Andre Cronje, the founder of Flying Tulip and a well-known figure in decentralized finance, has sparked a fresh debate by declaring that much of what is called DeFi today is “no longer DeFi” in the strict sense. In an interview with Cointelegraph, Cronje argued that the industry has moved away from its foundational principles of immutable, decentralized smart contracts and toward for-profit business models with upgradeable contracts, offchain infrastructure, and operational controls.

“I think what we have today, Flying Tulip included, is no longer DeFi. It’s not decentralized finance. It’s not immutable code. It’s teams running for-profit businesses,” Cronje said. His comments come at a time when the DeFi sector is grappling with a wave of high-profile exploits, pushing security conversations beyond traditional smart contract audits and into questions of operational risk and human decision-making.

From immutable code to for-profit teams

Cronje’s critique centers on the evolution of DeFi protocols. Early projects were often characterized by immutable, non-upgradeable smart contracts that ran autonomously, with no admin keys or multisig controls. However, as the space matured, many protocols introduced proxy contracts, governance tokens, and administrative functions that allow developers to change code or pause operations. This shift, Cronje argues, has fundamentally changed the security model.

“The focus over all the industry is still very much on the contract side and not on the more TradFi side,” he said, noting that recent exploits often involve “traditional Web2 stuff” such as infrastructure access, compromised private keys, and social engineering. He cited examples where attackers targeted offchain components like cloud servers, databases, or even the human teams managing multisig wallets.

Flying Tulip, the project Cronje founded, recently added a withdrawal circuit breaker designed to delay or queue withdrawals during abnormal outflows. The move was a direct response to major incidents in April, including a $280 million exploit on the decentralized exchange Drift Protocol and a $293 million attack on restaking platform Kelp. The cumulative losses have reignited discussions about whether emergency controls like circuit breakers are a necessary safeguard or a dangerous centralization vector.

Circuit breakers: safety net or new vulnerability?

Cronje explained that Flying Tulip’s circuit breaker is not intended to permanently block withdrawals but to create a response window. “Our circuit breaker isn’t actually designed so that we can stop or prevent anything from happening. It’s to give us time to react,” he said. The system provides about six hours for the team to assess and respond to unusual outflow patterns. For smaller teams, Cronje suggested a 12–24 hour window might be more appropriate.

He emphasized that circuit breakers should be viewed as one layer in a broader security stack that includes audits, distributed multisigs, timelocks, and constant monitoring. “Security is always a layered approach. It’s never a ‘this is the one thing’ that makes you invulnerable,” Cronje said.

However, Curve Finance and Yield Basis founder Michael Egorov offered a more cautious perspective. Egorov acknowledged that circuit breakers can make sense in theory but warned they introduce new risks if not implemented carefully. “The circuit breakers are controlled by humans, which means they could become a potential vulnerability themselves,” he told Cointelegraph. If emergency controls allow signers to change contract code or block withdrawals, compromised signers could turn the safeguard into a drainer or a centralized freeze mechanism.

Egorov pointed out that the most recent DeFi exploits did not stem from smart contract bugs. “The vast majority of the most recent DeFi exploits happened not due to errors in code. They happened because of centralization risks — single points of failure which live off-chain,” he said. He cited the rsETH incident involving Aave, Kelp, and LayerZero, where the compromise came from offchain infrastructure rather than the smart contracts themselves. Egorov argued that DeFi protocols face “a whole tree of risks,” with the largest often tied to human actors rather than code.

In his view, the long-term solution is to design systems that can operate safely without manual intervention. “The goal of DeFi design should be to minimize human-centric points of failure, not add to them. DeFi needs to be safe, and safety comes from decentralization,” Egorov said.

Standard Chartered sees resilience in response

Standard Chartered weighed in on the Kelp episode, framing it as evidence of DeFi’s growing pains rather than a fatal flaw. In a research note from Wednesday, the bank noted that the April 18 theft exposed systemic risks, particularly after the impact spread to Aave’s lending markets. However, the bank highlighted the rapid response from the community, as the DeFi United coalition raised over $321 million to help mitigate losses and fund recovery efforts.

The bank also pointed to structural improvements underway, such as upgrades to Aave V4 and the proposed Ethereum Economic Zone (EEZ), which aim to reduce reliance on bridges — a major attack vector in recent crypto hacks. “These developments suggest the sector is developing stronger defenses,” the report stated.

Standard Chartered’s analysis adds a macroeconomic perspective to the debate, suggesting that the industry’s ability to coordinate and respond to crises may ultimately strengthen its resilience. The bank did not take a strong stance on circuit breakers but acknowledged that operational controls are becoming an increasingly important part of DeFi security.

Background on Andre Cronje and Flying Tulip

Andre Cronje is one of DeFi’s most influential developers, having co-founded the Yearn Finance ecosystem and contributed to numerous other projects. Flying Tulip, the platform he currently leads, is designed to offer synthetic asset trading and yield generation. Cronje has been outspoken about the evolution of DeFi, often criticizing the industry’s drift toward centralization and rent-seeking. His latest comments are part of a broader call for the community to reexamine what it means to be “decentralized.”

Flying Tulip’s circuit breaker implementation is relatively new, and it remains to be seen whether other protocols will follow suit. The debate between Cronje and Egorov reflects a deeper philosophical divide: whether DeFi should prioritize autonomous, immutable systems or accept pragmatic safety measures that require human oversight.

The recent exploits have also accelerated conversations about insurance mechanisms, decentralized oracles, and cross-chain security. Many developers are now exploring ways to build “safety layers” that do not rely on a single point of failure. For example, some teams are experimenting with timelock-based withdrawal limits or automated risk parameters that trigger circuit breakers without manual intervention.

Key facts from the original article

• Andre Cronje says most modern DeFi protocols are not truly decentralized but are for-profit businesses with upgradeable contracts and offchain dependencies.
• Flying Tulip introduced a withdrawal circuit breaker to give the team 6 hours to react to abnormal outflows; Cronje suggests smaller teams may need 12–24 hours.
• April’s DeFi exploits include a ~$280 million loss on Drift Protocol and a ~$293 million loss on Kelp platform.
• Michael Egorov warns that circuit breakers introduce human vulnerabilities; advocates for minimizing human-centric points of failure.
• Standard Chartered frames the Kelp incident as a sign of DeFi resilience, citing the $321 million raised by DeFi United and structural upgrades like Aave V4.
• The article notes that many recent hacks involved offchain infrastructure (Web2 attacks) rather than smart contract bugs.
• Both Cronje and Egorov agree that security requires a layered approach, but differ on whether circuit breakers help or hurt decentralization.

The ongoing debate underscores a fundamental tension in DeFi: how to balance innovation, user protection, and the core ethos of decentralization. As the industry matures, builders must decide whether to embrace emergency controls as necessary tools or to double down on immutable code and trust-minimized design. The outcomes of these discussions will shape the next generation of DeFi protocols.

Source: Cointelegraph News