Chaos LabsChaos Labs

Chaos AI

Financial Intelligence for Everyone

Analytics

End-to-end Risk Intelligence

Oracles

Built for Real-Time Risk

News

Stay Up to Date with Chaos

Research

Read More on Risk, DeFi, and AI

Brand Kit

Company Assets and Guidelines

Documentation

Developer Information

About Us

Who We Are

News

Stay Up to Date with Chaos

Careers

Work with Us

Interested in Chaos Oracles?Get Early Access
Risk

DeFi’s Black Box: How Risk & Yield Are Repackaged

Omer Goldberg

Cover Image for DeFi’s Black Box: How Risk & Yield Are Repackaged

The growth of risk curation and onchain capital allocators (OCCAs)

DeFi has entered another phase of structuring, where institutional trading strategies are being abstracted into composable, tokenized assets.

It began with the introduction of liquid staking tokens (LSTs), but the launch of Ethena's tokenized basis trade was a key turning point for DeFi structured products. By wrapping a delta-neutral hedge into a synthetic dollar, the protocol transformed a 24-hour, margin-managed strategy into a one-click token, resetting what users expect from DeFi. Yield products once reserved for trading desks and institutions have become mainstream, and USDe is now the fastest stable to reach $10B in TVL.

With its success, Ethena demonstrated a deep demand for tokenized access to institutional strategies. This shift is now reshaping market structure and triggering a new gold rush of “risk curators” or onchain capital allocators (OCCAs) that package yield and risk strategies into simpler interfaces for users.

What are Risk Curators and OCCAs?

There is no industry-wide definition of a risk curator or OCCA. The label spans multiple designs, but what unites them is the repackaging of yield-bearing strategies. OCCAs typically ship strategy-branded products, while risk curators leverage modular money markets, mainly Morpho and Euler, to deliver yields through parameterized vaults. Both categories have grown from less than $2 million in 2023 to $20 billion in TVL (a 10,000x increase).

This raises a set of fundamental questions:

  • Where are deposits deployed?
  • What protocols and counterparties are the funds exposed to?
  • Are the risk parameters adaptive even in the face of a genuine volatility event, and what assumptions do they rely on?
  • How liquid is the backing?
  • What are the exit paths in case there is a withdrawal surge or a bank run?

Where are the risks?

On October 10, the largest altcoin wipeout in crypto history propagated through CEXs and perp DEXs, triggering liquidations and ADL across markets.

Yet, delta-neutral tokenized products appeared largely unaffected. Most of these products operate as black boxes, offering little info beyond a headline APY and a broad marketing mandate. At best, a few OCCAs provide indirect hints about protocol exposure and strategy. Position-level telemetry, hedge venues, margin buffers, live backing, and stress-marking policies are rarely disclosed, and when they are, they tend to be selective or lagged.

Without verifiable marks or venue-level footprints, users can’t tell if resilience reflects sound design, luck, or deferred accounting; in most cases, they can’t even tell if losses occurred.

We examine four recurring weak points across designs: centralized control, rehypothecation, conflicts of interest, and limited transparency.

  1. Centralization: Most packaged-yield “black boxes” are run from EOAs or operator-controlled multisigs that custody, move, and deploy user funds. This concentration shortens the path from an operational mistake, such as key compromise or signer coercion, to a catastrophic loss. It also recreates a familiar pattern from bridge exploits that dominated the last cycle, where even without malicious intent, a single compromised workstation, phishing link or an insider abusing emergency powers can cause immense damage.
  2. Rehypothecation: In several yield products, collateral is reused down a chain of vaults. One vault deposits into or lends against another, which in turn loops into a third. Investigations have documented circular lending patterns where deposits are “washed” through multiple vaults, inflating TVL and creating a chain of recursive mint-and-lend (or borrow-and-supply) that propagates systemic risk.
  3. Conflict of Interest: Even if all parties are well-intentioned, it is not always easy to set optimal supply or borrow caps, rate curves, or choose the perfect oracle solution for a product. These are all decisions that come with trade-offs. Oversized or uncapped markets can outrun exit liquidity, turning liquidations unprofitable and inviting manipulation. Conversely, caps that are too low limit healthy activity. Interest rate slopes that overlook liquidity depth can leave lenders stranded. This becomes even more problematic when the curator is judged on growth, as curator incentives can diverge from those of depositors.
  4. Transparency: The October flush made a simple problem obvious: users lack the telemetry to verify where risk sits, how it is marked, and whether backing actually exists at all times. Publishing live positions is not always prudent due to front-running, squeezes, and other forms of risk. However, some level of transparency is compatible with the business model. Portfolio-level visibility with minimal breakdowns, rather than per-trade coordinates, reserve composition disclosure, and hedge coverage at an aggregate, per-asset level, can all be backed by third-party checks. These systems could also implement dashboards and attestations that reconcile custodian balances and escrowed or vesting positions against outstanding liabilities, offering proof of reserve and governance of access without exposing sensitive trade-by-trade data.

A practical path forward

The recent wave of curated products pushes DeFi away from its early pillars of non-custodiality, verifiability, and transparency toward a more institutional operating model. There is nothing inherently wrong with this shift. DeFi's maturity has created room for structured strategies, which in turn require some operational discretion and centralization.

However, accepting complexity does not mean accepting opacity.

The goal is to close the gap with DeFi’s ethos by creating a workable middle ground where operators can run sophisticated books while maintaining transparency for users. To achieve this, the industry should move along a few clear vectors:

  • Proof of Reserve: Expand beyond headline APYs and include disclosures about the underlying strategies with periodic 3rd attestations and a PoR system. Users should be able to verify backing at any time.
  • Modern Risk Management: Solutions for pricing and managing the risk of structured yield products already exist and are adopted by some of the largest protocols in DeFi, such as @Aave. Chaos Risk Oracles optimize protocol parameters through a framework that reduces centralized failure points while maintaining healthy and safe money markets.
  • Reduce Centralization: This is not a new problem. Bridge exploits already forced the industry to confront upgrade keys, signer collusion, and opaque emergency powers. We should never forget lessons from the past. Threshold signatures or HSMs; key ownership separation; role separation (proposals, approvals, executions); just-in-time funding with minimal hot balances; withdrawal allowlists for custody routes; time-locked upgrades with public queues; and narrowly scoped, revocable emergency powers.
  • Limit Systemic Risks: The reuse of collateral is inherent to products like insurance or restaking. Rehypothecation should be limited and disclosed to avoid circular mint-and-lend loops across affiliated products.
  • Transparency on Alignment: Incentives should be transparent and disclosed as much as possible. Knowing where curators’ interests lie, where related-party ties exist, and how changes are approved turns a black box into a contract users can evaluate.
  • Standardization: Risk curation is essentially a $20B industry. This segment of DeFi should adopt a minimum level of standardization, including a common taxonomy, minimum disclosure requirements, and incident tracking.

With some of these commitments, curated markets can retain the benefits of professional structuring while keeping users protected through transparency and verifiable data.

Conclusion

The rise of OCCAs and risk curators is a predictable outcome of DeFi’s structured products phase. Once Ethena showed that desk-grade strategies could be tokenized and distributed, a layer of professional allocators was bound to form around money markets. This layer is not inherently a problem. The problem arises when the operational discretion it requires becomes a substitute for verifiability. The solutions are simple. Publish proof of reserve tied to liabilities, disclose incentives and related parties, limit rehypothecation, reduce single-point control through modern key management and change controls, and integrate risk signals (not just prices) into risk parameter management. Ultimately, success depends on being able to answer three key questions at any time:

  • Are my deposits backed?
  • Which protocols, venues, or counterparties am I exposed to?
  • Who controls the assets?

DeFi doesn’t need to choose between sophistication and first principles. Both can coexist, and transparency can scale with complexity.


Products

Resources

Company

Follow us

xlinkedinyoutube
Chaos LABS
Ⓒ Copyright 2025. All Rights Reserved