Andre Cronje: DeFi No Longer Decentralized as Industry Splits Over Security Path Around "Circuit Breakers"

Odaily reported that Andre Cronje stated that most current decentralized finance (DeFi) protocols no longer qualify as "DeFi in the strict sense," but are closer to commercial systems operated by teams. This has sparked industry divisions over whether "circuit breakers" should be introduced to mitigate attack risks.

In an interview, Andre Cronje pointed out that early DeFi was centered on immutable smart contracts, but today, many protocols rely on upgradeable contracts, multi-signature permissions, off-chain infrastructure, and manual operational processes. Essentially, they have transitioned from "immutable public goods" to "operable, profit-oriented businesses." He noted that in the wake of recent security incidents, including DeFi attacks of approximately $280 million and $293 million, industry risks have expanded from simple smart contract vulnerabilities to "Web2-style risks" like infrastructure flaws, permission controls, and social engineering attacks.

Regarding risk management, Andre Cronje's Flying Tulip recently introduced a circuit breaker mechanism that delays or queues withdrawals during abnormal fund outflows. This provides an approximately 6-hour emergency response window to prevent systemic bank runs and further losses.

However, this mechanism has also sparked controversy. Michael Egorov believes that circuit breakers may introduce new centralized attack surfaces. If controlled by signers or administrators, they could become new security vulnerabilities or sources of freezing risk. He emphasized that DeFi design should minimize human intervention rather than add more manual control points. Industry analysts point out that this debate essentially reflects DeFi's shift from the ideal model of "code is law" toward a practical architecture of "hybrid governance and operational control," where the security boundaries are being redefined. (Cointelegraph)