Close Menu
  • Coins
    • Bitcoin
    • Ethereum
    • Altcoins
    • NFT
  • Blockchain
  • DeFi
  • Metaverse
  • Regulation
  • Other
    • Exchanges
    • ICO
    • GameFi
    • Mining
    • Legal
  • MarketCap
What's Hot

Could Polymarket’s $6.5mln lawsuit reshape prediction-market disputes?

09/07/2026

Solana Advances with USDC Payment Integration

09/07/2026

Bitcoin just broke below the floor of its famous Rainbow Chart into the ‘BTC is dead’ zone

09/07/2026
Facebook X (Twitter) Instagram
  • Back to NBTC homepage
  • Privacy Policy
  • Contact
X (Twitter) Telegram Facebook LinkedIn RSS
NBTC News
  • Coins
    1. Bitcoin
    2. Ethereum
    3. Altcoins
    4. NFT
    5. View All

    Bitcoin just broke below the floor of its famous Rainbow Chart into the ‘BTC is dead’ zone

    09/07/2026

    European Company Managing $11 Billion Reveals Bitcoin (BTC) Year-End 2026 Price Prediction! Bull or Bear?

    09/07/2026

    Why the Electronic Cash Narrative is Making a Comeback

    09/07/2026

    Here Is How Michael Saylor Can Actually Save Strategy

    09/07/2026

    ETH Tests $1,800 Breakout Level

    09/07/2026

    Ethereum is about to replace itself: Inside the Lean Rebuild

    09/07/2026

    Ether climbs toward $2K as Bitmine buys ETH, Robinhood L2 boost

    09/07/2026

    Ethereum climbs toward $1800 – THESE 2 metrics flash caution

    09/07/2026

    Bitcoin Pioneer Adam Back Questions Telegram Founder Durov Over GRAM Token Supply

    09/07/2026

    Week in Review – June 8 – June 14

    09/07/2026

    Ripple’s RLUSD on Top 9 Stablecoin List: New Milestone Reached

    09/07/2026

    Is 2026 the Year of Stellar XLM? The Biggest Updates From the Year So Far

    09/07/2026

    BIG3 NFT Buyers Sue Ice Cube’s Basketball League Over Alleged Unfulfilled Promises

    08/07/2026

    Cristiano Ronaldo Retirement Puts Billion-Dollar NFT Market to the Test

    06/07/2026

    Bonk-Owned NFT Marketplace Exchange Art to Shut Down on August 1

    04/07/2026

    Element NFT Marketplace Expands Reach to Ink to Enhance NFT Accessibility

    27/06/2026

    Could Polymarket’s $6.5mln lawsuit reshape prediction-market disputes?

    09/07/2026

    Solana Advances with USDC Payment Integration

    09/07/2026

    Bitcoin just broke below the floor of its famous Rainbow Chart into the ‘BTC is dead’ zone

    09/07/2026

    Uniswap integrated Sky’s LitePeg to enable 1:1 swaps among DAI, USDS and USDC

    09/07/2026
  • Blockchain

    South Korean consortium completes digital local currency pilot on Kaia blockchain

    08/07/2026

    XRP Ledger Missing From Stablecoin Data as Ethereum and Tron Dominate With 81% Share

    08/07/2026

    Meme coin trading lifts Solana addresses 38%, BNB Chain volume 45%

    08/07/2026

    What Is a Stablechain? Payment Blockchains Explained

    08/07/2026

    UNDP signed agreement with Stellar to scale blockchain payments after pilots in 5 countries

    08/07/2026
  • DeFi

    Uniswap integrated Sky’s LitePeg to enable 1:1 swaps among DAI, USDS and USDC

    09/07/2026

    Nado expands xPoint rewards for xStocks users on Ink Chain

    09/07/2026

    Aave rolls out vaults for yield-hungry fintech investors

    09/07/2026

    Is Monad’s record $477mln TVL organic or incentive-driven? Assessing…

    08/07/2026

    Uniswap floats extending UNIfication burns to v4 pools

    08/07/2026
  • Metaverse

    Is Solana Gaming Back? Kintara Activity Fuels Renewed Optimism in Onchain MMOs

    24/06/2026

    The Sandbox launches AI game engine ‘The Sandbox Studio’ for next-generation creators

    10/06/2026

    Meta commits $13M in funding for Oversight Board through 2028

    29/05/2026

    Why Animoca’s Yat Siu says the future is 100 billion AI agents

    07/05/2026

    ‘8,000 Jobs’—Polymarket Sees Tech Layoff Surge As Meta AI Push Bites

    18/04/2026
  • Regulation

    Keel Infrastructure upsizes convertible note offering to $400 million amid strong demand

    09/07/2026

    Are retail traders selling their bitcoin to buy the SpaceX IPO?

    09/07/2026

    AI Stocks Now Make Up 40% of the U.S. Market

    09/07/2026

    Tether Designates Independent Director to Twenty One Capital’s Board

    09/07/2026

    A crypto pioneer who turned a $20 million family stake into a billion-dollar fund doubles down on bitcoin

    09/07/2026
  • Other
    1. Exchanges
    2. ICO
    3. GameFi
    4. Mining
    5. Legal
    6. View All

    Solana Advances with USDC Payment Integration

    09/07/2026

    France World Cup Winning Odds Climb to 35% as Polymarket Volume Tops $3.9 Billion

    09/07/2026

    Open USD Stablecoin Puts Circle And Tether On Notice

    09/07/2026

    OKX Ventures Secures 20% Stake in Coinone, Becoming Joint Third-Largest Shareholder

    09/07/2026

    ICO market slows sharply with only six completions in 2026

    30/04/2026

    South Korea Poised to Lift Ban on Domestic ICOs After 7 Years

    19/12/2025

    Why 2025’s Token Boom Looks Both Familiar and Dangerous

    31/10/2025

    ICO for bitcoin yield farming chain Corn screams we’re so back

    22/01/2025

    Yield Guild Games Sunsets YGG Play Publishing Unit, Cuts 35 Jobs

    06/07/2026

    GO1 and Xiaohai Set up Potential Rematch at EWC 2026 Fatal Fury Bracket in Paris

    06/07/2026

    Nexus Acquires Homegrown App Marketplace One Store, Expanding into Global Web3 Game Hub

    21/06/2026

    GMATRIXS and Plum Protocol Partner to Blend GameFi with Meme Assets, Driving Multi-Chain Web3 User Experience

    16/06/2026

    Bitcoin miners have until 2027 to prove they deserve power on America’s overloaded grid

    09/07/2026

    Malaysia raids lead to seizure of 75,578 crypto mining rigs

    09/07/2026

    Malaysian Sweep in Crypto Mining Strikes at Illegal Operations

    08/07/2026

    Galaxy turns Helios Bitcoin mine into AI hub for CoreWeave

    08/07/2026

    Could Polymarket’s $6.5mln lawsuit reshape prediction-market disputes?

    09/07/2026

    Prediction Markets Price Platner’s Maine Senate Exit as All but Certain by Late July

    09/07/2026

    US Judge Denies Kalshi Bid to Block New York Sports Betting Regulations

    09/07/2026

    Satoshi Ownership Lawsuit Fails

    09/07/2026

    Could Polymarket’s $6.5mln lawsuit reshape prediction-market disputes?

    09/07/2026

    Solana Advances with USDC Payment Integration

    09/07/2026

    Bitcoin just broke below the floor of its famous Rainbow Chart into the ‘BTC is dead’ zone

    09/07/2026

    Uniswap integrated Sky’s LitePeg to enable 1:1 swaps among DAI, USDS and USDC

    09/07/2026
  • MarketCap
NBTC News
Home»DeFi»DeFi losses are now 8,500% higher than TradFi breaches per dollar moved
DeFi

DeFi losses are now 8,500% higher than TradFi breaches per dollar moved

NBTCBy NBTC26/04/2026No Comments11 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email


I believe the hardest question for DeFi in 2026 is whether the original dream is still alive.

The collective bargain was simple. Users would hold their own keys. Code would execute the rules. Markets would stay open. Ledgers would be visible.

Intermediaries would lose power because financial services could run on public smart contracts rather than private balance sheets.

That framing explains why decentralized finance grew so quickly after 2020. It also explains why the current moment feels so deflating.

I’d like to preface this piece by saying that I believe decentralized finance is an essential part of the world I want to live in. However, I’m also not a zealot for a system that has failed to deliver on its promises.

I believe in “strong opinions, loosely held,” and my conviction on DeFi is pretty loose right now.

The sector has now lived through years of bridge exploits, price manipulation, smart contract failures, wallet compromises, governance fights, and public liquidity stress. At the same time, institutions are adopting tokenization, digital cash, and settlement rails while leaving much of the permissionless political project behind.

The most defensible take is now much narrower than the old promise. DeFi proved that public settlement, automated markets, composability, and transparent ledgers can operate at meaningful scale.

It has yet to prove that those properties, by themselves, create a safer, more decentralized, or more accessible finance than the system it set out to challenge.

The original bargain had a hidden dependency stack

The institutional case for DeFi describes its core appeal: open financial systems built on smart contracts and shared public infrastructure. That was the optimistic version of the pitch.

Anyone with a wallet could access markets, move collateral, borrow, lend, trade, and inspect the rules. The system would be transparent by default, with settlement happening on-chain rather than inside private institutional ledgers.

The complication is that decentralization was always a layered concept. Vitalik Buterin’s older framework separated decentralization into architectural, political, and logical dimensions.

A system can be architecturally decentralized because it runs across many machines, while remaining politically concentrated if decisions rest with a small group of tokenholders, teams, multisigs, foundations, front-end operators, or infrastructure providers.

That split is essential because much of DeFi looked decentralized at the transaction layer while remaining dependent on concentrated forms of control elsewhere.

The Bank for International Settlements made a sharp institutional critique in 2021 that many of us likely scoffed at at the time. It called DeFi’s decentralization a structural illusion because governance needs make some centralization inevitable, and because token and validator economics can concentrate power.

BIS was drawing a line between automated settlement and unavoidable decision-making. Protocols still needed decisions about upgrades, risk parameters, collateral listings, incentives, oracle choices, emergency controls, and treasury use.

Those decisions rarely emerged from a perfectly dispersed public. They usually passed through identifiable governance channels and actors. The paper version carries the same institutional critique for policy readers.

The Financial Stability Board added another constraint in 2023. DeFi, it said, had remained mainly self-referential, with products and services interacting with other DeFi products rather than the real economy.

It also inherited familiar vulnerabilities from traditional finance, including leverage, liquidity mismatch, operational fragility, and interconnectedness. The process was new. The risk family was older.

A later governance paper from the ECB reinforced the same direction of travel by focusing on identifiable actors within DeFi governance.

That lands us at this. DeFi reduced reliance on banks for certain transactions, but it increased reliance on code, bridges, governance, front ends, wallets, oracles, custodial touchpoints, and security teams.

It shifted trust rather than removing it. That shift created genuine transparency. It also created new failure modes.

The security record broke the cleanest version of the pitch

The strongest evidence against DeFi’s original security pitch is the record of thefts in 2021 and 2022. A Chainalysis review put DeFi hack losses at about $2.5 billion in 2021, $3.1 billion in 2022, and $1.1 billion in 2023.

Since 2023, almost $7 billion has been stolen as hacks continue, and now AI models are creating a new (perhaps even scarier) attack vector.

The 2022 figure was especially damaging. Hackers stole $3.8 billion from crypto businesses overall that year alone, and DeFi protocols accounted for 82.1% of the funds stolen.

Cross-chain bridges made up 64% of the DeFi total, according to a 2022 hacking analysis.

Those numbers changed the meaning of transparency. DeFi users could see what happened. They could follow stolen funds, inspect transactions, and watch governance respond.

Public ledgers made the failures immediate and brutally legible. A bank breach can take months to identify and disclose. A drained pool becomes visible in the block where it happens.

The recent rise in crypto theft has a different composition from the 2021-2022 DeFi exploit cycle. The 2024 hacking review showed losses rising again as attacker focus shifted toward private-key and centralized-service targets.

The 2025 crime trend summary highlighted private-key compromises as a major vector. The mid-year 2025 update showed the escalation after Bybit before the year-end picture was complete.

The 2026 report preview then described more than $3.4 billion stolen in 2025, with the Bybit compromise alone accounting for about $1.5 billion.

TRM’s 2025 Crypto Crime Report provides the prior-year baseline, while its 2026 Crypto Crime Report puts 2025 hack losses at $2.87 billion, with Bybit at $1.46 billion, or 51% of that total.

That nuance helps DeFi on one axis and hurts it on another. DeFi protocol exploit losses appeared to have improved since the 2022 peak.

At the same time, the broader crypto stack still looks brittle, seems to be surging again through new AI tooling, and DeFi’s original user-sovereignty pitch depends on that broader stack.

If the wallet, signing process, bridge, front end, governance channel, or collateral wrapper becomes the weak point, the user experiences a system failure. Dynamic incident databases, such as DeFiLlama’s hacks tracker, exist because the failure surface remains wide and constantly evolving.

Thinking back, one of the DeFi projects I was excited about in 2021 was PancakeBunny. It was a small project, but I liked the UI, the branding, the infrastructure, and I even bought some merch. I was wearing the hoodie this week when I took a moment to think back to all the other DeFi projects that had similar or greater potential and have simply died. It almost seems that the official product life cycle in DeFi includes a hack, an exploit, a pump-and-dump, or insolvency.

“On a long enough timeline, the survival rate for all [DeFi projects] drops to zero.” – Chuck Palahniuk, Fight Club

While a fairly niche project, I think PancakeBunny is a useful example because it condensed the emotional cycle into a single event. Rekt reported that a May 2021 flash-loan manipulation hit the protocol for about $45 million, pushed BUNNY from $146 to $6, and struck after the protocol had once held more than $10 billion in TVL.

The case looks like an early template: unknown protocol, rapid yield-driven growth, giant TVL, manipulation, collapse, then a token chart that never recovers the old story.

That pattern is why the security question carries more weight than any single hack. DeFi promised an alternative trust model. For many users, it became a new risk stack with fewer intermediaries to complain to when something broke.

Aave shows how mature DeFi stress now unfolds in public

Aave is a better current test than most smaller protocols because it remains one of DeFi’s core lending venues. If a marginal farm fails, the conclusion says little about the system.

If a leading lending protocol is forced into visible crisis management, the implication is wider.

The April 2026 rsETH incident is therefore important, but it needs careful language. The Aave incident report said the event originated outside Aave, from Kelp’s LayerZero V2 Unichain to Ethereum rsETH route, which had been configured as a 1-of-1 DVN path.

The report said a forged inbound packet released 116,500 rsETH from the Ethereum-side adapter, and that 89,567 rsETH were deposited on Aave. It also stated that Aave’s smart contracts were not compromised and that Aave’s protocol logic continued to function as designed.

The Aave governance report framed the issue as collateral, bridge, and external-asset risk rather than an exploit of Aave itself.

That caveat protects Aave from a false claim that its own contracts were hacked. It also reinforces the deeper DeFi problem.

In a composable system, a protocol can behave correctly and still inherit stress from the asset, bridge, oracle, market, or governance decision it accepted into its risk perimeter.

The report modeled hypothetical bad-debt scenarios ranging from about $123.7 million to $230.1 million, depending on how losses were allocated.

It also described defensive actions, including freezes of rsETH and wrsETH reserves across Aave V3 deployments, WETH freezes on several markets, and interest-rate adjustments.

That is a mature response system. It is also an admission that mature DeFi requires circuit breakers, guardians, risk stewards, emergency parameter changes, and coordinated governance.

The public forum made the human side visible. One Aave governance post argued that $ETH price appreciation could worsen the bad-debt gap over time because some liabilities were effectively fixed in $ETH terms while available backstops were denominated in stablecoins and dollars.

Other replies disputed parts of the framing, narrowed the issue to L2 exposure, or urged emergency coordination. The forum discussion should be treated as live stakeholder pressure with unresolved accounting.

CryptoSlate has tracked adjacent Aave pressure, including contributor departures testing Aave’s lending lead and governance conflict around protocol dominance.

Still, the public nature of the debate is the point. DeFi crises happen in view. Depositors, borrowers, tokenholders, analysts, and competitors can watch the governance process unfold.

That gives DeFi a transparency advantage over closed financial systems. It also exposes how much judgment remains inside a supposedly automated system.

The TradFi comparison is real, but the math is uneven

The claim that DeFi looks less secure than traditional finance needs more care and consideration of nuance than sentiment allows these days.

Traditional finance suffers serious cyber incidents, fraud, operational failures, and data breaches. The difference is that those failures move through legal, regulatory, insurance, and disclosure systems that are much slower and less visible than blockchains.

A bank’s customer database breach, an outage, a business-email compromise, and a direct theft from a crypto bridge are all security events. They sit in different categories.

The U.S. public-company disclosure regime illustrates the difference. The SEC requires domestic public companies to disclose material cybersecurity incidents on Form 8-K within four business days after determining materiality.

The deadline starts from the materiality determination rather than the first suspicious log entry. That gives companies time to assess scope, legal exposure, operational impact, and national-security considerations.

Bank regulators use another channel. The OCC’s computer-security incident notification rule requires a bank to notify its primary federal regulator as soon as possible and no later than 36 hours after determining that a notification incident occurred.

That is a regulatory notification channel rather than a public blockchain ledger.

Cost data shows the scale while preserving the comparison limit. IBM reported that financial industry enterprises averaged $6.08 million per data breach in 2024, above the global average, and that breaches involving 50 million or more records averaged $375 million.

It also put the average identification time for financial firms at 168 days and containment at 51 days. Those figures show that TradFi security failures can be expensive and slow to surface.

Of the 600 breaches analyzed in IBM’s 2025 report, an implied aggregate cost of about $2.66 billion, based on the reported global average breach cost of $4.44 million

So perhaps, DeFi is not dying because it’s less secure than TradFi, but its transparency and immediate public impact create an unsolvable marketing problem.

The amount lost to exploits across DeFi and TradFi appears comparable using the figures above. Around $2.6 billion was lost in TradFi in 2025 and $2.8 billion in DeFi.

However, DeFi moved roughly $10 to $13 trillion last year, while over $28 trillion passed through Mastercard and Visa payment rails alone. When you add in FX markets and Fed funds, you move into the quadrillions in TradFi volume.

Using some napkin math, we can estimate DeFi’s total volume ceiling at around $46 trillion and TradFi’s at around $3.5 quadrillion. Therefore, losses work out to roughly 0.006% of volume in DeFi, compared to 0.00007% in TradFi. This is an 86-fold higher loss rate in DeFi, or 8,500%.

So that’s part marketing and PR issue, but mostly a reliability red flag.

IC3 data adds another layer. The FBI said its 2025 Internet Crime Report showed nearly $21 billion in cyber-enabled crime losses reported by Americans, with more than $11 billion tied to cryptocurrency complaints.

For context, here’s a small sample of DeFi exploits we’ve covered over the years.

1. https://cryptoslate.com/defi-users-pull-out-10-billion-from-market-as-292-million-exploit-sparks-bank-run-optics/
2. https://cryptoslate.com/six-years-after-defi-summer-is-the-sun-already-setting-on-the-decentralized-finance-revolution/
3. https://cryptoslate.com/circle-usdc-drift-hack-freeze-controversy/
4. https://cryptoslate.com/drift-hack-stabble-crypto-insider-risk/
5. https://cryptoslate.com/new-ledger-breach-didnt-steal-your-crypto-but-it-exposed-the-one-thing-that-leads-criminals-to-your-door/
6. https://cryptoslate.com/how-11-audits-couldnt-stop-balancers-128-million-hack-redefining-defi-risks/
7. https://cryptoslate.com/billions-stolen-dozens-arrested-is-crypto-crime-peaking-or-adapting/
8. https://cryptoslate.com/hackers-steal-140m-from-brazilian-central-bank-reserve-accounts-via-partner-breach/
9. https://cryptoslate.com/beyond-hacks-understanding-and-managing-economic-risks-in-defi/
10. https://cryptoslate.com/pump-fun-halts-trading-after-suffering-flash-loan-exploit/
11. https://cryptoslate.com/aave-and-yearn-finance-exploited-for-over-10m-in-stablecoins/
12. https://cryptoslate.com/hackers-steal-record-3-8b-during-2022-chainalysis/
13. https://cryptoslate.com/gravity-of-not-your-keys-not-your-coins-hits-home-as-trust-wallet-spikes-113-to-new-ath/
14. https://cryptoslate.com/hacker-self-destructs-1m-loot-gained-from-defi-exploit/
15. https://cryptoslate.com/record-amounts-of-crypto-were-stolen-in-defi-hacks-last-quarter/
16. https://cryptoslate.com/over-8k-solana-wallets-drained-of-funds-10m-estimated-missing/
17. https://cryptoslate.com/the-biggest-defi-hit-ever-poly-network-sees-600-million-crypto-heist
18. https://cryptoslate.com/latest-ethereum-defi-exploit-sees-14-million-stolen-from-furucombo/
19. https://cryptoslate.com/flash-loan-attack-on-defi-platform-belt-finance-sees-6-2-million-gone/
20. https://cryptoslate.com/defi-risks-hackers-drain-500k-in-link-wrapped-eth-and-other-alts-from-balancer-pools/

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
NBTC

NBTC is the editorial account for NBTC News, covering Bitcoin, Ethereum, DeFi, blockchain infrastructure, exchanges, mining, regulation and digital asset markets. The editorial team focuses on clear sourcing, timely updates and practical context for crypto readers.

Related Posts

Uniswap integrated Sky’s LitePeg to enable 1:1 swaps among DAI, USDS and USDC

09/07/2026

Nado expands xPoint rewards for xStocks users on Ink Chain

09/07/2026

Aave rolls out vaults for yield-hungry fintech investors

09/07/2026

Is Monad’s record $477mln TVL organic or incentive-driven? Assessing…

08/07/2026
Add A Comment

Comments are closed.

Top Posts
Get Informed

Subscribe to Updates

Get the latest news from NBTC regarding crypto, blockchains and web3 related topics.

Your source for the serious news. This website is crafted specifically to for crazy and hot cryptonews. Visit our main page for more tons of news.

We're social. Connect with us:

Facebook X (Twitter) LinkedIn RSS
Top Insights

Could Polymarket’s $6.5mln lawsuit reshape prediction-market disputes?

09/07/2026

Solana Advances with USDC Payment Integration

09/07/2026

Bitcoin just broke below the floor of its famous Rainbow Chart into the ‘BTC is dead’ zone

09/07/2026
Get Informed

Subscribe to Updates

Get the latest news from NBTC regarding crypto, blockchains and web3 related topics.

Type above and press Enter to search. Press Esc to cancel.