DeFi: How to Earn Passive Income by Lending on Compound
DeFi, a short form of decentralised finance works as part of cryptocurrency and could be used to earn passive income for individuals and even corporates. Money, they say, goes to where it is treated well and DeFi is one of the innovations of the future.
Heard of first movers’ advantage in strategic management before? The world of Blockchain has actually proven ‘first movers’ advantage’ a very strategic endeavour.
Welcome to the digital economy of the future, as Coinbase puts it, decentralized finance is still a growing financial sector full of opportunities. In the world of DeFi, innovations happen at a breakneck pace with new products and services being launched every day. How do you come in?
Understanding how DeFi works, setting up an account remains the first step into the future.
1. Create Coinbase account
Navigate to Coinbase. Follow the account creation process and be sure to use your real name as it appears on your passport or government ID. Also, make sure you use a secure password and email (account recovery is like a backdoor to your account, be sure that door is locked).
Once your information is submitted, you’ll be required to verify your email. If you don’t receive the verification email, check your spam folder just in case before resending it.
Click the ‘Verify Email Address’ button found in your verification email from Coinbase.
Setup your account
Now we can set up your Coinbase account by verifying your identity, adding a payment method for later, and securing your account with app-based 2FA.
Verifying your identity
First, it’s going to have you confirm your phone number by sending you a code via SMS. Enter this code to verify your phone number.
Next, you’ll be prompted to verify your identity with either your passport, driver’s license, or some other form of photo ID.
This is required for Coinbase to comply with regulators. It also benefits you with higher purchasing limits and in the case, you get locked out of your account and they can verify it’s actually you.
Select the form of ID and follow the prompts to activate your webcam or phone camera. It’ll have you take a picture of both the front and the back. If the image looks clear, click the ‘Finish & start verification button.
Coinbase will then review your documents. This process may take a few days.
Link your bank account to your Coinbase account
Head to Linked Accounts under your Coinbase Account settings, click ‘Link a New Account’ and select ‘Bank Account’.
Follow the Plaid prompts to access your banking information. If Plaid is unsuccessful, you may need to manually enter your banking information.
Coinbase may use a charge verification to verify your banking details.
A charge verification is when Coinbase places two random charges like $1.37 and $1.61 to your account. They ask you to enter the precise amounts they charged by checking your bank statement.
Once confirmed, the charges are removed.
You’re likely familiar with 2 form authentication (2FA) or 2-step verification. You’ve likely come across a time where you need 6 digit code sent to you via SMS to log into an account.
And while this is technically 2FA, it’s not great and can actually leave you vulnerable if anyone were to get a hold of your phone.
This type of attack referred to as SIM swapping, SIM porting, or SIM jacking is common in cryptocurrency.
Coinbase will show you how to use authenticator apps like Google Authenticator (Android / iPhone or Authy to secure your Coinbase account instead.
Go ahead and install one of these apps onto your phone.
Then under your Coinbase account security settings > 2-step verification section, select Authenticator. A QR code will be shown on the screen. You’ll take your authenticator app, click the ‘+’ button, and scan the QR code.
This QR code is the secret that your app will use to generate new 6 digit one-time codes every 30 seconds or so. The secret is stored locally on your device meaning if you lose your phone you won’t be able to access these one-time codes.
The idea is that without that device an attacker couldn’t access your account with your login information alone.
But, this means that if you lose access to it, neither will you.
On Coinbase, you need to enter these one-time codes to log in and perform many of the functions of the service. 2FA can be reset in an absolute emergency but it can take days if not weeks of working with customer service to verify your identity.
It is recommended you securely back up this secret somehow BEFORE entering the one-time code to enable 2FA on your Coinbase account, in case of an emergency. Some people print it out and store it in a safe location.
Or, you can use another device you own to scan the QR code as well so you have it in two places. You can even allow a trusted family member, friend, or spouse to scan it and store a copy of the secret for you.
If you didn’t back up your 2FA secret but still have access to your authenticator, you can disable and re-enable 2FA to generate a new secret that can be backed up.
Learn more ways to protect your Coinbase account here.
Install MetaMask and setup your Ethereum wallet
MetaMask is a web extension that allows you to interact with the Ethereum blockchain and manages the private keys to your Ethereum wallet in-browser.
Visit MetaMask.io and click the orange ‘Get Extension’ button. This will take you the extension for your browser. Click the ‘Add to Browser’ and ‘add’ if a popup appears to install the MetaMask extension to your browser.
Setting up your MetaMask account / Ethereum wallet
Once installed, you should see a little orange fox icon to the right of your browser’s address bar. Click this fox icon and then the ‘Continue’ button to begin setting up your account.
Next, you’ll be prompted for a password for your MetaMask account. Make sure this is a secure password and do not forget it. This password is used to encrypt the private keys to your Ethereum wallet file stored locally on your computer.
MetaMask will prompt you for this password each time you access the extension. It’s never a bad idea to write down this password and store in a safe place.
Finally, click the shaded area to reveal your seed phrase. As you may recall, this seed phrase is extremely important because it’s what allows you to access or recover your wallet if you weren’t able to remember your password or your MetaMask were to become inaccessible.
BACK IT UP and store it in a secure location. If you forget your seed phrase, there is no way to recover any funds stored in the wallets generated by that seed phrase.
Click next after you’ve created a backup or multiple backups of your seed phrase.
MetaMask then tests if you actually backed it up by making you click each word of your seed phrase in order. Press the ‘confirm’ button once you are finished.
Congratulations, you’ve created your first Ethereum wallet.
3. Deposit USD/EUR into Coinbase Account
Login to Coinbase, if you weren’t already, and navigate to ‘Accounts‘. Here you should see the currency wallets available to your account. Under the currency of your choice (USD or EUR Wallet), click the deposit button.
You can choose to either deposit from your bank account or wait a few days. Just enter the amount to deposit and hit confirm. Your funds are ‘on hold’ while the bank transfer is cleared with your bank. This can take up to 3 – 7 days depending on your bank.
Or, you can choose to send your money with a Wire Transfer but it’ll cost you a $10 wire fee. Bank wire transfers may be credited to your Coinbase account on the same day if submitted by 1:00 PM PT. Otherwise, funds will be available after one business day.
4. Transfer to Coinbase Pro
Navigate to Coinbase Pro, a cryptocurrency exchange run by Coinbase, and login in using your Coinbase login information. These accounts are linked by default and so share the same login.
Once logged in, click the ‘My Wallets’ button in the upper right-hand corner of the page. Then, click ‘Deposit’ which will pop up a menu where you’ll select your US Dollar or Euros.
Select the ‘Coinbase Account’ option on the right side. Enter the amount you’d like to deposit or simply hit ‘Max’ and then click the ‘Deposit’ button at the bottom of the window. Your funds should transfer instantly unless they are still on hold.
5. Convert USD/EUR to DAI
Follow the link for your currency (USD or EUR). On the left side of the page you should see your Wallet Balance and below that Order Form.
It’s worth noting here that cryptocurrencies like ETH are relatively new and their value can be quite volatile. Never invest more than you are willing to lose!
Select ‘Buy’, ‘Market’, and enter the amount of money you’d like to spend or ‘Max’. Verify the details of your trade and click ‘Place Buy Order.’ You’re now the proud owner of Ether (ETH).
Withdrawing your ETH to MetaMask
Let’s withdraw your ETH to your MetaMask wallet. Under ‘Wallet Balance’ on the left side, click the ‘Withdraw’ button. Select ‘Ether’ in the popup window. Now, click the MetaMask icon at the top of your browser window to open up MetaMask’s menu.
Above your wallet balance and the Ether symbol, you should see your ‘Account #’ and part of your wallet address.
If you hover over this and click it, it will copy your wallet address to your clipboard. Paste this into the ‘Destination’ field in the Coinbase Pro Withdraw ETH popup window.
Be sure to double-check the address because Ethereum transactions are irreversible and you cannot retrieve funds sent to an address you don’t own.
Once you’ve verified the address, enter the amount of ETH to withdraw and click the ‘Withdraw ETH’ button. You’ll be prompted to enter the 6 digits from your 2FA app. After you’re finished, your funds will be sent from Coinbase to your MetaMask wallet momentarily.
Swap ETH for DAI
Open DEX.AG, a DEX aggregator or website which searches across the top DEXes to find you the best price for your trade.
By default, DEX.AG is set to BUY Dai with ETH. For the purposes of this guide, let’s switch to SELL ETH for DAI. Next, enter the amount of ETH you’d like to swap for DAI. You can check your total ETH balance under MetaMask.
DO NOT enter your total balance to swap – You need to keep some ETH to pay for network transaction fees called gas.
Your typical transaction will cost you between $0.10 to as high as a few dollars depending on what type of transaction you’re sending and the network fees at that moment; so keep at least a few dollars worth of ETH for this swap and future transactions from your wallet.
For reference, at the time of writing this ETH’s price is currently ~$213 so keeping anywhere between 0.05 and 0.1 ETH in your wallet would more than cover any transaction fees for a while.
Once you’ve entered the amount (minus the ETH set aside for gas), click the ‘Find Trades’ button. You should see a list of DEXes appear on your screen.
Then, click the ‘Sell Now’ button on the DEX closest to the top. This will initiate a trade with the DEX you’ve selected with the details you’ve previously entered. A MetaMask prompt will appear.
Since this is the first time your account is interacting with this DEX smart contract, you’ll have to send two transactions: an approval transaction and then the transaction with your trade.
The first time you interact with a smart contract you must submit an Approve transaction which enables that smart contract to transfer your tokens like DAI when necessary.
You have the option to manually adjust your transaction or gas fee before sending. This could potentially save you time (preventing a transaction that might get stuck with too low of fees) and money.
Click ‘EDIT’ under the ‘Gas Fee’ row of this window > Advanced tab at the top of the window.
You can always check ETH Gas Station for the recommended fast gas price. Enter your desired amount into the ‘Gas Price’ box. Click ‘Save’ and then ‘Confirm’ to send your transaction.
Wait a few moments for the transaction to be confirmed. To follow the confirmation status of your transaction, open the MetaMask menu, click the pending transaction and click the diagonal arrow on the right which reads ‘View on Etherscan’ on hovered over.
Ether scan is a block explorer where you can follow transactions on the Ethereum blockchain.
Once confirmed, click the ‘Sell Now’ button for that same DEX again. This will initiate your trade. Repeat the step above to confirm and send your transaction. The DAI should arrive in your wallet once it is confirmed.
6. Turn DAI into cDAI via Compound Finance
Compare lending rates
Normally, I’d recommend you compare interest rates before choosing a lending service. But for simplicity’s sake, we’ll be teaching you to use the arguably most popular DeFi lending service Compound Finance.
Enable DAI on Compound
Navigate to the Compound app. If not prompted, connect your MetaMask wallet by selecting the button in the upper right-hand corner of the page. Select MetaMask and unlock your wallet. Next, select Dai from the menu and click the green ‘Enable DAI’ button.
This will pop up an Approve transaction which you’ll confirm using the same steps as before. To follow the confirmation status of your transaction, open the MetaMask menu, click the pending transaction and click the diagonal arrow on the right.
Supply DAI to Compound and begin earning interest
Once your approved transaction is confirmed, you should see two buttons: a green ‘Supply’ button and a purple ‘Borrow’ button under the Dai section of Compound. Click ‘Supply’ and enter the amount of DAI you’d like to supply/lend (or select MAX).
After entering in the amount, click the ‘Supply’ button at the bottom of the pop-up menu which will open up a MetaMask transaction. Confirm the details of this transaction like before, click ‘Confirm’, and then wait for the transaction to be confirmed.
Congratulations! With your cDAI now in your MetaMask wallet, you’re gaining passive interest every 12 seconds. You can view the current interest rate at DeFi Pulse or Compound under Dai Supply APR. Welcome to the future of finance.
Risks and Considerations
You can forget your seed phrase or not properly back them up
If you lose access to your wallet and do not have your seed phrase, there’s no way to recover the funds locked inside that wallet. That’s why it’s so important for you to write down the seed phrase and store it somewhere safe.
Also, it’s never a bad idea to consider what might happen in an emergency. What if your house burned down? Having an extra copy of your seed phrase secured off-site (i.e. in a safety deposit box) is never a bad idea.
Your seed phrase could be stolen whether physically or digitally
As previously mentioned, if someone gets access to your seed phrase, they can take allow of your assets stored within that wallet.
NEVER enter your seed phrase into a website. Phishing emails and websites are common ways for thieves to deceive users into divulging their private key or seed phrase.
There can be flaws, bugs or vulnerabilities in Maker affecting DAI
Maker takes risk seriously with systems in place to manage risk within its smart contract credit system as well as in that system’s programming. Several third-party audits have been conducted on Maker’s code to sweep for bugs.
These precautions are very important to minimising the risk in the system. However, there are still possible risks. The Maker team has put together a comprehensive Risks and their Mitigations section in their whitepaper.
And here’s a 3 part blog series outlining their Governance Risk Framework. In this framework, dedicated risk teams construct risk management models for the entire collateral portfolio.
Careful management of risk in their asset portfolio helps ensure the system remains stable even in times of high market volatility.
Here’s an example of a risk that is known but it’s not possible to eliminate at this time. Maker uses a set of off-chain price feeds to determine the price of ETH on-chain.
MakerDAO’s medianizer smart contract finds the median price between all the feeds which is then used for nearly every function of a CDP.
These price feeds could be manipulated by an attacker or the medianizer itself could be subjected to a bug or undiscovered vulnerability. To date, no such attack or bug has occurred.
There can be flaws, bugs or vulnerabilities in Compound affecting cDAI
Compound’s code has been audited several times. The most recent audit performed in August 2019 by OpenZepplin found no bugs of Critical Severity. However, a few risks were found in the design of their incentive structure.
Previously, Trail of Bits performed audited Compound’s v2 upgrade in May 2019. Compound has also been formally verified in partnership with Certora.
Compound Labs, Inc., the developer of the protocol, currently controls the admin address for Compound.
The admin address has the right to support additional assets, upgrade the price feed oracle, upgrade the interest rate models, and upgrade the risk model of the protocol.
While they plan on fully decentralizing this and handing control to the community, in the meantime the admin address introduces possible vulnerabilities (as expressed by community member Ameen Soleimani to the integrity of Compound’s function.
It should be noted that such vulnerabilities or attacks have not occurred to date. You could die rendering your cryptocurrency inaccessible to friends or family.
Life is unpredictable, but that doesn’t mean you can’t plan for the worst.
Consider how your friends or loved ones would go about accessing your wallet if something were to happen to you. There’s no perfect solution to this problem. So, you’ll have to come up with a plan that works best for you.
Don’t let this final section of risks and considerations scare you though. Any and every investment in the world comes with varying degrees of risk. It’s up to you to exercise properly, take precautions and mitigate those risks.
DeFi is no different. By taking precautions like never investing more than you are willing to lose tomorrow, you can take advantage of the opportunities that exist in DeFi without being irresponsible.
DeFi: How to Earn Passive Income by Lending on Compound