Decentralized finance, or DeFi, has been a hot buzzword for the past 7 years. Although DeFi total-value-locked or TVL has surged dramatically over the years from merely $500 million (roughly speaking) in 2018 to currently in the tens of billions of dollars (according to available data), the nascent sector poses more security challenges than offering any significant benefits. This past April 2026 saw some of the most damaging DeFi and crypto hacks, including Drift Protocol and Kelp DAO, take place in the history of Bitcoin and digital assets.
In addition to sophisticated hacks, the DeFi space is experiencing new variations of scams that are further enabled by AI algorithms. Moreover, there seems to be no real decentralization, as many incidents have involved the Admin key being compromised, resulting in large amounts of digital assets being drained almost instantly. According to many crypto and web3 analysts, this raises concerns that the space is decentralized in name only, not in practice.
Not only are most of these so-called DeFi platforms not actually decentralized, but there is also no widespread consensus on what actually qualifies as proper decentralization. Up until now, the only cryptocurrency protocol that is actually decentralized is Bitcoin (BTC), but even the leading digital currency network is susceptible to centralization concerns, with large holders like Strategy and creator Satoshi Nakamoto holding very large amounts of the digital asset.
Other challenges to DeFi include the lack of widespread consensus on exactly what constitutes decentralized finance, much like Web3. During the past year, though, the term Web3 has also become increasingly irrelevant and ambiguous, and much of the hype surrounding the space, such as NFTs and memecoins, is merely a passing fad.
What has emerged from all this experimentation is a range of legitimate crypto products and services, including Bitcoin, digital asset-backed loans, digital currency-backed credit products, and a wide range of so-called DeFi services that can enhance the user experience. But pure DeFi remains vulnerable due to a large number of hacks and security breaches in the past year and earlier.
In conclusion, it should not matter whether something is decentralized (or not) or whether it is part of Web3 or not. What really matters is if these innovations, like stablecoins, are actually benefitting consumers and are useful.
Proper and robust safeguards are needed for DeFi to thrive, and it may not even be necessary for every component or aspect of these platforms to be completely decentralized. The main goal should be to enable greater financial inclusion while protecting consumers from fraud and other forms of malicious activities carried out online or in-person.