Decentralized finance (DeFi) protocols are moving to freeze stolen funds, while centralized issuers are drawing criticism for their slower responses.
A recent action on Arbitrum led to the freezing of assets linked to an attacker following a major exploit. Meanwhile, some stablecoin issuers, including Circle, have faced public criticism for their delayed or limited actions in similar cases.
Connor Howe, CEO and co-founder of the cross-chain infrastructure project Enso, noted that crypto protocols are not much different from centralized platforms or banks if a small group can freeze funds.
“The difference from a bank compliance officer is smaller than DeFi idealists will ever acknowledge,” Howe told Cointelegraph.
The debate is not the usual argument between decentralization and centralization, but rather about who has the authority to intervene and how quickly they can act. In practice, this can determine whether stolen funds are stopped or escape.
Crypto community divided on Arbitrum’s decision to freeze stolen funds. Source: Joe Hall
The limits of decentralization in DeFi
Simply put, the industry is divided on whether protocols that claim to be decentralized should have the ability to freeze funds during exploits.
Protocols like THORChain have stated they cannot freeze funds by design, even during exploits. However, security researchers have challenged this claim, citing past instances where intervention did occur.
THORChain founder’s defense against the security community. Source: JP Thorbjornsen
Related: Crypto projects shut down as token models fail under pressure
Bernardo Bilotta, CEO of stablecoin infrastructure platform Stables, argued that the function is necessary but must operate within clear boundaries.
“Freeze capabilities need to be narrowly defined, time-limited, and governed by transparent criteria established before the breach occurred,” Bilotta told Cointelegraph. “A protocol shouldn’t be improvising rules during a crisis.”
Bilotta described choosing “philosophical purity” over user protection as “negligence.”
The recent $293 million Kelp DAO exploit brought these discussions back into focus as Arbitrum froze some of the stolen funds linked to suspected North Korean hackers. Some in the industry felt the decision went against DeFi’s core principles.
The Ethereum layer-2 network has a 12-member security council with the authority to implement certain changes to the protocol. In emergencies, it can act with approval from nine of the 12 members via its multisig wallet.
Arbitrum security council members are elected by the network’s decentralized autonomous organization. Source: Arbitrum
Howe suggested that transparency in how such security councils operate can still distinguish DeFi platforms from traditional finance or their centralized counterparts.
“That’s notably different from a TradFi institution that invokes discretionary powers buried in their terms of service and guarded by their legal team,” Howe said.
“There should be transparency in every protocol around
Who Controls the Keys and How Are They Guarded?
If it’s unclear who has control and what safety measures exist to prevent misuse, the claim of decentralization is just a hollow phrase.
How Centralized Issuers Handle Security Differently
Among all cryptocurrencies, centralized stablecoins see the highest trading volume. The biggest players are Tether’s USDt and Circle’s USDC, together boasting a market cap exceeding $266 billion.
Both companies possess the ability to freeze their stablecoins, but each follows its own protocol.
Tether tends to act swiftly to lock funds during security incidents, whereas Circle stresses adherence to legal procedures and jurisdictional rules before stepping in.
“Let me clarify a common misconception: when Circle freezes USDC, it isn’t a decision we make alone or without reason,” wrote Dante Disparte, Circle’s head of global policy, in a recent post.
“Freezing funds is a compliance requirement—we only do it when a legitimate legal authority compels us through proper channels,” he explained.
Circle faced pressure to defend this stance after the recent $280 million hack on Drift, a protocol built on Solana—also linked to North Korean hackers.
Circle’s response failed to satisfy security experts seeking answers. Credit: ZachXBT
Related: Could Ethereum’s EEZ Draw Other Blockchains Into Its Ecosystem?
Bilotta argues that delaying action until legal orders arrive—even when blockchain evidence is clear—amounts to a “failure of responsibility.”
Deciding What Counts as an “Extreme” Situation
Major hacks—especially those tied to North Korean groups—have forced the industry into what most would call extreme scenarios: vast sums stolen and laundered within moments.
This raises the critical question: who gets to decide what makes a situation extreme, and when is intervention justified?
“This is a question the industry has long avoided,” said Wish Wu, CEO of institutional layer-1 blockchain firm Pharos.
“In reality, “extreme” is often defined retroactively by whoever actually holds the keys—exactly the problem decentralization was supposed to solve,” he noted.
Wu suggests a better approach: clearly define these conditions ahead of time and embed them into governance structures, even if some edge cases remain unaddressed.
“Can a small, identifiable group move user funds before users have a fair chance to withdraw?” Wu asked.
“If yes, then regardless of marketing claims, the system is effectively custodial. Only if the answer are we having an honest discussion about which governance and security tradeoffs fit different needs.”
Below that threshold, decentralization loses its real meaning, he added.
Magazine: AI-Powered Hacks Could Destroy DeFi—Unless Projects Take Action Now
