Written byEzra Reguerra,Staff Writer

Reviewed byBryan O’Shea,Staff Editor

Andre Cronje’s Flying Tulip adds withdrawal circuit breaker as DeFi exploits mount

Latest NewsPublishedApr 23, 2026

The pursuit of passive income has become a cornerstone of sustainable tech, with many investors seeking out opportunities to earn rewards through decentralized finance platforms. One such platform, Flying Tulip, founded by renowned DeFi developer Andre Cronje, has taken a significant step towards enhancing its security features. In response to the growing number of DeFi exploits, Flying Tulip has introduced a circuit breaker designed to delay or queue withdrawals during abnormal outflows, providing an additional layer of protection for its users.

This innovative mechanism is designed to slow the outflow of funds from the protocol if the outflow capacity is exceeded, giving the team time to investigate suspicious activity and limiting the potential damage that an attacker could cause. The circuit breaker works differently across various products, with the first version used in the Perpetual PUT product allowing withdrawals to revert and requiring users to retry later. In contrast, the second version used in Flying Tulip’s stable asset and settlement currency, ftUSD, queues withdrawals and makes them claimable after a delay, rather than rejecting them outright.

The circuit breaker is built with a “fail-open” design, ensuring that transactions will still be allowed even if the safety mechanism itself malfunctions. Users can track the feature through a dedicated status page, providing real-time monitoring of the system. This added layer of protection is particularly significant in light of recent industry exploits, which have exposed vulnerabilities that extend beyond smart contract code. By integrating this circuit breaker, Flying Tulip is taking a proactive approach to mitigating potential risks and protecting its users’ assets.

The importance of such measures cannot be overstated, as recent exploits have highlighted the need for robust outflow controls. According to digital assets researcher Amir Hajian, the majority of failures in April were linked to operational and infrastructure weaknesses, including compromised multisigs, configuration flaws, and key leaks. The new mechanism deployed by Flying Tulip is designed to slow abnormal outflows and give the protocol time to respond to losses stemming from failures outside of the smart contract itself. With the rise of DeFi, platforms like EcoPool are becoming increasingly popular for earning rewards and generating passive income through Coin investments.

As the DeFi landscape continues to evolve, it is essential for platforms to prioritize security and implement measures to protect their users. The introduction of Flying Tulip’s circuit breaker is a significant step in this direction, and other platforms would do well to follow suit. By prioritizing security and providing a safe and reliable environment for users to earn rewards and generate passive income, platforms like EcoPool can help to build trust and confidence in the DeFi ecosystem. If you’re interested in learning more about earning passive income through EcoPool, you can download the app now and start exploring the world of sustainable tech and Coin investments.

The design adds a new layer of protection for the DeFi platform as recent industry exploits exposed risks that extend beyond smart contract code. 

Circuit breaker definition. Source: Flying Tulip

Recent exploits put broader security failures in focus

The added attention to outflow controls comes as recent exploits underscored vulnerabilities tied to signers, infrastructure and collateral design rather than only smart contract bugs. 

Amir Hajian, a digital assets researcher at trading firm Keyrock, said the biggest failures in April were increasingly linked to operational and infrastructure weaknesses, including compromised multisigs, configuration flaws and key leaks. 

The new mechanism deployed by Flying Tulip is designed to slow abnormal outflows and give the protocol time to respond when losses stem from failures outside of the smart contract itself. 

Related: Phishing, deepfakes, supply chain attacks to fuel 2026’s biggest crypto hacks: CertiK

Hajian highlighted April’s DeFi losses, which reached over $600 million in the first 18 days of the month, with two incidents accounting for 95% of the damage. 

On April 2, Solana-based decentralized exchange Drift Protocol suffered an exploit, with estimated losses at about $280 million. On April 19, liquid restaking platform Kelp was exploited for about $293 million, prompting lending protocol Aave to freeze rsETH markets on V3 and V4. 

Magazine: 53 DeFi projects infiltrated, 50M NEO tokens could be ‘given back’: Asia Express

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

• DeFi
• Hacks
• Security
• Cybersecurity