Curve Finance Founder: The Main Threat to DeFi Is Hidden Centralization
The world of decentralized finance (DeFi) is going through tough times: losses from hacks in April 2026 alone hit a record high, and since the start of the year, sector losses have exceeded $795 million. Against this backdrop, the founder of one of the largest protocols—Curve Finance, Mikhail Egorov—stated that the main cause lies not in the code, but in the architecture of the systems themselves.
According to him, many projects that call themselves decentralized actually rely on centralized elements—so-called single points of failure. It's like a safe guarded by a single lock: if that lock is cracked, access to all funds is open.
What Is a Single Point of Failure and Why Is It Dangerous?
A single point of failure is a system component whose failure brings the entire system to a halt. In DeFi, such points are often bridges between blockchains, oracles (services that feed data from the outside world), or third-party protocols.
A striking example is the recent hack of the LayerZero bridge, which is used for transfers between different blockchains. The attack affected the rsETH asset, which in turn blocked withdrawals for users of Aave—one of the most popular lending protocols.
Egorov emphasizes: the problem is not that the code is poorly written, but that the system is designed so that a single failure paralyzes everything.
What to Do? The Curve Finance Founder's Opinion
To reduce risks, Egorov proposes three steps:
- Design protocols with fault tolerance in mind. Even at the development stage, mechanisms should be built in that eliminate single points of failure.
- Use trust splitting. If dependence on a single infrastructure is unavoidable, trust in it should be distributed among several independent participants.
- Create industry security standards. Egorov believes that the Ethereum Foundation and Solana Foundation should take the initiative to establish unified principles and recommendations. Project teams, auditors, and risk assessment specialists should be involved in the work.
At the same time, he notes: even in the pursuit of full decentralization, we can and should learn from the traditional financial sector, which has been building critical infrastructure protection systems for decades.
What Matters
- The main cause of DeFi hacks is not code errors, but centralized elements within decentralized systems.
- Due to the LayerZero bridge hack, Aave user assets were affected—a clear example of a chain reaction.
- Egorov calls for the creation of industry security standards under the auspices of the Ethereum Foundation and Solana Foundation.
- April 2026 became the worst month in DeFi history in terms of losses—the industry is losing user trust.
- The solution is a systematic approach to design and the distribution of trust among participants.
What This Means for Ordinary People
If you use DeFi services, remember: even large protocols can be vulnerable due to hidden dependencies. Carefully study the infrastructure on which the project is built, and do not store all your funds in one place. Until the industry develops unified security standards, the risk remains high.
— Editorial Team