A Beginner’s guide to using and understanding Tinyman built on Algorand.
Tinyman is Algorand’s first ever AMM, or Automated Market Maker. An AMM is a decentralized exchange that algorithmically prices assets by pooling liquidity from individual users. This is in contrast to a centralized exchange like Coinbase or Kraken, which provide their own liquidity and allow their customers to swap assets using their protocols and fees. The purpose of this article will not be to dive too deeply into the underlying mechanisms that make decentralized AMMs work, but rather to explain in layman terms so the average DeFi user can understand how it’s useful and profitable.
On the Algorand block chain there exists ASAs, or Algorand Standardized Assets which are tokens and projects developed on the blockchain with their own use cases. It is only natural then that users want to be able to swap between Algo and various ASAs. Tinyman enables the creation of liquidity pools which allow users to permissionlessly swap between the two in a manner that requires nothing more than wallet access (NO KYC!). So long as users are providing liquidity in the pool, you can easily swap between ASA to ASA or ALGO to ASA by paying only a small fee.
The more users provide liquidity in a pool, the less volatile the swap rates are and the lower price impact you’ll have when you swap. Pools with more liquidity will give you much better rates. Be careful when looking to swap between two ASAs or pools with low liquidity, as you will likely receive tokens well below the true market value. This is extremely likely to be commonplace as Tinyman 2.0 reboots, so swappers should pay extra attention over the next few weeks. Especially when swapping between lesser known assets.
Providing Liquidity can be a very rewarding venture on Tinyman. Liquidity Providers earn value by being rewarded a portion of the swap fees that occur while their tokens are in the pool. You receive tokens by providing equal value of liquidity in two different tokens. This reward is paid out proportionate to what percentage of the pool’s total value a user is contributing to, multiplied by the fee as instantaneous swaps occur. Additionally, users are able to stake their liquidity pool tokens (tokens a user receives when they provide liquidity) on Yieldly’s staking platform and earn rewards. Currently, the first LP pool launched and accepts ALGO-AKITA tokens in return for $YLDY payout.
The risks of liquidity providing are not insignificant by any means, and each one deserves a section of their own. LP is by no means a safe venture.
The TLDR of Impermanent Loss is that you lose value when the ratio of the two assets you provided changes, whether that is in the positive or negative direction. Regardless of the direction the ratio moves in, a liquidity provider will always be worse off than if they had simply held both assets. It is important to think about whether the fees earned + other rewards are enough to offset the probability of impermanent loss.
- Asset Depreciation
Simply put, you are forced to hold two assets for a period of time. One of the two assets is almost guaranteed to be riskier than the other, i.e $YLDY and $ALGO. But you are forced to hold both in equal amounts, even though the risk on both are not the same. Imagine you provide $1000 in liquidity of both $ALGO and $YLDY. A pest disease wipes out all flamingos, and $YLDY crashes making your holdings worth $1. You will not then have $500 in ALGO and $1 in $YLDY. You will have ~$31.62 in both, and an impermanent loss of 93.68% compared to if you just held both assets. So don’t provide liquidity unless you have conviction in both assets.
3. Pool Exploits
Pool exploits often felt like a faraway false reality. That is, until the Algorand DeFi community was rocked by the exploit that hit Tinyman at the start of 2022.
What happened with Tinyman?
On January 1st, there was an exploit by a bad agent that took around 3 million dollars, primarily from the recently wrapped goBTC and goETH pools. Tinyman contracts are permissionless, so even they were powerless to stop this from continuing. Since not all pools were exploitable for a financial profit, Tinyman reacted by advising users to pull liquidity from their contracts, placing warnings and removing users’ ability to deposit tokens.
If that sounds worrying, it’s because it is. DeFi hacks are not unheard of in the crypto space, and had the hackers been more patient they easily could have stolen far more money. Over 1.7 billion USD has been stolen from various DeFi hacks throughout history, with the majority of them happening on the well developed Ethereum chain. Tinyman’s smart contracts had been audited, and those audits came extremely close to unveiling the breach but came up just short.
In the aftermath, it was impressive how calmly much of the community reacted to this. Tinyman wasted no time shutting down their procedures and making certain that users knew that their needs would be prioritized and their lost funds the center of their compensation program. They released a massive bug bounty program to encourage continual security protection, and have dedicated all their resources to re-launching secured Tinyman smart contracts.
In regards to closing thoughts on the matter, it really sucked that this exploit opened up the new year for Algorand. But it was beautiful and reassuring to see the community and Tinyman’s reactions once it happened. In security, nothing is ever truly guaranteed or safe, and participating in Decentralized Finance comes with a whole host of unforeseen risks. The only thing you can guarantee are the efforts taken in advance and afterwards. From my perspective, it’s clear that Tinyman has taken this breach to heart and their focus on the community and compensation proves that.
If you enjoyed what you read, consider following on twitter to stay up to date with the latest posts @algonautspace