ArticlePDF Available

Abstract and Figures

We present a measurement study on compositions of Decentralized Finance (DeFi) protocols, which aim to disrupt traditional finance and offer services on top of distributed ledgers, such as Ethereum. Understanding DeFi compositions is of great importance, as they may impact the development of ecosystem interoperability, are increasingly integrated with web technologies, and may introduce risks through complexity. Starting from a dataset of 23 labeled DeFi protocols and 10,663,881 associated Ethereum accounts, we study the interactions of protocols and associated smart contracts. From a network perspective, we find that decentralized exchange (DEX) and lending protocol account nodes have high degree and centrality values, that interactions among protocol nodes primarily occur in a strongly connected component, and that known community detection methods cannot disentangle DeFi protocols. Therefore, we propose an algorithm to decompose a protocol call into a nested set of building blocks that may be part of other DeFi protocols. This allows us to untangle and study protocol compositions. With a ground truth dataset we have collected, we can demonstrate the algorithm’s capability by finding that swaps are the most frequently used building blocks. As building blocks can be nested, i.e., contained in each other, we provide visualizations of composition trees for deeper inspections. We also present a broad picture of DeFi compositions by extracting and flattening the entire nested building block structure across multiple DeFi protocols. Finally, to demonstrate the practicality of our approach, we present a case study that is inspired by the recent collapse of the UST stablecoin in the Terra ecosystem. Under the hypothetical assumption that the stablecoin USD Tether would experience a similar fate, we study which building blocks and, thereby, DeFi protocols would be affected. Overall, our results and methods contribute to a better understanding of a new family of financial products.
Content may be subject to copyright.
Disentangling Decentralized Finance (DeFi) Compositions
STEFAN KITZLER, Complexity Science Hub Vienna and AIT - Austrian Institute of Technology, Austria
FRIEDHELM VICTOR, Technische Universität Berlin, Germany
PIETRO SAGGESE, AIT - Austrian Institute of Technology and Complexity Science Hub Vienna, Austria
BERNHARD HASLHOFER, Complexity Science Hub Vienna, Austria
We present a measurement study on compositions of Decentralized Finance (DeFi) protocols, which aim to disrupt traditional
nance and oer services on top of distributed ledgers, such as Ethereum. Understanding DeFi compositions is of great
importance, as they may impact the development of ecosystem interoperability, are increasingly integrated with web
technologies, and may introduce risks through complexity. Starting from a dataset of 23 labeled DeFi protocols and 10
,
663
,
881
associated Ethereum accounts, we study the interactions of protocols and associated smart contracts. From a network
perspective, we nd that decentralized exchange (DEX) and lending protocol account nodes have high degree and centrality
values, that interactions among protocol nodes primarily occur in a strongly connected component, and that known community
detection methods cannot disentangle DeFi protocols. Therefore, we propose an algorithm to decompose a protocol call
into a nested set of building blocks that may be part of other DeFi protocols. This allows us to untangle and study protocol
compositions. With a ground truth dataset we have collected, we can demonstrate the algorithm’s capability by nding that
swaps are the most frequently used building blocks. As building blocks can be nested, i.e., contained in each other, we provide
visualizations of composition trees for deeper inspections. We also present a broad picture of DeFi compositions by extracting
and attening the entire nested building block structure across multiple DeFi protocols. Finally, to demonstrate the practicality
of our approach, we present a case study that is inspired by the recent collapse of the UST stablecoin in the Terra ecosystem.
Under the hypothetical assumption that the stablecoin USD Tether would experience a similar fate, we study which building
blocks and, thereby, DeFi protocols would be aected. Overall, our results and methods contribute to a better understanding
of a new family of nancial products.
CCS Concepts: Applied computing Digital cash;Electronic funds transfer.
Additional Key Words and Phrases: Decentralized Finance, DeFi, Blockchain, Ethereum, Networks
1 INTRODUCTION
Decentralized Finance (DeFi) stands for a new paradigm that aims to disrupt established nancial markets. It
oers nancial services in the form of smart contracts, which are executable software programs deployed on top
of distributed ledger technologies (DLT) such as Ethereum. Despite being a relatively recent development, we
can already observe rapid growth in DeFi protocols enabling lending of virtual assets, exchanging them for other
virtual assets without intermediaries, or betting on future price developments in the form of derivatives like
options and futures. The term “nancial lego is sometimes used because DeFi services can be composed into new
nancial products and services.
Authors’ addresses: Stefan Kitzler, kitzler@csh.ac.at, Complexity Science Hub Vienna and AIT - Austrian Institute of Technology, Vienna,
Austria; Friedhelm Victor, friedhelm.victor@tu-berlin.de, Technische Universität Berlin, Berlin, Germany; Pietro Saggese, pietro.saggese@ait.
ac.at, AIT - Austrian Institute of Technology and Complexity Science Hub Vienna, Vienna, Austria; Bernhard Haslhofer, haslhofer@csh.ac.at,
Complexity Science Hub Vienna, Vienna, Austria.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that
copies are not made or distributed for prot or commercial advantage and that copies bear this notice and the full citation on the rst
page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy
otherwise, or republish, to post on servers or to redistribute to lists, requires prior specic permission and/or a fee. Request permissions from
permissions@acm.org.
© 2022 Association for Computing Machinery.
1559-1131/2022/10-ART $15.00
https://doi.org/10.1145/3532857
ACM Trans. Web
2 Kitzler et al.
DeFi Protocol
Contracts
Token
Contracts
1inch
EOA
User
KYL
KYL
Fig. 1. A DeFi composition where USDT tokens are swapped against KYL tokens through the DeFi service 1inch in a single
transaction. 1inch executes the swap sequentially through the DeFi services SushiSwap and UniSwap, using WETH as an
intermediary token. In the transaction trace graph, we can see the user calling the 1inch smart contract, which in turn
triggers several calls to DeFi protocol-, and token smart contracts.
As an example of a DeFi composition, consider Figure 1, which illustrates a user interacting with the 1inch
decentralized exchange (DEX) aggregator Web service
1
. The user holds an amount of USDT tokens and wants
to swap them to KYL tokens. Using the Web application and her externally owned account (EOA), she creates a
transaction against the 1inch contract, which in turn triggers a sequence of two swaps on two DeFi protocols
within the same transaction, from USDT to WETH on SushiSwap and thereafter from WETH to KYL on UniSwap.
In this paper, we study such single transaction DeFi interactions and the networks that arise when combining
multiple DeFi transactions.
1.1 Motivation
In 2021, the total value of tokens held by smart contracts underlying the DeFi protocols has reached 106 billion
USD [
12
], demonstrating rapid growth. As composability of DeFi protocols is frequently seen as one of the main
advantages (cf. [36]), there are multiple reasons why it is interesting to study DeFi compositions:
Ecosystem interoperability. While composability can be seen as an opportunity, single transaction compositions
as shown in Figure 1 currently only work within a single distributed ledger. Most of the emerging DLT scaling
solutions, such as sidechains [
27
,
38
], rollups [
40
], and o-chain networks [
15
,
37
], lead to multiple, somewhat
isolated DeFi ecosystems. Hence, composability is disrupted, as smart contracts on one platform cannot invoke
contract functions on another platform within a single transaction. Understanding which types of compositions
are frequently used may help in developing solutions to cross-chain [
4
,
20
,
46
,
52
] composability. Until solutions
are found, such knowledge can help in deciding which services should be co-located, and which services could
be separate.
1https://app.1inch.io (this and all the following links were accessed on June 15 2022)
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 3
Integration with Web technologies. Cryptoassets have started integrating with various Web technologies.
For example, the Brave
2
browser includes an integrated cryptoasset wallet and native use of BAT tokens, and
various applications from the commercial BitTorrent
3
ecosystem rely on the BitTorrent Token (BTT). This raises
the question regarding the interdependence between DeFi compositions and web technologies. Services like
Furucombo
4
already illustrate that almost arbitrary DeFi compositions are constructed through Web interfaces.
In order to develop an understanding of this, however, it is important to identify compositions and their points of
interaction in the rst place.
Risks through complexity. After its deregulation in the early 2000s, the securitization market became more
complex and opaque. Financial institutions used new nancial instruments to maximize their exposure in this
market. They were based on technical computer models and traded by highly leveraged institutions, many
of whom did not understand the underlying models. These instruments were highly protable, but the lack
of any infrastructure and public information about them created a massive panic in the nancial system that
began in August 2007 [
2
]. DeFi protocols may oer opportunities, such as technological innovation or new
governance models. However, their composability adds additional complexity and opaqueness to an already
complex cryptoasset ecosystem, which currently has a market valuation of about 1T USD
5
. If these protocols are
not understood and adopted more broadly, they could have unforeseeable systemic eects on nancial markets
and our society as a whole, as seen in the 2008 nancial crisis [
21
]. A recent example involving DeFi protocols is
the collapse of the stablecoin protocol Terra and its associated cryptoassets LUNA and UST. While the protocol
did work as designed, its stabilization mechanism was not robust to signicant selling pressure in the advent of
market participants panicking. This ultimately led to deleveraging spiral eects [
22
] destroying over 30B USD of
value within a single week and rendering institutions with large exposures to LUNA or UST insolvent. In addition,
the stablecoin UST was used as part of compositions in many other DeFi protocols on the Terra blockchain and
through bridges on dierent blockchains, thus aecting the entire ecosystem [35].
Previous work (cf., [
10
,
16
]) has partially studied risks in the DeFi ecosystem, showing possible strategies
that allow rational agents to maximize their revenues by subverting the intended design of DeFi protocols, for
example in DEXs and lending protocols. However, none of the existing studies have systematically investigated
compositions of DeFi protocols, which form complex, interconnected nancial instruments.
1.2 Contributions
Our work aims to analyze DeFi protocols and to develop a novel algorithmic method that helps to understand
protocol compositions. We can summarize our contributions as follows:
(1)
We provide a manually curated ground truth of 1407 addresses from 23 DeFi protocols and derived 10
,
663
,
881
associated Ethereum smart contracts. These are labels that can be reused in future research. On this basis,
we propose two network abstractions, representing interactions among DeFi protocols and smart contracts
(Section 3).
(2)
We study intertwined DeFi protocols from a macroscopic perspective by analyzing the topology of both
networks. We nd that DEX and lending protocols have high degree and centrality values, and protocol
interactions primarily occur in a strongly connected component. We also nd that known community
detection algorithms can only indicate DeFi compositions but cannot eectively disentangle them (Section 4).
(3)
We address the microscopic transaction level and propose an algorithm for extracting the building blocks
of DeFi protocols. We apply the algorithm to all protocol transactions in our ground truth, identify the
2https://brave.com
3https://www.bittorrent.com
4https://furucombo.app
5https://coinmarketcap.com/charts/
ACM Trans. Web
4 Kitzler et al.
most frequent building blocks, and nd that swaps are the most frequent ones. We show how the observed
space of compositions looks like for the Aave protocol. Further, we also demonstrate, using 1inch and
Instadapp as examples, how to disentangle and visualize the building blocks of a single protocol as a treemap
(Section 5.1).
(4)
We present an overall picture of DeFi compositions by extracting and attening the entire nested building
block structure across multiple DeFi protocols. The results show that DeFi aggregation protocols (1inch,0x
or Instadapp) are, as expected, heavily intertwined with many other DeFi protocols, which conrms that
our algorithm works as intended (Section 5.2).
(5)
Finally, we present a case study illustrating how a hypothetical run on the stablecoin USD Tether would
aect the building blocks of individual DeFi protocols. (Section 5.3). We detect a comparatively high
dependency of Curvenance building blocks to the USDT cryptoasset.
We believe that our results are an essential contribution towards understanding DeFi compositions. On a
microscopic level, our proposed methods can be used to assess the composition of individual protocols. On a
macroscopic level, they show how DeFi protocols and their implementations are connected with each other.
For this paper, we limit our scope to the largest Ethereum Virtual Machine (EVM)-based blockchain Ethereum,
but in principle the approach can be used and applied to any other EVM-based platform. For reproducibility of
results, we make our ground truth dataset, including the labels as well as our source code, openly available at
https://github.com/StefanKit/Untangling_DeFi_Composition.
2 BACKGROUND AND DEFINITIONS
We now establish preliminary terms and denitions that are used throughout this work and introduce the related
works.
2.1 Ethereum Account Types
Ethereum is currently the most important distributed ledger technology (blockchain) for DeFi services [
53
]. It
diers from the Bitcoin blockchain conceptually as it implements the so-called “account model” with two dierent
account types. An externally owned account (
) is a “regular” account controlled by a private key held by some
user. A code account (
), which is synonymous with the notion “smart contract”, is an account controlled by a
computer program, which is invoked by issuing a transaction with the code account as the recipient.
ACA must always be initially called by an external transaction originating from an
, but a CA can itself
trigger other CAs. In the latter case, the interaction, which is also known as “message, is denoted as an internal
transaction. Several branches of internal transactions with varying depth can follow an external transaction,
resulting in cascades, which altogether are called traces.
CAs allow users to implement application-layer protocols, which are essentially programs that can follow
some standardized interface. Tokens are popular CA-based applications and a way to dene arbitrary assets that
can be transferred between accounts. The program behind a token manages token ownership and can implement
a standardized interface like ERC20, which denes functions standardizing token transfer semantics.
2.2 Decentralized Finance (DeFi) Protocol
ADeFi protocol is an application-layer program that provides nancial service functions such as swapping or
lending assets. More technically, we can dene it as follows:
Denition 2.1. A DeFi protocol
is a decentralized application that facilitates specic nancial service functions
dened and implemented by a set of protocol-specic code accounts.
The following properties distinguish DeFi services from traditional nancial services: rst, they are non-
custodial, meaning that no intermediary such as a bank or a broker holds custody of users’ funds. Second, they
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 5
are permissionless, meaning that anyone can use existing or implement new services. Third, they are transparent,
which means that anyone with the necessary technical capabilities and skills can investigate and audit the state
of protocols. The fourth is that DeFi protocols are composable.
2.3 DeFi Protocol Compositions
The last property, composability, is the most crucial for this work and requires more detailed description: CAs
can call each other, and their individual functions can be arbitrarily composed into new nancial products and
services (“Financial Lego”) [
49
]. While this analogy is widely used in the literature, to the best of our knowledge,
no work investigates which are the basic composable building blocks of more complex nancial services and how
they are related. Harvey et al. [
19
] refer broadly to composability as asset tokenization and networked liquidity,
while Von Wachter et al. [
44
] conceive composability narrowly as a repeated wrapping operation of tokens
resulting in new derivative products. However, as illustrated before in Figure 1, we note that DeFi compositions
also involve CAs, which are not tokens. Also, Engel and Herlihy [
13
] and Tolmach et al. [
41
] respectively discuss
compositions only in the context of automated market makers (AMMs) and of formal verication of CAs related
to decentralized exchanges and lending services, which is again a very narrow conception. Thus, there is no
comprehensive, technically grounded denition for DeFi compositions to the best of our knowledge. For our
work, we dene it as follows:
Denition 2.2. A DeFi protocol composition occurs when a protocol-specic account leverages, within a single
transaction, one or more accounts belonging to the same or another DeFi protocol to provide a novel nancial
service.
2.4 Related Work
Others studied networks closely related to the ones we investigated before us: Guo et al. [
18
] are amongst the rst
to investigate the Ethereum transaction graph, nding that volumes moved and the numbers of transactions follow
a power law distribution, that the component structure follows a bow-tie model, and that negative assortativity is
plausibly explained by the presence of service providers such as exchanges. Chen et al. [
7
] conduct a systematic
study of Ethereum between 2015 and 2018 and exploit graph analysis measures to describe three dierent network
constructions (money transfer, smart contract creation, and smart contract invocation). Another systematic study
has been conducted by Lee et al. [
24
], who analyzed the local and global properties of interaction networks
extracted from the entire Ethereum blockchain statically nding heavy-tailed degree distributions. In a follow-up,
Zhao et al. [
54
] analyzed the temporal evolution of Ethereum interaction networks and found that they proliferate
and follow the preferential attachment growth model. Furthermore, several studies focus on the network of
Ethereum’s tokenized assets: Somin et al. [
39
], for instance, studied the combined graph of all fungible token
networks, while Victor and Lüders [
43
] explored the networks of the top 1,000 ERC20 tokens individually. Fröwis
et al. [
14
] proposed a method for detecting token systems independent of an implementation standard. Also,
Chen et al. [
8
] conducted a systematic investigation of the whole Ethereum ERC20 token ecosystem and analyzed
their activeness, purpose, relationship, and role in token trading. Other studies exploited network methods for
the detection of specic nodes using graph-based approaches. Poursafaei et al. [
32
] developed a method based on
graph node feature extraction and graph representation learning techniques to identify illicit nodes. Li et al. [
25
]
and Ofori-Boateng et al. [
30
], instead, respectively use Topological Data Analysis (TDA) to detect price anomalies
and hidden co-movement in pairs of tokens, and for anomalous events detection in a multilayer network. However,
none of these related works considers networks that represent DeFi Protocols and their relationships.
Another growing body of research concentrates on specic functions oered by individual DeFi protocols
or types of protocols. We are aware of many DEX-related measurements focusing on protocol-specic aspects,
such as the magnitude of cyclic arbitrage activity [
47
], the behavior of liquidity providers [
48
], or the role of
ACM Trans. Web
6 Kitzler et al.
oracles as providers of external information [
26
]. Other studies focus on lending and borrowing services: Perez et
al. [
31
] analyze liquidations and related participants’ behavior in the DeFi protocol Compound, while Gudgeon et
al. [
17
] compare market eciency, utilization, and borrowing rates in dierent lending protocols. Also, Wang
et al. [
45
] provide methods to identify ash loans in three dierent DeFi providers and measure their related
activity. Finally, we are aware that von Wachter et al. [
44
] investigate composability from an asset perspective
and measure composability by identifying the number of derivatives produced from an initial root asset. However,
we apply a more technical, service-oriented perspective and consider, to put it simply, a DeFi composition as
being a computer program utilizing other programs’ functions.
Overall, we are not aware of previous studies providing a comprehensive picture of DeFi compositions across
various protocols. We also do not know any work that analyzes in detail the building blocks of individual DeFi
protocols. With this work, we want to close this gap.
3 DATASET AND NETWORK CONSTRUCTION
This section describes the data we collected and the network abstractions we constructed for subsequent analysis
steps.
3.1 Dataset collection
To study DeFi compositions, we are interested in transactions between Ethereum code accounts associated with
known DeFi protocols. Thus, we used on-chain transaction data from the Ethereum blockchain and built a ground
truth of known CAs and their associations to DeFi protocols.
3.1.1 On-chain transaction data. While Ethereum’s history goes as far back as July 2015, DeFi only emerged as a
popular term around summer 2020, when these protocols rst saw increased usage. This informed our choice of
the analysis time frame and the ability to refer to external sources providing information on popular, established
DeFi services. We used an OpenEthereum client and ethereum-etl
6
to gather all Ethereum transactions from
01-Jan-2021 (block 11,565,019) to 05-Aug-2021 (block 12,964,999). We collected each external transaction and also
parsed its cascade of internal transactions, which together give us the trace. For each transaction, we extracted
the source and destination account addresses, the transaction hash, the transferred value, the transaction type
(call, create, or self-destroy), as well as the trace ID, which indexes the transactions by their execution order.
Additionally, we collected the method ID of the 4-byte input sequence, which allows us to identify the signature
of called methods using the 4Byte lookup service7.
To distinguish between CAs and EOAs, we gathered all code account creation transactions from the rst CA
created on Ethereum until the end of our observation period. We also use these creation traces to associate each
CA with its creator CA. In total, we found 46
,
112
,
390 CAs and used the output byte sequence to identify 324
,
143
contracts conforming to the ERC20 standard.
3.1.2 Ground truth data. To be able to analyze DeFi protocols, we need a ground truth dataset on which smart
contracts are part of a given protocol. We focus on the most relevant protocols regarding valuation and gas-burned
between 06-Mar-2021 and 05-Aug-2021, using monthly samples of the top three total-value-locked (TVL) protocols
from DeFi Pulse
8
for each nancial service category. Additionally, we consider protocols including CAs of the top
ten gas burner list
9
in the observation period. The result denes the set of DeFi protocols we want to investigate.
Table 1 reports summary statistics for the 23 protocols in our sample, divided by category. The last column
6https://github.com/blockchain-etl/ethereum-etl
7https://www.4byte.directory/
8https://depulse.com/
9https://ethgasstation.info/gas-burners
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 7
reports, for each protocol, the average share of each protocol’s TVL with respect to the entire DeFi ecosystem,
between March and August 2021. In total, our 23 DeFi protocols cover more than 81% of the entire DeFi TVL.
According to DeFi Pulse, in August 2021 more than a hundred DeFi protocols existed, but only around 30 (of
which 18 in our sample) had a TVL larger than 200M USD. Most of the protocols in our sample are still the most
relevant ones for TVL as of June 2022
10
. In the following, we briey introduce the categories and protocols as
reported by DeFi Pulse11:
Assets identify the category including cryptoasset management protocols, such as yield aggregators, that
aim at maximizing the value of a portfolio or basket of underlying assets. Harvestnance,Yearn,Vesper,
share a similar mechanism, whereby they pool resources which are in turn invested in other DeFi platforms
according to dierent optimization strategies. Users are typically rewarded through tokenized assets.
Convex enables Curvenance liquidity providers to earn additional rewards. Badger allows Bitcoin users to
deposit tokenized Bitcoin such as wBTC and consequently generate a yield, by following programmatic
optimization strategies. Similarly, RenVM bridges digital assets across DeFi ecosystems by minting ERC20
tokens on Ethereum with 1:1 ratio. Fei’s protocol builds on a decentralized stablecoin backed by cryptoassets
exploited through yield strategies established by the protocol’s governance.
Derivatives protocols allow issuing synthetic nancial instruments in the DeFi ecosystem, either tracking
other cryptoassets or real-world o-chain assets. Synthetix, for instance, supports several real-world
assets, such as at currencies and metals, while dYdX allows investors to trade perpetual positions on the
underlying cryptoassets. Hegic enables the issuing of ETH and wBTC call and puts options. Futureswap
users can open leveraged long and short positions on cryptoassets. Nexus, instead, provides nancial
insurance instruments that cover potential losses users might incur in; similarly, Barnbridge oers tools to
hedge risk through its nancial instruments.
DEXs, i.e. Decentralized Exchanges, allow users to exchange cryptoassets. UniSwap,SushiSwap,Curve-
nance,Balancer all exploit Automated Market Makers (AMM), as well as bonding curves and constant
functions to algorithmically set the cryptoassets prices, while 0x is based on the order book mechanism.
The 1inch protocol aggregates information on liquidity from several DEXs and routes transactions to those
oering the best prices.
Lending protocols provide investors with automated markets for loanable funds: lenders issue interest-
bearing instruments and borrowers can take positions, typically conditional to the provision of collateral
that covers potential losses. Aave and Compound follow the model described above. Maker users lock their
cryptoassets as collateral and receive the DAI token in return. Instadapp follows a more complex scheme
and acts mostly as an aggregator of multiple DeFi protocols.
After identifying the most relevant DeFi protocols, we manually collected the CAs associated with each protocol.
Since this information is not available on the blockchain, we rely on o-chain and publicly available sources like
protocol websites and available documentation. We resolved conicts of duplicated CA to protocol assignments
and identical names by querying CA addresses on Etherscan
12
and uniquely assigned each CA address to its
original protocol and obtained a unique label. We denote these manually collected data points as seed data and
make them available as part of our source code repository.
Next, we extended our seed data by implementing a heuristic that uses the creation transactions and iden-
ties the CAs deployed by each seed address. By default, all extended addresses inherit the label and protocol
assignments from the corresponding seed address. If the procedure leads to a conict of labels for an address,
1010 out of the rst 11 DeFi protocols for TVL in DeFi Pulse are in our dataset.
11
DeFiPulse reports the protocols divided into ve categories. We don’t include the Payment category because services like Polygon provide
o-chain functionality rather than composable nancial services or products.
12https://etherscan.io/
ACM Trans. Web
8 Kitzler et al.
Table 1. Ground truth dataset summary statistics. Seed addresses were manually collected for each DeFi protocol. The
extended seed are heuristically derived and include also further created code accounts from the seed addresses.
Number of addresses
Protocol type DeFi
Protocol Seed Extended seed External calls % TVL
Assets
Badger 64 278 258,773 1.09%
Convex 22 131 147,855 1.13%
Fei 40 37 146,691 0.28%
Harvestnance 101 803 119,631 0.46%
RenVM 15 15 234,161 0.86%
Vesper 44 44 94,189 1.19%
Yearn 3 3 243,036 3.54%
Derivatives
Barnbridge 40 46 55,588 0.17%
dYdX 38 38 107,264 0.14%
Futureswap 9 10 6484 0.04%
Hegic 8 8 8372 0.03%
Nexus 24 26 20,067 0.57%
Synthetix 271 272 611,942 2.55%
DEX
0x 28 50 2,094,335 - %
1inch 15 10,338,305 1,277,641 0.52%
Balancer 9 3473 281,530 2.29%
Curvenance 163 267 745,672 9.28%
SushiSwap 12 1705 2,026,674 5.37%
UniSwap 15 54,038 28,394,798 8.30%
Lending
Aave 157 166 851,578 13.31%
Compound 67 65 741,069 11.48%
Instadapp 72 32,770 97,080 7.39%
Maker 190 231,261 2,992,692 11.77%
we preserve the one obtained through the heuristic. Combined with our seed data, these extended addresses
form our extended seed data set. Table 1 summarizes the number of seed and extended addresses collected for
each DeFi protocol. It shows that our automated expansion does not increase the number of addresses associated
with DeFi protocols for assets and derivatives. However, it massively expands the dataset for DEXs and lending
protocols utilizing automated factory contract deployments. In particular, more than 10 million additional CAs
are associated with 1inch due to the factory contract that deploys gas tokens. The last column shows the number
of external transactions directed to each of our DeFi protocols. The distribution is heterogeneous, and again
the most relevant categories are DEX and lending. UniSwap is the most frequently appearing one, with a gap of
around one order of magnitude to the second one, which is Maker.
3.1.3 Dataset reduction. As we are only interested in known DeFi protocols, we nally limited and reduced
the traces data set to the subset of protocol traces, where the initial external transaction originating from an
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 9
12
3
45
6
7
8
1
2
3
12
3
45
6
7
8
DeFi Protocol Network
1
2
3
DeFi CA Network
Fig. 2. Schematic illustration of constructed networks. The lower-level DeFi Code Account (CA) network represents inter-
actions between CAs. The higher-level DeFi Protocol Network models relations between DeFi protocols. Lower-level CA
vertices are associated with higher-level protocol vertices. CAs are triggered by EOAs or other CAs.
EOA triggers a CA address in our extended seed dataset. This reduction allows us to investigate and interpret
compositions within the context of known protocols.
3.2 Network construction
In our analysis, we want to understand and discover relations between DeFi protocols and associated CAs. For
that purpose, as shown in Figure 2, we constructed networks consisting of DeFi traces on two abstraction levels:
the lower-level DeFi Code Account (CA) Network and the higher-level DeFi Protocol Network.
The DeFi CA Network includes all known ground truth CAs triggered by external transactions from arbitrary
EOA addresses and all CAs subsequently called by cascades of internal transactions. We note that CAs in the
network can or cannot be associated with a DeFi protocol in our ground truth dataset. We construct the network
by ltering all internal and external transactions between CAs from the protocol traces. Since repeated usage
of DeFi services results in recurring transaction patterns, we aggregate and count transactions with the same
source and destination address.
The DeFi Protocol Network represents interactions between protocols. We constructed it by merging all DeFi
CA vertices associated with the same DeFi protocol into a single node. We note that we modeled both networks
as a directed graph, in which vertices represent either a protocol or a single CA. The weighted edges represent
the aggregated set of transactions between DeFi protocols or CAs.
4 TOPOLOGY MEASUREMENTS
We now analyze the constructed networks from a macroscopic perspective. Since our research focuses on
understanding DeFi compositions, we do not aim at conducting an encompassing study of the entire Ethereum
topology, as it was done in previous studies (see Section 2.4). This supports our choice to focus on a narrower
number of targeted metrics that provide relevant insights on composability aspects; other approaches that are
beyond the scope of our work are discussed in Section 6.2. The analysis of the degree distribution and centrality
measures can help identifying the CAs implementing core functionalities, and the reciprocity and assortativity
ACM Trans. Web
10 Kitzler et al.
Table 2. Summary statistics of the analyzed networks.
DeFi CA network DeFi Protocol network
Nodes 2,536,371 43,624
Edges 3,472,757 84,789
Self-loops 6668 146
Average degree 1.369 1.944
Density 5.398e-07 4.456e-05
provide additional insights on the relationships across such CAs. To understand how CAs associated to the same
protocols interact with each other, we investigate how the network is separated in dierent components and
whether known community detection algorithms identify community structures that overlap or not with the
protocols structures.
We start by reporting basic summary statistics for the DeFi CA network and the DeFi Protocol network in
Table 2. The main dierence is in the network dimension, the latter being two orders of magnitude smaller.
The presence of self-loops indicates that some contracts include multiple functionalities and thus can also call
themselves. Both networks are sparse, as shown by the average degree and density measure, suggesting that CAs
tend to interact with only a few other CAs.
1e-06
1e-04
1e-02
1e+00
1e+01 1e+03 1e+05
Degree
CCDF
Fig. 3. Degree distribution of the CA ( ) and Protocol ( ) networks are shown in the plot as cumulative distribution function
(CCDF). The estimated parameters
ˆ
=(ˆ
,ˆ
)
are respectively
ˆ
 =(
93
,
1
.
69
)
and
ˆ
=(
25
,
1
.
83
)
. In both networks,
high-degree nodes are associated to DEX or lending protocols. For the CA network, they are routing contracts or factory
contracts that deploy other contracts. Nodes with high degree are likely to contain core functionalities and thus to play a
relevant role in compositions.
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 11
Table 3. Likelihood ratio and p-value. None of the reported heavy-tailed distributions is favored over the power law.
DeFi CA Network DeFi Protocol Network
Exponential R: 1.322, p-val: 0.186 R: 4.753, p-val: 0.000
Lognormal R: -0.406, p-val: 0.685 R: 0.191, p-val: 0.848
Weibull R: 1.122, p-val: 0.262 R: 2.742, p-val: 0.006
4.1 Degree distribution
Looking at the total-value-locked at DeFi Pulse, we can observe that some DeFi protocols and their contracts
play a major role. This observation suggests that they might implement core functionality, which other protocols
in DeFi compositions can in turn utilize. Under this assumption, preferential attachment [
3
,
33
] is a plausible
generative mechanism for both networks. More generally, networks whose degree distribution follows a power
law, i.e., the fraction of vertices with degree
is given by
()
for values of
, are often associated to
such generative mechanism. We thus estimate the parameters
ˆ
=(ˆ
,ˆ
)
for our two networks and investigate
if the power law distribution is a good t.
We rely on the methodology introduced by Clauset et al. [
9
] and by Broido et al. [
6
]: evidence of scale-free
properties exist either when no alternative heavy-tailed distribution is relatively better than the power law or
when the power law is a plausible model for the distribution. In the former case, the network exhibits Super-Weak
scale-free structure. In the latter, evidence of scale-free properties is said to be Weak if the tail of the distribution
contains at least 50 nodes, and Strong if also 2
<ˆ
<
3 holds. We start by estimating the parameters
ˆ
=(ˆ
,ˆ
)
by minimizing the Kolmogorov–Smirnov distance between empirical and tted data for
ˆ
, and exploit it to
estimate
ˆ
through the method of maximum likelihood estimation [
9
]. We then conduct a goodness-of-t test
via a bootstrapping procedure (
=
5
,
000). The resulting p-value indicates if the power law is a plausible t
(
0
.
1) for the empirical data or not. Finally, we conduct a log-likelihood ratio (
R
) test to compare the power
law t against other heavy-tailed distributions (i.e., the Exponential, the Lognormal, and the Weibull). A positive
value indicates that the power law distribution is favored over the alternative, and the statistical signicance is
supported by a p-value that indicates if the hypothesis R=0 is rejected (<0.1) or not (0.1).
Figure 3 shows the power law t for both networks and their estimated
ˆ
and
ˆ
. Coherently with other
studies on the interaction networks from Ethereum blockchain data [
24
],
lies around 1.7 and 1.8, thus being
slightly smaller than the average values usually found for power law distributions. The hypothesis that a power
law distribution is a good t is not plausible for both networks because p-values are 0.020 and 0.035 for the CA
and Protocol networks, respectively. Table 3 reports the comparisons with other heavy-tailed distributions and
shows that the power law is not signicantly favored over the Lognormal distribution for both networks, while
it is a better t than the Weibull and the Exponential for the Protocol network. In summary, according to the
classication proposed in Broido et al. [
6
], both networks have Super-Weak scale-free properties. Table 4 inspects
the tails of the distributions and reports the top 15 CAs sorted by highest degree: most of the CAs are associated
with a few DEX and lending protocols (1inch,UniSwap,0x,Instadapp,Maker). We can hypothesize that they are
part of DeFi compositions, which we will explore further in subsequent sections.
4.2 Centrality measures
The results in the previous section highlight the relevant role of DEXs and lending protocols. Network centrality
measures are another helpful tool to determine which nodes might implement core functionalities. We consider
the In degree centrality, as we are interested in identifying relevant contracts that other protocols may use in DeFi
compositions. To add further insights, we also provide the results for the Katz and PageRank algorithms. Katz
ACM Trans. Web
12 Kitzler et al.
Table 4. First 15 CAs by highest degree.
Address Label Protocol Degree In degree Out degree
0x00000000000049. . . CHI Token 1inch 2,713,153 305,627 2,407,526
0x7a250d5630b4cf. . . UniswapV2Router02 UniSwap 56,007 1711 54,296
0xc02aaa39b223fe. . . EtherToken-v4 0x 54,469 45,129 9340
0x5c69bee701ef81. . . UniswapV2Factory UniSwap 46,408 26,576 19,832
0x2971adfa57b20e. . . Mainnet-InstaIndex Instadapp 34,497 18,369 16,128
0x4c8a1beb8a8776. . . Mainnet-InstaList Instadapp 33,551 16,956 16,595
0x5ef30b99863452. . . CDP_MANAGER Maker 15,300 8940 6360
0x35d1b3f3d7966a. . . MCD_VAT Maker 15,214 15,214 0
0xa26e15c895efc0. . . PROXY_FACTORY Maker 13,718 1 13,717
0x0000000000b3f8. . . GST2 Token Unknown 13,447 7644 5803
0x11111112542d85. . . contractAddress 1inch 12,371 2073 10,298
0x6b175474e89094. . . MCD_DAI Maker 12,314 12,314 0
0xdef1c0ded9bec7. . . ExchangeProxy-v4 0x 11,147 1138 10,009
0x939daad09fc4a9. . . mainnet-v1-InstaAccount Instadapp 10,876 10,876 0
0xfd3dfb524b2da4. . . N/A Unknown 10,554 1547 9007
centrality accounts for the importance of a node’s neighbors. It is an extension of the eigenvector centrality that
addresses issues arising with directed networks [
28
] by adding a constant initial weight to each node. PageRank
takes into account the Out degree of nodes to control for the drawback of the Katz algorithm that peripheric nodes
might get too high values if linked to a very central node. The values of each centrality metric are normalized to
the range [0,1].
We nd that both networks are dominated by a few nodes with relatively high values (for all centrality
measures) with respect to the other nodes; the In degree values are almost always higher than the Katz ones,
which in turn are often slightly larger than the PageRank centrality values. Table 5 reports the values for the
nodes with the highest centrality in the Protocol (left) and the DeFi CA (right) networks. We show only the
rst three nodes because the others have relatively smaller values in comparison. In the Protocol network, the
most central nodes are two non-labeled CAs. When considering the ranking of the nodes in the highest 10
positions for at least one centrality measure, 10 DeFi protocols appear in the highest positions, and Uniswap,
in particular, plays an important role. Such protocols are thus heavily used by other non-labeled CAs in our
dataset. Uniswap,0x and Maker have higher centrality values with respect to the other protocols. The DeFi CA
network is dominated by the 1inch factory contract mentioned in Section 3.1.2 that deploys CHI tokens. Two
other nodes with relatively high values are the wETH CA related to 0x and another factory contract associated
with Uniswap. Considering again the nodes ranking in the highest 10 positions for at least one centrality measure,
CAs associated to Instadapp and Maker appear repeatedly. Factory deployer contracts play a major role in the
DeFi CA network. Note that, by denition, such contracts have a high Out degree, as their functional role is to
deploy other contracts. Interestingly, the In degree centrality results show thus that they also have a relevant
role as recipients of calls by other contracts of the network. In conclusion, these results are consistent with the
ndings of Section 4.1 in showing that DEX and lending protocols play a major role and may be involved in
compositions.
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 13
Table 5. In degree, Katz and PageRank centrality measures the three most central nodes. For the Protocol network (le), the
column Address/Protocol reports the address of non-labeled CAs or the protocol name associated to the node. For the DeFi
CA network (right), the column Protocol_Address reports the protocol associated to the CA and the CA itself.
Protocol network DeFi CA network
Address/Protocol In degree Katz PageRank Protocol_Address In degree Katz PageRank
0x0000000000b3f8. . . 1 1 1 1inch_0x00000. . . 1 1 1
0xcc88a9d330da11. . . 0.371 0.168 0.111 0x_0xc02aa.. . 0.148 0.107 0.053
UniSwap 0.313 0.176 0.092 UniSwap_0x5c69b.. . 0.087 0.064 0.036
4.3 Reciprocity and assortativity
Next, we look at two measures that provide information on the relationship between nodes and their neighbors,
that is, reciprocity and assortativity. Reciprocity is the likelihood that nodes are mutually linked. Values range
from 0 to 1, the former meaning that the network is purely unidirectional, the latter indicating that all links
are reciprocated. For both the DeFi CA and the Protocol networks, the values (respectively 0.234 and 0.215) are
similar to the one reported in [
24
], and we follow their interpretation that the presence of reciprocated links is a
potential sign of composability, as it shows that smart contracts tend to rely often on each other. The lower value
obtained for the Protocol network could be explained by the presence of many non-labeled (non-protocol-specic)
CAs. If we further reduce the Protocol network by removing all non-labeled CAs, obtaining a graph abstraction
of 23 nodes, the reciprocity (0.677) is much higher, indicating that protocols interact with each other more often
and in a bidirectional way, a sign that compositions exist. Assortativity is a metric that indicates whether nodes
with similar degrees tend to interact with each other (1
>>
0), or if nodes with high degrees interact more
with low degree nodes (0
>>
1). Consistently with previous results on the Ethereum transaction network,
both networks are disassortative (-0.473 for the DeFi CA network and -0.262 for the Protocol network), indicating
heterogeneity and a sign that CAs with high degree are leveraged by many other CAs with a less relevant role in
the ecosystem. As shown above, such nodes are often associated with DEX and lending protocols.
4.4 Components
Reciprocity shows that protocols interact bidirectionally with accounts related to other protocols. We thus look at
metrics providing further insights on how the (code accounts of) dierent protocols fall into distinct disconnected
components. We distinguish between weakly connected components, in which all the nodes are connected by a
path independently of the directions of the edges, and strongly connected, which considers the edge direction.
For the Protocol network, we nd that the largest weakly connected component is equal to the entire network,
while for the CA network, only 34 nodes are outside of the largest component. The remaining nodes fall into 16
components, with a few nodes each. Table 6 lists the three largest strongly connected components. By comparing
the number of edges and nodes, we notice that the second-largest component of both the Protocol and the CA
network is denser than the other larger components. Additionally, in Figure 4 we illustrate how the CAs belonging
to dierent protocols map to the ten largest strongly connected components of the CA network. Interestingly,
the second-largest component also encompasses the vast majority of protocol interactions. While the largest
component is entirely composed of CAs associated with the 1inch protocol, in the second-largest component,
we nd addresses of all the analyzed protocols except for RenVM, which is not present in any of the reported
large components. We also nd that all the protocols fall into the second-largest strongly connected component
regarding the Protocol network. This analysis shows that interactions among protocols primarily occur in a
ACM Trans. Web
14 Kitzler et al.
1 (305,581)
2 (69,116)
3 (5622)
4 (36)
5 (34)
6 (20)
7 (16)
8 (15)
9 (11)
10 (9)
0x
1inch
aave
badger
balancer
barnbridge
compound
convex
curvefinance
dydx
fei
futureswap
harvestfinance
hegic
instadapp
maker
nexus
sushiswap
synthetix
uniswap
vesper
yearn
Protocols
Component ids with total node counts
1e +0 0
1e +0 1
1e +0 2
1e +0 3
1e +0 4
1e +0 5
Node count
unknown
Fig. 4. Heatmap showing how the addresses associated to dierent protocols fall into the ten largest strongly connected
components. The largest component is uniquely composed of 305,581 1inch addresses, while the second collects the vast
majority of protocols. Smaller components identify addresses of protocols that do not interact outside of the protocol itself.
Table 6. Description of the three largest strongly connected components. For both networks the paern is fragmented, but
interestingly the second largest strongly connected components are remarkably more interconnected, indicating that nodes
in these components interact with many other nodes, a prerequisite for composition.
Largest 2nd largest 3rd largest
# Comp. Nodes Edges Nodes Edges Nodes Edges
Contract 2,155,707 305,581 611,160 69,116 370,833 5622 11,242
Protocol 33,832 5622 11,242 3948 14,264 36 71
single, large component that is more interconnected than average. Notably, such interactions might indicate the
existence of compositions due to the overlapping transaction structure of multiple protocols.
4.5 Community Detection
One could naively assume that CAs associated with specic DeFi protocols form communities in the Code Account
network. However, the previous results suggest that the network topology reects DeFi compositions at the level
of the community structure. We thus measure how eectively dierent community detection algorithms detect
protocols in the DeFi CA network.
We follow the approach of Yanget al. [
51
], who provide guidelines for selecting community detection algorithms
depending on the size of the network. We analyze the weakest largest component in its unweighted and undirected
version with non-overlapping communities using four dierent algorithms: multilevel or Louvain [
5
], label
propagation [
34
], leading eigenvector [
29
], and Leiden [
42
]. Using the labeled addresses in our ground truth
dataset, we can verify to what extent
ˆ
, the set of communities identied by partitioning algorithms, correspond
to
, the set of ground truth communities dened by the individual protocols. We quantify their performance
through the normalized mutual information (NMI), a benchmark measure in the literature [
11
,
23
] that quanties
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 15
Table 7. Performance metrics for the community detection algorithms. Low F1 Scores indicate either that the algorithms
poorly identify communities, or that the network topology reflects a more complex organization at the mesoscopic level.
Algorithms Communities Precision Recall F1 Score NMI ˆ
/
Louvain 14 0.3896 0.7181 0.2917 0.9241 0.6087
Leiden 10 0.3021 0.8589 0.2879 0.9620 0.4348
Label prop. 53 0.7107 0.6009 0.4892 0.9404 2.3043
Eigenvector 4 0.1696 0.9070 0.1776 0.9495 0.1739
the similarity between the ground truth communities and the identied communities. In addition, we provide
two additional measures: the ratio
ˆ
/
for the accuracy of the number of identied communities and the F1
score. We compute the latter similarly to [
50
]: rst, for each protocol
we identify the detected community
ˆ
that maximizes the F1 score. Then, we report average precision, recall, and F1 scores over all communities
. Note that we compute the above metrics only on the labeled CAs. The second column of Table 7 reports
the total number of communities that include labeled CAs. The NMI is high for all the protocols, indicating that
overall the algorithms correctly partition the network: indeed, all algorithms cluster together the CAs created by
the 1inch deployer contract, and 1inch is by far the largest ground truth community in terms of labeled accounts.
On the other hand, the low F1 scores (0.18-0.49) result from a small set of misclassied ground truth communities
(e.g., Compound,DyDx,Fei). Upon closer inspection, we noticed that some protocols map entirely into a few
communities dominated by larger protocols (such as UniSwap or Maker), negatively impacting precision, while
others are split into dierent communities, aecting recall. 1inch itself has a non-marginal number of addresses
that map into other communities.
In summary, we see that algorithms work well, with NMI scores above 0.92. However, when considering
the imbalance in our dataset (precision, recall), we nd that known community detection algorithms cannot
eectively identify protocols as distinct communities, but rather indicate protocol composition patterns. The
identied community structure reects a dierent organization in which protocols are entangled.
5 MEASURING DEFI COMPOSITIONS
After analyzing the macroscopic network perspective, we now address the microscopic trace level, where we
identify and extract building blocks, i.e. recurring patterns of internal traces induced by protocol-specic CAs that
are found as subpatterns within dierent transactions. The building block detection can help better understand
DeFi compositions and identify a variety of risks. We consider a detailed risk analysis to be future work, but
can motivate some sources of risk: for example, if security vulnerabilities are identied in underlying building
blocks, they can propagate to higher levels and pose a risk to other DeFi protocols. Atzei et al. [
1
] analyze
the security vulnerabilities of Ethereum code accounts and attacks that exploit them. Legal issues may arise,
including licensing issues, thereby limiting usability in other protocols. This phenomenon also exists in traditional
software
13
. Finally, the technical evolution of a blockchain can also have an impact on the eciency or security
of an existing building block, and here too it is important to identify which protocols are aected.
Thus, we propose an algorithm to extract the possibly nested structure of DeFi protocol calls, which may also
be used by other DeFi protocols. In contrast to recent works, that have discovered and exposed DeFi compositions,
we provide a systematic, automated mechanism to explore them by using building block extraction. We then
assess the most frequent building blocks our algorithm identies and illustrate possible DeFi compositions and
show how the DEX aggregator 1inch and the Instadapp protocols use multiple such building blocks of other
protocols. Further, we atten the nested structure of building blocks and study the interaction of DEX and lending
13https://www.techradar.com/news/this-popular-code-library- is-causing-problems- for-hundreds- of-thousands-of- devs
ACM Trans. Web
16 Kitzler et al.
services. Finally, we present in a case study the dependencies of DeFi protocol on stablecoins, by using our
extracted building block.
5.1 Building Block Extraction Algorithm
In order to detect building blocks, we treat individual transactions as trees of execution traces, that is, as an
abstraction where the external and all the internal transactions are represented as an edge to a new node (thus,
the same CA appears multiple times if executed more than once). We break the trees into subtrees, starting
from the tree’s leaves, and identify a building block whenever we encounter a node that is part of a protocol. If
multiple protocol nodes exist in a tree, the building blocks can be composed of one another. To obtain the nested
structure, we create a hash of each building block and use those hashes to chain nested tree structures. Figure 5
illustrates the process from a high-level perspective. Subgure 5a represents the input, which corresponds to
the original transaction trace graph which we’ve also shown in the introductory Figure 1. We aim to identify
building blocks that execute the same logic despite being dierent instances involving dierent addresses (i.e., a
swap with dierent tokens). We preprocess and generalize the execution trace trees as follows:
Preprocessing: In contrast to a graph, like in Figure 5a, an execution tree can have the same node appearing
multiple times as a leaf node, eectively having no cycles. Each edge has a trace ID, determining the order
of the calls. If a contract address appears in a trace that has been deployed by a factory, we rename it to
$protocol-DEPLOYED
. Furthermore, we rename all contract addresses as
ASSET
, which fulll the criteria that
their smart contract code contains the standard ERC20 token method signatures, and if within the trace, the
token contract is called with one such method. The result of these preprocessing steps is shown in Figure 5b. This
preprocessing assumes that factory deployed contracts and ERC20 token contracts provide similar functionality.
This allows us to generalize the traces, as many similar interactions with various standardized tokens become
identical.
(a) Original transaction trace graph of
the composition as shown in Figure 1.
(b) Conversion to execution tree, renam-
ing factory deployed contracts and as-
sets.
Building
block 2
Building
block 1
Building
block 3
(c) Identification of general building
blocks from protocol nodes with sub-
traces.
Fig. 5. A high-level illustration of the building block extraction algorithm. Subfigure 5a represents the input composition. This
graph is then converted into an execution tree as shown in Subfigure 5b, such that each node can only have one incoming
edge, requiring the duplication of nodes. In addition, the underlying assets (tokens) and factory deployed contracts are
renamed. In this example, the trading pair contracts are factory deployed (FD). This allows for the identification of generalized
building blocks, as each trading pair only dierentiates itself by the specific assets it is dealing with. The result of the building
block extraction is then shown in Subfigure 5c, and is the result of a boom-up processing of the tree, selecting subtrees of
known protocol nodes. See Algorithm 1 for more details.
ACM Trans. Web
Disentangling Decentralized Finance (DeFi) Compositions 17
Algorithm 1: Building Block Extraction
Inputs :
(1) Directed, attributed transaction trace tree
( , , , )
with functions
:
N
assigning a
unique trace ID, and :Nassigning a method ID on the edges of the tree,
(2) protocol vertices
Outputs : Lists of building blocks , and hashes
1 ( );// Init. list of building blocks
2
( );// Init. list of building block hashes
3 ()|∀ :;// Edges to protocol nodes
// For each edge to a protocol, get subtree
4
() | edges reachable from for each ;
5
([]) |
;// edge induced subtrees
6
lter(
, by=tree-depth, minimum=2);
7
sort(
, by=tree-depth, how=ascending);
8for (, , , )
do // for each subtree
9// Compute building block hash with
, ,
10
sort(, by=(), how=ascending); // Sort edges
11
(1, . .., )=|
:;// Vert. list
12 () |
;// Outdegree list
13 (
);// Method ID list
14 sha256hash(stringify(
, , ));
15 [
];// B. block as vertex induced subtree
16 replace(what=, in=, with=);
17 ;// Append building block
18