Inside DeFi: How Uniswap, Aave, and Compound Are Actually Built

Before Uniswap, decentralized exchanges used order books — the same model as centralized exchanges. Users placed buy and sell orders that were matched by the contract. The problem was liquidity: thin order books meant wide spreads and poor execution.

Uniswap V2 replaced the order book with the constant product formula: x * y = k, where x and y are the reserves of two tokens and k is a constant. When you swap token A for token B, you increase the reserve of A and decrease the reserve of B, with the price determined entirely by the ratio of reserves.

Liquidity providers deposit equal values of both tokens into the pool and receive LP tokens representing their share. They earn 0.3% of every trade proportional to their share. They accept impermanent loss — the risk that holding the tokens separately would have been more profitable than providing liquidity.

Uniswap V3 added concentrated liquidity — LPs can specify a price range for their liquidity, dramatically increasing capital efficiency but adding complexity for LPs who must actively manage their positions.

Lending protocols are conceptually simpler than AMMs but have more complex interest rate mechanics.

Compound's architecture: users deposit assets into a pool and receive cTokens (e.g., cDAI for depositing DAI). These cTokens accrue interest by increasing in value over time. When you redeem your cTokens, you get back more underlying tokens than you deposited.

Borrowers provide collateral worth more than they borrow (overcollateralization). If their collateral value falls below the liquidation threshold — typically 75–80% LTV — any user can liquidate the position by repaying part of the debt in exchange for the collateral at a discount.

The interest rate is set algorithmically based on utilization: the ratio of borrowed assets to total supplied assets. As utilization increases, the rate rises, incentivizing more deposits and fewer borrows until equilibrium is restored.

Aave added several important innovations: stable rate borrowing (rate is fixed at borrowing time, within limits), flash loans (borrow and repay within one transaction without collateral), and credit delegation (allow another address to borrow using your collateral).

Every DeFi protocol that deals with real-world prices depends on oracles — external systems that bring price data on-chain. Getting oracle design wrong is how protocols get drained.

Uniswap V2's time-weighted average price (TWAP) was the first widely used on-chain oracle. It calculates the average price over a configurable time window, making single-block manipulation expensive but not impossible for long windows.

Chainlink's decentralized oracle network aggregates prices from multiple independent nodes, with each node drawing from multiple data sources. The network uses economic incentives and reputation to ensure accuracy. Most serious DeFi protocols use Chainlink for external price feeds and TWAP for derived on-chain prices.

The critical failure mode is using a DEX spot price (the current pool ratio) as an oracle — an attacker with a flash loan can move the spot price dramatically within a single transaction, exploit the manipulated oracle, and repay the flash loan. Dozens of protocols have been exploited this way.

DeFi protocols face a governance dilemma. Smart contracts are immutable by default — which is good for security but bad if you need to fix bugs or upgrade the protocol. The solutions introduce their own trade-offs.

Proxy patterns (OpenZeppelin's TransparentProxy and UUPS) separate the logic contract from the storage contract. You can upgrade the logic while preserving state. The risk is that the proxy admin can change behavior without users noticing — often called admin key risk.

Token governance (like Compound's COMP and Uniswap's UNI) distributes upgrade authority to token holders who vote on proposals. This is more decentralized but creates governance attack risks — an attacker who acquires enough tokens can propose and execute malicious upgrades.

Timelocks are the standard risk mitigation: governance decisions must wait 48–72 hours before executing, giving users time to withdraw if they disagree. MakerDAO's governance uses a 48-hour timelock. It does not eliminate governance risk but dramatically reduces the blast radius of a malicious proposal.

The protocols above took years and tens of millions in development to build and audit. If you are building a new DeFi protocol, you are not starting from scratch — OpenZeppelin provides audited, production-tested implementations of most standard components.

The areas where custom development is genuinely required: novel AMM mechanisms (concentrated liquidity variants, stable swap curves, RFQ systems), custom risk models for lending, and cross-chain functionality. Everything standard should be composed from existing audited code.

The economic design is as important as the code. Interest rate curves, liquidation thresholds, collateralization ratios, and fee structures have enormous impact on whether a protocol is capital-efficient, whether it attracts liquidity, and whether it is stable under adversarial market conditions. Simulation and stress testing the economic model before launch is not optional.