Is MakerDAO Safe?
Risk Grade: B- (29/100)
MakerDAO is rated as moderate risk — some novel mechanisms, generally well-understood.
Moderate risk — counterparty exposure from RWA collateral and governance concentration, balanced by 7+ years of operation, Liquidations 2.0 improvements, and dominant stablecoin market position.
MakerDAO (rebranding to Sky) is the original decentralized stablecoin protocol, issuing DAI/USDS against overcollateralized crypto and real-world asset collateral. With approximately $5.5 billion in TVL and $338 million in annual revenue (2025), it is one of DeFi's most established and revenue-generating protocols, operating since late 2017. Its B grade reflects the battle-tested CDP model with a clean post-Liquidations 2.0 track record, offset by material counterparty risk from RWA collateral, governance concentration, and the complexity of the ongoing Sky/Endgame transition.
TVL
$5.3B
Mechanisms
8
Interactions
6
Value Grade
B
Key Risks for MakerDAO Users
The protocol relies on oracle price feeds with a deliberate 1-hour delay (Oracle Security Module) to trigger liquidations. During extreme market crashes with network congestion, this delay can cause liquidations to fail, as demonstrated during Black Thursday in March 2020 when $8.3 million was lost to zero-bid auctions. The system has since been rebuilt with Dutch auction liquidations and Chainlink backstops.
A growing portion of DAI/USDS backing comes from real-world assets (US Treasuries, institutional loans) and centralized stablecoins like USDC. If a major custodian fails or is subject to regulatory action, this collateral could become illiquid. The USDC depeg during the SVB crisis in March 2023 demonstrated this correlation risk.
Governance voting power is concentrated among a small number of large MKR/SKY holders. A recent vote on the Sky rebranding showed only four entities accounting for most votes. This concentration means critical protocol parameters (interest rates, collateral types, debt ceilings) are effectively controlled by a few parties.
The ongoing migration from MakerDAO to Sky — including token swaps (MKR to SKY at 1:24,000) and stablecoin upgrades (DAI to USDS) — creates transition complexity. Users who do not migrate may face reduced liquidity or feature access, and the migration contracts themselves represent temporary additional smart contract risk.
Top Risk Factors
- •Oracle-dependent liquidation system: Maker relies on a custom oracle module (Medianizer/OSM with 1-hour delay) feeding ETH and other collateral prices. During Black Thursday (March 2020), oracle lag combined with network congestion led to $8.3M in zero-bid liquidation auctions. The system has since been rebuilt with Liquidations 2.0 (Dutch auction format) and Chainlink integration, substantially mitigating but not eliminating oracle-related liquidation risk.
- •RWA and centralized collateral exposure: A significant portion of DAI/USDS backing now comes from real-world assets (US Treasuries, institutional loans) and centralized stablecoins (USDC). This introduces counterparty risk with regulated custodians and potential jurisdictional shutdown risk, though it also provides stability and revenue diversification.
- •Governance concentration risk: The MKR/SKY governance token has high insider allocation (~70% to founders/project at genesis), and recent rebranding votes showed only four entities accounting for most voting power. This concentration could enable parameter changes that disadvantage minority holders or DAI/USDS users.
- •Endgame complexity and migration risk: The ongoing Sky rebrand and Endgame restructuring introduces SubDAO complexity, token migration (MKR to SKY at 1:24,000), and new stablecoin mechanics (USDS). Migration risk and user confusion during the transition period could fragment liquidity or create arbitrage edge cases.
How MakerDAO Compares to Peers
MakerDAO ranks #5 of 25 CDP protocols (top quartile — safer than most). At a risk score of 29/100, it's 8 points safer than the sector average of 37/100.
Adjacent peers: Frankencoin (B, 27/100) is ranked just safer, and Sky (B-, 30/100) is ranked just riskier.
MakerDAO holds 43% of TVL across all rated CDP protocols ($5.3B of $12.2B total). Sector concentration here means a failure would have outsized systemic effects.
See the full CDP sector leaderboard or the MakerDAO vs Sky comparison.
Common Questions about MakerDAO
Plain-English answers based on MakerDAO's scores across Hindenrank's 8 risk dimensions. The highest-scoring (riskiest) dimension is Scale Exposure (9/10).
Has MakerDAO ever been hacked or exploited?
MakerDAO has a fairly clean operational history. The track record dimension scored 3/15, indicating minor or no significant incidents on record. A clean track record is a positive signal but it does not guarantee future safety, especially as protocol complexity grows.
How much money is at stake in MakerDAO?
MakerDAO currently holds over $5.3B in user deposits. A protocol of this size typically has deeper liquidity, more eyes on the code, and more attention from auditors — but it also means a single failure has a much larger blast radius.
What's the worst-case scenario for MakerDAO?
Hindenrank has identified specific collapse scenarios for MakerDAO. The most prominent: "RWA Counterparty Cascade and USDS Depeg". The trigger condition is A major RWA custodian or counterparty (holding >$500M in Maker collateral) becomes insolvent, is sanctioned, or freezes assets, while USDC simultaneously depegs >2% due to correlated financial stress.. Reading through the full scenario list on the protocol page is the single best way to understand the actual failure modes — generic "smart contract risk" is rarely the thing that takes a protocol down.
Is MakerDAO regulated or insured?
MakerDAO has low regulatory exposure on Hindenrank's framework (3/10). The protocol is structured in a way that minimizes counterparty and jurisdiction concentration, though regulatory risk in crypto can change rapidly. No DeFi protocol carries FDIC-style insurance — even with low regulatory risk, depositors are not protected in the way bank customers are.
What are the biggest red flags for MakerDAO?
Hindenrank's retail-focused risk audit flagged: The protocol relies on oracle price feeds with a deliberate 1-hour delay (Oracle Security Module) to trigger liquidations. During extreme market crashes with network congestion, this delay can cause liquidations to fail, as demonstrated during Black Thursday in March 2020 when $8.3 million was lost to zero-bid auctions. The system has since been rebuilt with Dutch auction liquidations and Chainlink backstops. A growing portion of DAI/USDS backing comes from real-world assets (US Treasuries, institutional loans) and centralized stablecoins like USDC. If a major custodian fails or is subject to regulatory action, this collateral could become illiquid. The USDC depeg during the SVB crisis in March 2023 demonstrated this correlation risk. Governance voting power is concentrated among a small number of large MKR/SKY holders. A recent vote on the Sky rebranding showed only four entities accounting for most votes. This concentration means critical protocol parameters (interest rates, collateral types, debt ceilings) are effectively controlled by a few parties.
Should beginners deposit into MakerDAO?
MakerDAO is rated B-, which is acceptable for users who understand the protocol's mechanism. Beginners should read the full risk breakdown and only deposit after they can articulate the top three failure modes. If you cannot explain how the protocol works, do not deposit.
How does MakerDAO compare to safer CDP alternatives?
MakerDAO is one protocol in Hindenrank's CDP coverage. The safest CDP protocols on the leaderboard tend to share three traits: a long incident-free track record, conservative mechanism design, and high-quality public documentation. Compare MakerDAO against the full CDP ranking before committing capital.
For the full 8-dimension score breakdown, the radar chart, and dependency graph, see the MakerDAO risk report.
Read the Full MakerDAO Risk Report
This protocol has 2 collapse scenarios. 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Get risk alerts before it's too late
Weekly grade changes, downgrade alerts, and new protocol risk findings. Free.