Andre Cronje: DeFi is no longer decentralized; the industry is divided on security approaches surrounding the "circuit breaker mechanism."

Andre Cronje stated that most current decentralized finance (DeFi) protocols no longer strictly adhere to the definition of "DeFi," but rather resemble team-operated commercial systems. This has sparked industry debate regarding the introduction of circuit breakers to mitigate attack risks. In an interview, Cronje pointed out that while early DeFi was centered on immutable smart contracts, many protocols now rely on upgradeable contracts, multi-signature permissions, off-chain infrastructure, and manual maintenance processes, essentially transforming from "immutable public goods" into "operable, profitable businesses." He noted that recent security incidents, including DeFi attacks worth approximately $280 million and $293 million, have broadened industry risks beyond simple smart contract vulnerabilities to include "Web2-style risks" such as infrastructure vulnerabilities, access control issues, and social engineering attacks. To address risk management, Flying Tulip, where Cronje works, recently introduced a circuit breaker mechanism. This mechanism delays or queues withdrawals during abnormal fund outflows, providing a 6-hour emergency response window to prevent systemic runs and further losses. However, this mechanism has also sparked controversy. Michael Egorov argues that circuit breakers could introduce new centralized attack surfaces, and if controlled by signers or administrators, they could become new sources of security vulnerabilities or freeze risks. He emphasizes that DeFi design should minimize human intervention, rather than increasing the number of manually controlled nodes. Industry analysts point out that this debate essentially reflects DeFi's shift from the ideal "code is law" model to a more realistic architecture of "hybrid governance + operational control," and that security boundaries are being redefined. (Cointelegraph)