Inside DeFi 005: 🌪️ Base shuns Optimism, Discord’s KYC disaster

Welcome back to Inside DeFi

Coinbase-founded Base has decided to shun Optimism, DeFi platforms are shutting down, and Discord has caused a new crypto controversy around its use of age verification technology.

Elsewhere, Artificial Intelligence (AI) benchmarks suggest that AI is more useful to exploit protocols than patch them.

Optimism’s glass is looking (more than) half empty

Coinbase’s Base network announced this week that it would be pursuing a “new, unified stack,” leaving Optimism’s OP Stack infrastructure and moving to its own Base Chain.

Faster shipping, a simpler architecture, and Ethereum alignment are the three objectives Base claims for the decision.

The move fueled speculation over a future BASE token, despite previous repeated denials of having plans to launch a token.

It’s a challenge to be optimistic about Optimism’s position; it will lose the vast majority of revenue with Base’s departure. The OP token is down 30% since the news broke.

A nine-figure grant of OP tokens, worth $180 million at the time, brought Base to Optimism in August 2023, to be earned over the following six years. Since then, the token is down over 90%, and the full amount would be worth around $15 million today.

It’s not all bad news for Optimism, though. The same day Base announced its departure, EtherFi announced it would be moving to OP mainnet.

Shutdown season

Half a dozen crypto projects have decided to call it quits in recent weeks.

Blockchain data analytics platform Parsec announced today it would be shutting down after five years. Liquid staking and restaking project MilkyWay and NFT-focused Nifty Gateway both called it quits in January

ZeroLend, a “copy-paste” fork of DeFi lending giant Aave, announced it would wind down, citing “prolonged periods where the protocol operated at a loss.”

A year ago, one of ZeroLend’s markets was reportedly exploited, with the team failing to disclose the incident until after it was later discovered. The shutdown announcement states that those affected will receive a “partial refund,” funded via the team’s LINEA airdrop.

Slingshot wallet is also closing as a standalone app from February 28. It reminded users to export their private keys before then, warning “after shutdown, recovery will no longer be available.” This shutdown had been originally announced by Magic Eden in September 2025, and most of the Slingshot features are supposed to be integrated into Magic Eden.

PolynomialFi will also be fully closed from March 3rd. The team admits defeat in the battle for liquidity and that the planned Q1 token launch is “not happening now.”

Discord’s KYC disaster

Near-constant personal data breaches have become, at best, a routine disappointment and, at worst, a genuine danger in our inescapably online existence.

Privacy advocates may be naturally, and justifiably, suspicious of many everyday conveniences, but even the mainstream was shocked by (Amazon’s) Ring doorbell camera ad earlier this month. The backlash led to the cancellation of a surveillance deal between Ring and Flock Security.

Unsurprising, then, that Discord’s recent announcement went down like a lead balloon.

The incoming “teen-by-default” settings would restrict users to a “teen-appropriate” experience, unless they verify their age via video selfie or uploading ID.

Many users were not happy, especially given the track record of many identity verification, or know-your-customer (KYC), services.

For example, in early October 2025, Discord itself disclosed a data breach of its third-party customer service provider, 5CA. The company “identified approximately 70,000 users that may have had government-ID photos exposed.”

As scrutiny built up, three hacktivists stumbled upon an “identity surveillance machine that files reports on you to the feds,” built by Discord’s former KYC provider, Persona, alongside OpenAI and the US Government.

AI auditors—still too soon?

OpenAI and Paradigm announced EVMbench this week, looking at AI agents’ ability to “detect, patch, and exploit high-severity smart contract vulnerabilities.” The benchmark “draws on 120 curated vulnerabilities from 40 audits.”

Results showed strong improvements in exploit mode, with the latest model achieving a score over double that of its six-month-old counterpart.

However, “performance is weaker on detect and patch tasks.” Agents tend to “stop after identifying a single issue” or struggle to “maintain full functionality while removing subtle vulnerabilities.”

Given that AI-assisted pull requests are causing million-dollar losses due to oracle misconfigurations, perhaps it won’t be long before we see an autonomous agent pull off its very own exploit in the wild.

However, paired with appropriate resources, such as this “LLM-optimized” repository of common Solidity vulnerabilities from Spearbit’s kaden.eth, the future of AI-aided auditing looks gradually more promising.

In other crypto security news…

Researchers from Brave warned about issues with zkLogin, an authorization system based on zero-knowledge proofs. They claim that zkLogin makes “assumptions” that “transform short-lived bearer authentication documents into durable authorization credentials.”

The most recent Solidity version fixes a “Transient Storage Clearing Helper Collision Bug,” reported by Hexens. Despite its “high-severity” classification, only three contracts were thought to be affected, with “insignificant” funds at risk.

Finally, a reminder to check your test transactions — that’s what they’re for!