Curve Finance founder Michael Egorov says a growing wave of “avoidable” DeFi exploits is damaging trust across the entire industry. He argues that many recent incidents share the same root problem: centralized single points of failure inside systems that are supposed to be decentralized.
In a new post and comments shared via local coverage, Egorov points to the KelpDAO rsETH bridge attack and the resulting stress on Aave as clear examples. In those cases, different teams said systems were working as normal, yet users could not withdraw funds, which he says exposes fragile dependencies and blurred responsibility.
He insists DeFi can still be the future of global finance, but only if projects address these structural weaknesses before the next cycle of capital flows in. Otherwise, he warns, each high‑profile hack makes institutions and retail users more cautious about allocating fresh liquidity to on‑chain protocols.
Call For a Shared DeFi Security Standard
Egorov is calling for a unified DeFi security “rulebook” built and maintained by the industry rather than by a single protocol. He wants project teams, audit firms, and risk groups to share concrete best‑practice configurations, especially around oracles, bridges, multisigs, and admin roles.
He suggests Ethereum‑ and Solana‑aligned foundations could help coordinate this work by convening ecosystem players and agreeing on baseline principles for building and verifying secure contracts. In his view, this would not replace independent audits, but it would give developers a common checklist and reduce the odds of repeating past mistakes.
The push comes as DeFi losses keep climbing in 2026. One review finds protocols lost more than 750 million dollars to exploits in the first months of the year, with bridge and key‑management failures doing the most damage. Egorov says a shared standard should focus first on removing single points of failure in those components.
Rising Hack Numbers Sharpen the Urgency
Data providers report that hackers stole about $169 million from 34 DeFi protocols in the first quarter alone, even as totals are lower than last year’s extreme peak. The more worrying change is the size of single attacks, such as the $292 million KelpDAO bridge exploit and a 285 million dollar hit on Drift Protocol.
Security researchers note that these incidents often involve private key compromises, bridge logic bugs, or weak governance protections around upgrades.
