DeFi Protocols Shift towards Manual Control Sparks Security Concerns

DeFi protocols have undergone significant changes in recent years, with many now relying on manual control, upgradable contracts, and off-chain infrastructure. This shift has sparked discussions about the true nature of DeFi and whether it still aligns with its original principles.

According to Andre Cronje, a prominent figure in the DeFi space, many protocols are no longer truly decentralized finance entities. Instead, they have become 'profit-driven companies operated by teams,' relying on manual control and off-chain infrastructure to function.

Cronje points out that recent security incidents in DeFi, such as the attacks on Flying Tulip, Drift Protocol, and Kelp, are not due to code vulnerabilities but rather stem from off-chain infrastructure, permission management, and social engineering attacks. In response, some protocols have introduced circuit breakers, which can delay or queue withdrawal requests under unusual circumstances.

However, experts like Michael Egorov caution that these mechanisms can introduce new centralized risks if control permissions fall into the wrong hands. Egorov believes that the long-term direction of DeFi should be to minimize human intervention and centralized permissions as much as possible.