A16Z Crypto Calls for Shift in DeFi Security: Norms Over Code

Source: CryptoNewsNet Original Title: A16Z Crypto Calls for Shift in DeFi Security, Norms Over Code Original Link:

Overview

The decentralized finance (DeFi) sector is facing intensified scrutiny over persistent security breaches throughout 2024. In response, A16Z Crypto has called for a structural shift in how protocols secure digital assets. Instead of relying solely on self-executing code, the firm recommends standardized security practices backed by community norms.

A16Z Crypto is urging DeFi to move away from the long-held idea of “code is law” toward “norms are law,” warning that code alone is no longer sufficient to secure complex on-chain financial systems.

A16Z Focuses on Shifting Toward Security Norms Over Solely Trusting Code

A16Z Crypto is encouraging DeFi developers to embrace an alternative structure that puts operational norms and best practices on par with code. The company also claims that code, though important, is not able to foresee and avert all possible vulnerabilities of increasingly sophisticated protocols. This layered defense model would allow projects to be proactive in response to threats as they evolve.

Immutability checks, simulating attacks, and security sharing standards are encouraged for developers. Such standards would minimize technical debt as well as encourage a sense of accountability in decentralized systems. A16Z is of the opinion that this collaborative methodology can minimize system-wide risk.

The rationale behind this strategic recommendation is that code is no longer adequate. As new attack vectors appear regularly, robust operational norms may become a welcome safety net. In addition, norms are able to evolve more quickly than code patches or governance votes.

2024 Experiences DeFi Exploits with Massive Losses

In 2024, hackers have drained more than $649 million from DeFi protocols due to vulnerabilities and system bugs. This increase in the number of attacks demonstrates the vulnerabilities of current smart contract designs and the lack of coherent security policies. Some major protocols were breached in the millions of dollars through ignored permissions and logic errors.

According to industry reports, such monetary losses indicate that audits alone will not ensure safety. A large number of compromised protocols had been audited by third parties before deployment. Consequently, code assessment on its own has failed to effectively address current threat conditions.

A16Z states that platforms should adopt a culture of constant review and proactive risk mitigation. Disregarding evolving threats, projects might experience operational failures and loss of user confidence. A unified security culture is presented as one of the main measures to reduce exposure in the future.