What Is DeFi (Decentralized Finance)? How It Works and Key Risks
Last updated 04/10/2026 by
Ante Mazalin
Edited by
Andrew Latham
Summary:
DeFi (decentralized finance) is a financial system built on blockchain networks — primarily Ethereum — that uses self-executing smart contracts to replicate traditional financial services like lending, borrowing, trading, and earning interest without banks, brokers, or centralized intermediaries.
DeFi spans several core application types.
- Decentralized exchanges (DEXs): Platforms like Uniswap that allow peer-to-peer cryptocurrency trading directly from a user’s wallet, without a centralized exchange holding customer funds.
- Lending and borrowing protocols: Platforms like Aave and Compound that allow users to deposit crypto assets as collateral and borrow other assets, or earn interest by supplying liquidity — all governed by code rather than a credit department.
- Yield farming and liquidity mining: Strategies where users supply assets to DeFi protocols in exchange for protocol fees and governance token rewards.
- Stablecoins: Crypto assets pegged to a fiat currency (typically the U.S. dollar) that serve as DeFi’s unit of account — enabling lending and trading without exposure to crypto price volatility.
DeFi emerged as a meaningful category around 2020, when the total value locked (TVL) in DeFi protocols first surpassed $1 billion. By 2021, TVL peaked above $180 billion. After the crypto market correction of 2022 — triggered partly by the collapse of the Terra/LUNA stablecoin and the FTX exchange — TVL pulled back sharply, before recovering through 2024.
Understanding DeFi requires understanding why it exists: to create financial services that any person with an internet connection and a crypto wallet can access, without identity verification, credit checks, or geographic restrictions.
How DeFi Works
Traditional finance relies on trusted intermediaries — banks hold deposits, brokers execute trades, and lenders underwrite loans. Each intermediary charges fees, requires identity verification, operates during business hours, and controls access to services.
DeFi replaces intermediaries with smart contracts — self-executing programs stored on a blockchain that automatically enforce the terms of a financial agreement when conditions are met. A DeFi lending protocol doesn’t need a loan officer because the smart contract handles collateral requirements, interest calculations, and liquidations automatically.
The core building blocks:
- Blockchain: The decentralized ledger where all transactions are recorded and verified. Ethereum is the dominant DeFi blockchain; others include Solana, Avalanche, and BNB Chain.
- Smart contracts: Self-executing code that holds and moves funds according to programmed rules. Once deployed, they operate autonomously — no company can freeze them or change the rules unilaterally.
- Wallets: Non-custodial wallets (MetaMask, Coinbase Wallet) that give users direct control of their private keys — and therefore their assets. DeFi protocols interact with wallets, not accounts.
- Tokens: Digital assets on the blockchain. ETH is the native currency of Ethereum; wei is its smallest unit (1 ETH = 10¹⁸ wei). DeFi protocols also issue their own governance tokens.
DeFi vs. Traditional Finance (CeFi)
| Factor | DeFi | Traditional Finance (CeFi) |
|---|---|---|
| Intermediary | Smart contracts (code) | Banks, brokers, exchanges |
| Identity verification | Not required — wallet address only | Required (KYC/AML) |
| Access | Anyone with a crypto wallet and internet connection | Subject to geographic restrictions, credit requirements, account approval |
| Availability | 24/7/365 — protocols don’t close | Business hours; settlement delays |
| Custody of assets | User retains control via private keys | Institution holds assets on your behalf |
| Transparency | All transactions visible on-chain | Internal ledgers — not publicly visible |
| Consumer protection | None — no FDIC, no SIPC, no regulatory backstop | FDIC insurance, SIPC coverage, regulatory oversight |
| Smart contract risk | Yes — bugs in code can be exploited | No |
Core DeFi Applications
Decentralized Exchanges (DEXs)
DEXs like Uniswap and Curve allow users to swap one cryptocurrency for another directly from their wallet using automated market maker (AMM) algorithms instead of order books. There is no exchange operator holding funds — trades execute instantly on-chain. DEX volume surpassed $1 trillion in 2023 across major protocols.
Lending and Borrowing
Protocols like Aave and Compound allow overcollateralized borrowing — you deposit $150 worth of ETH to borrow $100 worth of stablecoins. Interest rates are set algorithmically based on supply and demand. If your collateral value falls below the required threshold, the protocol automatically liquidates it — no phone call, no grace period. See also: NFTs as collateral, an emerging DeFi use case.
Stablecoins
Stablecoins are the connective tissue of DeFi — they allow users to transact at stable value without converting back to fiat. USDC and USDT are fiat-backed; DAI is algorithmically maintained. The collapse of the algorithmic stablecoin TerraUSD (UST) in May 2022 wiped approximately $40 billion in market value within days, demonstrating the systemic risk stablecoins can carry.
Yield Farming
Yield farming involves supplying liquidity to DeFi protocols in exchange for a share of protocol fees plus governance token rewards. Annualized yields can be extremely high (100%+) during protocol launches but typically compress as more capital enters. High yields carry commensurate risks: smart contract exploits, impermanent loss, and governance token depreciation.
Pro Tip: Before interacting with any DeFi protocol, verify it has been audited by a reputable smart contract security firm (Certik, Trail of Bits, OpenZeppelin). Audits don’t guarantee safety — multiple audited protocols have been exploited — but unaudited protocols carry substantially higher risk. DeFi hacks and exploits totaled over $3.8 billion in 2022 alone, according to Chainalysis. Never deposit more than you are willing to lose entirely.
DeFi Risks
| Risk | What It Means |
|---|---|
| Smart contract exploit | Bugs in protocol code can be exploited by attackers to drain funds. Code is immutable once deployed — no “undo” button. |
| Impermanent loss | Liquidity providers on DEXs can end up with less value than if they’d simply held the assets, when prices diverge significantly. |
| Liquidation risk | Borrowers whose collateral falls below required ratios are automatically liquidated — there is no lender to negotiate with. |
| Regulatory risk | DeFi protocols operate in a largely unregulated environment. Regulatory intervention could restrict access or require KYC compliance. |
| Stablecoin depeg risk | Stablecoins can lose their peg — as TerraUSD demonstrated in 2022 — causing cascading losses across interconnected protocols. |
| Rug pulls | Protocol developers abandon a project and drain liquidity. Common in new or unaudited protocols with anonymous teams. |
| Wallet/key loss | Loss of a private key means permanent loss of access to funds — no account recovery, no customer service. |
Key takeaways
- DeFi uses smart contracts on blockchains like Ethereum to replicate financial services — lending, trading, earning interest — without banks or brokers.
- The main DeFi categories are decentralized exchanges (DEXs), lending/borrowing protocols, stablecoins, and yield farming.
- DeFi has no FDIC insurance, no SIPC coverage, no regulatory backstop, and no customer service. Lost funds from exploits or lost keys are not recoverable.
- Smart contract exploits are the primary risk — DeFi hacks exceeded $3.8 billion in 2022. Always verify that protocols have been independently audited before depositing funds.
- Stablecoins are the unit of account in DeFi but carry their own risks — the TerraUSD collapse in 2022 erased approximately $40 billion in value within days.
- DeFi is accessible to anyone globally with a crypto wallet, but “accessible” and “safe” are not the same thing.
Frequently Asked Questions
Is DeFi legal in the United States?
DeFi is not illegal in the U.S., but it exists in a regulatory gray area. The SEC has asserted jurisdiction over many DeFi tokens as securities. The CFTC has pursued enforcement actions against DeFi protocols for unregistered derivatives trading.
Regulatory clarity is evolving — some DeFi activities may become subject to registration requirements under future legislation. Users interacting with DeFi protocols assume full responsibility for compliance with their local laws.
How is DeFi different from cryptocurrency?
Cryptocurrency (Bitcoin, Ethereum, etc.) refers to digital assets on a blockchain. DeFi refers to financial applications built on top of those blockchains. Bitcoin itself has no native DeFi ecosystem — it’s primarily a store of value.
Ethereum is the foundation of most DeFi because it supports smart contracts. You need cryptocurrency to interact with DeFi, but owning cryptocurrency doesn’t mean participating in DeFi.
Can DeFi replace traditional banking?
In its current state, no — DeFi lacks the consumer protections, regulatory framework, stable infrastructure, and user experience necessary for mainstream adoption as a banking replacement. It functions as an alternative financial layer accessible to those willing to manage technical complexity and accept significant risks.
For mainstream consumers, neobanks and challenger banks represent a more practical evolution of financial services without the custody and smart contract risks DeFi carries.
Table of Contents