Odaily Planet Daily reports that Andre Cronje stated that most current decentralized finance (DeFi) protocols no longer meet the strict definition of DeFi, but are instead closer to team-operated business systems. This has sparked industry disagreement over whether "circuit breakers" should be introduced to mitigate attack risks.
In an interview, Andre Cronje noted that early DeFi was centered around immutable smart contracts, but today, numerous protocols rely on upgradeable contracts, multisig permissions, off-chain infrastructure, and manual operational processes—effectively transforming from “immutable public goods” into “operable profit-driven businesses.” He stated that, against the backdrop of recent security incidents—including DeFi attacks involving approximately $280 million and $293 million—the industry’s risks have expanded beyond mere smart contract vulnerabilities to include “Web2-style risks” such as infrastructure weaknesses, permission controls, and social engineering attacks.
For risk management, Andre Cronje’s Flying Tulip recently implemented a circuit breaker mechanism that delays or queues withdrawals during abnormal fund outflows, providing a roughly six-hour emergency response window to prevent systemic runs and further losses.
However, this mechanism has sparked controversy. Michael Egorov argues that the circuit breaker could introduce new centralized attack vectors, potentially becoming a new security vulnerability or source of asset freeze risks if controlled by signers or administrators. He emphasizes that DeFi design should minimize human intervention rather than add manual control points. Industry analysts note that this debate fundamentally reflects DeFi’s gradual shift from the idealistic “code is law” model toward a practical architecture of “hybrid governance + operational control,” with the security boundary being redefined. (Cointelegraph)