.
Token minting. Some token contracts have a minting functionality, which means that new tokens can be created. This can be used by hackers to mint new tokens and sell them.
Intentional “rug-pulls”. The team itself pulling liquidity, minting new tokens, dumping their tokens, or similar, can also be an issue.
By examining the major crypto hacks that took place over the last year, we can draw some key learnings that bear valuable insights, helping protect investors in the crypto space.
In summary, the DeFi space has great potential as it enters the official mainstream, with institutions becoming major players in this market. The premise for this prediction is that retail investors, as well as institutions, learn from the painful lessons that the 2020 hacks taught us.
Otherwise, they will become the targets of cyber-attacks that will bear catastrophic consequences, indirect financial loss, reputational damage, and loss of goodwill.
A trusted and safe DeFi ecosystem with minimal to no losses from hacks, exploits, or social engineering.
As a team of experienced engineers, finance professionals, as well as DeFi experts and white hat hackers, we are dedicated to making crypto investing accessible and safe. Together we’re building a new protocol for reliable DeFi investment and development to support blockchain technologies' growth. At Lossless, we aim to create a place where everyone could employ their money quickly with minimum risk. With a safer environment for everyone, we are aiming to increase the adoption of DeFi markets.
Lossless protocol - at its core, a piece of code that token creators insert into their tokens - this code empowers Lossless to freeze any fraudulent transaction based on a set of fraud identification parameters.
Our two-step process for recovering stolen funds:
Urgent/instant freezing after a hack - this step is community and technology-based, rewarding the one who identifies the hack and freezes the transaction.
Longer/permanent freezing occurs after a hack was verified by the Lossless committee, company, and token creator, which takes steps to reverse the fraudulent transaction.
A proof-of-stake hack finding platform
An intuitive dashboard that allows manual overview and reporting for hack spotters
Bot friendly APIs for community-created hack-spotting bots
A transparent reward system that guarantees high levels of participation and innovation
Three Party Lossless Decision Making Structure
This structure consists of three entities - Token Creator, Lossless Company, and Lossless Committee. The committee that overviews frozen transactions consists of investors with a significant share of LSS tokens and key public figures that provide trusted and unbiased decision-making, such as auditing firms.
Minutes after hack - anyone (finders) can freeze an address for 24-48 hours if they stake LSS tokens.
The Lossless team reviews the frozen address to determine whether it's valid or not.
If Yes - further steps are taken (see below); finders are rewarded a fee.
If No - staked tokens of the finder are confiscated, the address is unfrozen.
Hours after hack - Lossless company evaluates code, contacts contract owner.
If the hack is valid - the address is frozen for further 14 days, and a committee proposal is enacted for permanent transaction freezing and reversing the transaction.
The data analyst team at Lossless creates the first hack-spotting mechanisms to freeze transactions for 24-48 hours automatically. These mechanisms are open source for everyone to contribute.
The winner-takes-all incentive will encourage the community to build on top of this initial model and improve it daily. The market will be able to determine the best ways to identify hacks, and the quickest spotter will get the reward.
This guarantees that the efficiency of the system will only improve over time as hack spotters will compete to make the fastest hack-spotting tool.
Most common ways:
Listen for on-chain events, e.g., Mint(), OwnershipTransferred() - Smart contracts emit events on certain actions. For example, a Mint()-Event is emitted on the blockchain if new ERC-20 tokens are minted. By listening for this event, finders might find a hack.
Check for unusual token activity, e.g., large transactions, liquidity pull - Highly unusual token activity, such as very large transactions from the team's wallets, without previous announcement, can be an indicator of a hack too.
3rd party reports, e.g., on exchange hacks - Blockchain hacks can also be identified with the support of 3rd parties. For example, a centralized exchange might publicly announce a security leak, which the finders can use to freeze affected addresses.
Because of the unique "staking" reward system in place, the market will determine the best ways to identify hacks as the quickest spotter gets a reward.
Tether, the 3rd largest cryptocurrency by market capitalization, can Freeze and Destroy Your USDT; if you lose access or send it to the wrong address, Tether has proven to be a successful "lifeguard" in corner cases.
The Lossless Protocol improves this model by allowing anyone to initiate the transaction freezing, while three independent parties decide the ultimate fate.
Benefits Of Using Lossless
A win-win for token creators - no upfront cost, fixed percentage fee from the saved hack;
Becoming the hack protection "standard" - projects can use Lossless to increase the trust for token holders;
Increasing overall security for DeFi participants - paramount importance for wider global DeFi adoption.
Regular ERC-20 Interface vs. Lossless implementation ERC-20 Interface
{function totalSupply() external view returns (uint256);function balanceOf(address who) external view returns (uint256);function allowance(address owner, address spender) external view returns (uint256);function transfer(address to, uint256 value) external returns (bool);function approve(address spender, uint256 value) external returns (bool);function transferFrom(address from, address to, uint256 value) external returns (bool);function hackFreeze() returns (bool);function allegeHack(address allegedHacker, uint256 freezeDuration) external returns (bool);function resolveHackAllegation(bool isRealHack) external returns (bool);event Transfer(address indexed from, address indexed to, uint256 value);event Approval(address indexed owner, address indexed spender, uint256 value);}
With more businesses and countries accepting Bitcoin as a payment method, DeFi markets are on boom too. This year, in only two months, the total value locked (USD) in DeFi has grown from $16B to $40B+. What's more, the number of total users in the DeFi markets has risen to 1.4 million, which is seven times higher than the mid-2020.
As mentioned previously, 2020 Saw $3.8 billion was stolen in the DeFi ecosystem, a total addressable market for Lossless protocol as all or most of this money could have been saved and kept with their investors where they belong.
To our greatest surprise, there are plenty of cybersecurity companies and products in the general online space, but almost inexisting competition in the current DeFi cybersecurity market leaves room for rapid market share growth for Lossless.
A 10% market share of $3.8B would imply the prevention of $380 million losses. And a 7% Lossless monetization fee would return $26.6 million in income for Lossless protocol. Keeping in mind that hacks and the hacked amounts increase, this brings a unique growth opportunity for the project.
A market focused on prevention and analysis of hacks, rather than mitigation - no one is freezing and reversing hacked assets. Competition is more of a traditional en-suite cybersecurity company that offers various cybersecurity products and services. Or, as an alternative, are one-off bug or hack bounty programs set out by the token creators themselves.
Some indirect competition includes:
We focus on building a safe and functional protocol for our users - both experienced and beginners. As one of the first players in this field, we understand our responsibility to deliver a trusted system and make timely improvements along the way. Here are some of our core features today:
Different approach to blockchain security - mitigation vs. prevention (the latter has proven to be unsuccessful)
Decentralized community incentives
Trusted committee
Focus on Simplicity
User-friendly UX/UI
Early mover advantage
Experienced team
The crypto world is still much less regulated by traditional systems (governments, laws, and others) and attracts many hackers who aim to exploit any mistakes that platforms make. Some of the most recent hacks in 2020 only show that token creators and holders who did not implement additional safety tools/systems are highly vulnerable and exposed.
PAID Network. Had several successful audits but had a mint hack on the protocol. Someone managed to mint $100 million worth of the token and dumped it, reducing the price by 80%.
DODO. Drained of $3.8M in DeFi Exploit. DODO expects just under half of those funds ($1.88 million) to be returned.
Alpha Finance & Cream Finance. Were hacked by around $37.5m through a flash loan attack. Luckily, the users weren’t affected as such, but the CREAM price quickly fell by over 34%.
Furucombo. Transaction batching protocol Furucombo suffered $14 million "evil contract" hack. "Evil contract" is an exploit where an attacker creates a contract that fools a protocol into believing it belongs there, giving them access to protocol funds.
With overall 122 hacks and a total amount of $3.8B stolen in 2020 alone, the crypto world, including DeFi, needs to take things seriously and protect their platforms with systems like Lossless.
A time difference of 4 minutes and 10 seconds between mint and first sell transaction - First stage Lossless bot intervention on mint function.
A time difference of 61 seconds between first and second sell action - Second stage bot intervention (based on rapid token dumping criteria).
In the event of no-bot detection and a manual response rate of ~3 minutes from the first sell transaction, 10 out of 13 transactions could have been frozen, resulting in a 67% selling reduction (676 ETH vs. 2040 ETH currently).
With nothing quite the same as Lossless on the DeFi market or more expansive cybersecurity space, we had to develop a unique business model that would make our platform sustainable, a community of developers and white hat hackers engaged and incentivized - at the same time allowing investors to enjoy their DeFi investments flawlessly and most securely.
An estimated 7% fee paid from the stopped hack transaction. Paid only when it is stopped, in native tokens.
Uses of revenue: Native tokens are used to buy LSS tokens and distribute:
2% is paid out to finder
2% is distributed for LSS token holders that stake
2% is distributed for Lossless Committee
1% is retained by Lossless company
DeFi markets are growing exponentially already; however, we conclude that every project and platform should do their bit in protecting their customers' finances by applying the best cybersecurity solutions available in the crypto world. To guarantee our further development, we have to steadily attract new clients and expand the community of incentivized white hackers. As our product is suitable for all DeFi projects, we have developed a complex strategy to target diverse groups and marketing/sales channels. Our primary focus areas will be:
Product/Token
Business Development
Early Adoption Incentives
Influencer marketing
Affiliate and referrals
Highly correlated tokenomics - product success, with its ability to freeze hacks, is designed to impact and create interest for LSS token.
Being focused on token creators, we see that partnerships and integrations with existing and upcoming tokens will be one of our protocol's driving forces. We will be dedicating part of the team of sales and business development people to talk to as many existing and newly established token creators to integrate lossless protocol.
We understand that to keep Lossless relevant, we have to never stop trying and caring for our customers. That's why Lossless will provide early adoption incentives, such as tokens for projects that join early.
Influencers are the main access gate to a broader reach of the right audience in the crypto world, as trust is one of the industry's critical values. Our goal is to cooperate with influencers who have proved their integrity and understanding of the crypto world. Such personalities usually have an enormous following and can motivate many of their followers to use diverse products.
Lossless will create long-lasting relations with all our customers, and we will work with a small number of influencers who will consequently become our brand's ambassadors. This is an effective way to gain more trust in the crypto world and boost our numbers.
The Lossless team believes that affiliate and referral schemes are behind the fast expansion of broader cryptocurrency ecosystems and DeFi solutions. Transparent affiliate campaigns have helped DeFi space to grow in popularity, so it continues to be one of the essential marketing strategies that attract new users.
ByBit allows its referrers to make earnings not just from people they refer directly but also from generations of users referred by their referrals. Their concept proved successful. Affiliates at the third level can get from 10% to 35% off trading fees, and that, in the long run, adds up to a substantial amount.
The Ledger cryptocurrency wallet is another great example we'd like to share. Its affiliates get a 10% commission for every $10 sold, which is a spectacular opportunity for crypto influencers to spread the news and earn money.
After our launch, Lossless Affiliate and Referral Program will follow these steps:
1. We will talk to famous influencers and crypto bloggers who have an excellent reputation to spread the word about Lossless.
2. Anyone referring and successfully making token creators use Lossless code will receive a one-time incentive in the form of LSS tokens.
Token creators must use a part of Lossless code when creating their token contract.
Business development with new token creators (through investor/KOL circle)
Out-of-the-box tools (such as Interface for token relaunch swap, Airdrops for relaunched tokens to existing holders, Managing token relaunch with CEXs) for existing tokens to relaunch their token using Lossless code.
Advisory tokens / strategic partnerships for auditors. Auditing companies would recommend new token creators use Lossless code.
ETH, BTC would have pegged L-BTC L-ETH: those tokens would have lossless hack protection code.
On Ethereum, users can deposit their ETH and receive L-ETH via smart contract - Lossless Ether. This way, users can participate in DeFi activities (staking, farming, among others) with a lower risk of losing capital.
The Lossless protocol will introduce an innovative cybersecurity protocol to keep investors' money safe. We built LSS tokens as an integral part of our ecosystem to significantly influence the DeFi market and achieve more remarkable results by involving our community when making crucial decisions.
LSS token utility:
Finders Staking
Finders Fees
LSS Token Governance
Promotion and Referral program
Early Access and Insights
In order to join the Lossless community and be eligible for finders fees, white hackers must stake $5,000 worth of LSS tokens before a hack freeze can occur. If the hack is false, however, staked tokens can be confiscated from finders.
Community Finders are paid in LSS tokens after the fee is collected from the hacked project.
LSS governance token functionality will also be introduced. This functionality will allow active users (white hackers who are actively engaged in the Lossless ecosystem and have staked their LSS tokens) to provide feedback and make suggestions about the protocol, roadmap, various parameters, and the whole codebase.
To further increase our popularity and recognition in the crypto world, as well as acquire more token creators and hack finders to our platform, we will do different promotions and launch a referral program. We will pay different influencers, audit companies, other platforms, blogs, and social media accounts their bonuses for referrals in LSS tokens. On top of that, all the airdrops that help to control the liquidity of our wallets will be sent in LSS Tokens, as well.
TOP LSS token holders will have early and exclusive access to our newest product features, tools, and the latest cybersecurity insights. To show how much we value our loyal customers and community members, we will also create invite-only initiatives for people who hold a certain amount of LSS tokens.
2021 Q2
Fundraising
Lossless committee establishment
Lossless Solidity Standard
Public security audit
2021 Q3
Lossless Hack Monitoring Toolkit
Loss Token Governance
2021 Q4
Out-of-the-box Token Relaunch Toolkit
Wrapped major ERC-20 tokens with Lossless code (L-BTC; L-ETH)
BSC/DOT Support
Use Lossless at your own risk. We do not provide any warranties or guarantees, and all the information in this document doesn't make us responsible for your decisions.
This document is used for marketing purposes only and doesn't legally bind us to anything. We do not encourage you to buy anything nor make your decisions based on this text. It's written for marketing purposes, and we don't take responsibility if you choose to act in any way. This information doesn't constitute a recommendation by anyone to purchase tokens, join DeFi, or invest your money into the crypto world.
This document contains some forward-looking statements that might change in the future depending on the situation. We cannot predict the future 100% right, so all the decisions you make based on this information are at your own risk. Also, there is a possibility that some information might be wrong in this type of document, so you must always double-check the information and make your own mind.
------------------------------------------------------------------------------------------------------------------------------------------------------- Last update on 2021-05-21 by Digital Assets Security Solutions OÜ
