Decentralized finance (DeFi) in Ethereum is a financial ecosystem built on
the blockchain that has locked over 200 billion USD until April 2022. All
transaction information is transparent and open when transacting through the
DeFi protocol, which has led to a series of attacks. Several studies have
attempted to optimize it from both economic and technical perspectives.
However, few works analyze the vulnerabilities and optimizations of the entire
DeFi system. In this paper, we first systematically analyze vulnerabilities
related to DeFi in Ethereum at several levels, then we investigate real-world
attacks. Finally, we summarize the achievements of DeFi optimization and
provide some future directions