Flying Tulip, a DeFi protocol, has introduced a circuit breaker mechanism designed to slow down or queue withdrawals during periods of high demand. The move comes after April saw DeFi losses top $600 million due to a series of high-profile exploits.
According to official documentation, the circuit breaker is meant to limit how quickly funds can leave the protocol when withdrawal demand exceeds capacity. This gives the team time to review unusual activity and contain potential damage. The mechanism activates during abnormal outflows, capping the pace of asset withdrawal in worst-case scenarios.
Different behavior across products
The system does not behave the same way across all Flying Tulip products. In the Perpetual PUT product, which uses the first version, withdrawal attempts may fail and need to be retried later.
For its stable asset and settlement currency ftUSD, the second version queues withdrawal requests. Instead of facing outright rejection, users can claim funds after a delay. A dedicated status page lets users track how the circuit breaker is operating at any given time.
The feature is built with a “fail-open” design. This means transactions keep moving even if the safety layer itself malfunctions. It still slows abnormal outflows but does not block them entirely.
Exploits expose weaknesses beyond smart contracts
Industry calls for implementing circuit breakers have been mounting over the past months. Recent incidents have drawn attention to risks that extend past code vulnerabilities, with operational failures taking center stage.
Weaknesses tied to multisig setups, infrastructure configurations, and key management have come under scrutiny. Attackers found ways to bypass traditional smart contract defenses by exploiting these operational gaps.
Massive losses in April
According to blockchain security firm CertiK, total DeFi losses crossed $600 million within the first few days of April alone. Two incidents accounted for nearly all of the losses.
On April 2, Drift Protocol suffered an exploit estimated at about $280 million. Weeks later, on April 19, the Kelp liquid restaking platform lost roughly $293 million in another attack. Fallout from the Kelp incident prompted Aave to freeze rsETH markets on its V3 and V4 deployments.
These events underscore the growing need for safety mechanisms like circuit breakers, which can help protocols respond more effectively when things go wrong. While not a complete solution, they offer a practical layer of protection that may prevent total losses in the future.
