Is DeFi Dead? Wintermute CEO Gaevoy Does Not See Innovation Prospects
TL;DR
Wintermute CEO Evgeny Gaevoy warns that decentralized finance (DeFi) faces significant structural risks that hinder innovation. He emphasizes that the interconnectedness of protocols increases risk rather than mitigates it.
Key points
- Evgeny Gaevoy is the CEO of Wintermute.
- DeFi is currently facing significant structural risks.
- Composability can increase risk in interconnected protocols.
- Failures in DeFi can have spillover effects across multiple layers.
- Innovation in DeFi appears bleak at this stage.
Mentioned in this story
Evgeny Gaevoy, CEO of Wintermute, has given a frank evaluation of decentralized finance's current situation, highlighting structural risks that still impede innovation.
DeFi not doing well
Gaevoy expressed concerns about composability and how interconnected protocols increase risk rather than distribute it, saying that things appear pretty bleak for DeFi innovation at this stage, in response to recent developments.
His argument is based on a fundamental tenet of DeFi. Protocols can build upon one another thanks to composability, which is frequently touted as one of the industry's greatest advantages. In reality, the same characteristic produces tightly coupled systems in which a single failure can spread to several layers.
According to Gaevoy, the way risk should be assessed has changed since exploits' spillover effects are no longer contained within a single protocol.
Series of attacks
His comments come at an opportune moment. On April 18, 2026, KelpDAO was the victim of an exploit valued at approximately $290 million. Initial signs point to a highly skilled, state-affiliated actor, most likely connected to the DPRK's Lazarus Group.
Source: LayerZero
The attack itself was not a simple smart contract malfunction. Rather, it specifically poisoned downstream RPC nodes utilized in the LayerZero Labs Decentralized Verifier Network. Under very specific circumstances, this made it possible for attackers to alter verification pathways.
What counts in the bigger picture is how the system design influenced the result. Because of a 1-of-1 DVN configuration, the incident was limited to KelpDAO's rsETH configuration, thereby creating a single point of failure. Although it is explicitly supported by LayerZero's architecture, multi-DVN configurations with redundancy were not implemented.
Consequently, once the attack path was established, there was no independent validation layer that could reject forged messages.
The event strengthens Gaevoy's position, despite the technical containment and lack of contagion to other assets or applications. The complexity needed to secure interconnected systems keeps growing, even when damage is isolated. With every new integration, the attack surface grows, and highly skilled actors are beginning to take advantage of this fact.
Q&A
What are the main risks facing DeFi according to Evgeny Gaevoy?
Evgeny Gaevoy identifies structural risks related to composability, where interconnected protocols can amplify failures instead of distributing risk.
How does composability affect innovation in DeFi?
Composability, while allowing protocols to build on each other, creates tightly coupled systems that can lead to widespread failures, stifling innovation.
What changes in risk assessment does Gaevoy suggest for DeFi protocols?
Gaevoy suggests that risk assessment needs to adapt to the reality that exploits can have spillover effects across multiple protocols, rather than being isolated.
