Michael Egorov, founder of Curve Finance and Yield Basis, has called for industry-wide safety standards in decentralized finance following a fresh wave of exploits, including the KelpDAO incident. His argument is straightforward: too many DeFi systems still rely on centralized points of failure, and those weaknesses continue to be exposed when markets come under stress.
According to Egorov, the sector should move beyond reactive patching and adopt a more preventive approach to protocol design. He said problems of this kind should ideally be stopped before they occur, which means reducing critical dependencies wherever possible. In cases where some degree of centralization cannot be removed, trust should be distributed across multiple parties and supported by clearer operational safeguards.
A Broader Definition of Security
Egorov’s comments highlight a broader debate about what security means in DeFi. Smart contract audits have become a standard part of launching and maintaining protocols, but audits alone do not address every source of risk. Egorov pointed to the wider system architecture around protocols, including how external components are configured and how operational dependencies are managed, as an area where standards remain inconsistent.
That distinction has become increasingly important as DeFi attracts more institutional attention and larger pools of capital. In a market where capital allocation depends not only on code quality but also on confidence in infrastructure resilience, preventable failures are becoming harder for users and investors to tolerate. As a result, security is no longer just a technical issue for development teams; it is also a market structure issue that influences trust and long-term adoption.
Call for Ecosystem Coordination
Egorov urged major ecosystem players, including the Ethereum Foundation and the Solana Foundation, to help coordinate common guidelines for building and verifying secure protocols. The idea is not simply to create another checklist, but to establish a shared framework that developers, auditors, and risk managers can follow across the industry.
Such a framework, if adopted, could provide more consistency in how DeFi protocols evaluate architecture-level risks, external integrations, custody assumptions, and governance dependencies. His remarks suggest that while decentralization remains the sector’s defining promise, practical implementation often falls short when core systems depend on a narrow set of trusted actors or operational chokepoints.
The timing of his comments is notable. Recent incidents have renewed scrutiny of whether DeFi’s rapid growth has outpaced its infrastructure discipline. As the space matures, markets are increasingly distinguishing between unavoidable risk and failures that stem from preventable design flaws.
Investors Say Failures Are Part of the Process
Not everyone in the industry interprets the latest incidents as evidence of structural decline. Haseeb Qureshi, managing partner at Dragonfly, argued that failures have long been part of the DeFi development cycle. In his view, the sector has repeatedly shown an ability to absorb shocks, learn from mistakes, and improve its risk frameworks over time.
Qureshi referenced past market crises, including the collapse of Terra and earlier disruptions across crypto markets, as examples of how the ecosystem has evolved through stress. He said that DeFi learns from failure, and that the crucial point is these failures are typically not fatal to the system as a whole. He compared the process to traditional finance, which also developed its safeguards over decades through repeated banking crises and market dislocations.
His argument reflects a view held by many crypto investors: intermittent breakdowns, while costly, are often part of a broader cycle of experimentation and refinement. In this reading, DeFi is not weakening because incidents occur; rather, it is slowly becoming more robust as protocols and users adapt to lessons learned in real time.
Built-In Buffers Are Becoming More Common
Supporters of this more optimistic view point to the increasing use of protocol-level guardrails. Many DeFi systems are now designed with mechanisms such as overcollateralization and buffer reserves, which can help absorb stress events and isolate damage. These design choices aim to prevent local failures from turning into broader contagion across the ecosystem.
That does not mean losses are trivial. Rather, it suggests that the architecture of many major protocols is gradually becoming more resilient to isolated incidents. In this framework, a hack or exploit may lead to large short-term losses without necessarily threatening the existence of DeFi as a whole.
Still, the tension remains unresolved. Developers want stronger coordination, higher standards, and fewer preventable failures. Investors may accept disruption as part of innovation, but they also expect the system to improve over time. Those two positions are not entirely contradictory, yet they imply different levels of urgency when it comes to industry reform.
The KelpDAO Incident Intensified the Debate
The debate gained momentum after the KelpDAO exploit, which reportedly resulted in losses of more than $300 million. The incident triggered heavy withdrawals across the DeFi sector, affected lending markets, and added pressure to major protocols such as Aave. At the ecosystem level, total value locked reportedly fell by $14.17 billion, underscoring how a single vulnerability can reshape market sentiment far beyond the directly affected protocol.
The scale of that reaction has reinforced concerns about interconnection risk in DeFi. Even when a vulnerability appears isolated, the market impact can spread quickly through lending, collateral, liquidity, and confidence channels. That dynamic helps explain why Egorov is pushing for more systematic standards rather than relying solely on project-level fixes.
It also explains why the discussion has shifted from whether incidents happen to what kinds of incidents should remain acceptable. In a younger market, users may have tolerated repeated failures as the cost of open experimentation. In a more capitalized and institutionally watched sector, expectations are changing.
What Comes Next for DeFi Security
The larger issue raised by Egorov’s comments is how DeFi will mature from a fast-moving innovation environment into a more dependable financial infrastructure layer. If the industry can agree on shared safety principles without undermining openness and composability, it may improve both user protection and investor confidence. If it cannot, preventable failures may continue to slow adoption and invite stronger scrutiny from both market participants and external observers.
What is clear from the latest debate is that DeFi is entering a new phase of accountability. More capital is flowing into decentralized markets, and with that growth comes less tolerance for avoidable mistakes. Whether the next stage of DeFi is defined by stronger collective standards or continued trial-and-error may determine how the sector evolves in the years ahead.

