We still have to rely on centralization just to gain access to decentralization and that needs to stop.
On November 18th, Cloudflare, the CDN managing roughly 20% of global web traffic, had a software failure. Users who were trying to gain access to crypto exchanges started showing over 500 messages. The digital blackout also caused the block explorer to go dark and freeze several DeFi dashboards.
Despite blockchains showing no signs of network hiccups, the infrastructure collapsing around them made it impossible.
The blockchain industry is often boasted as a sector that doesn’t have geographical borders and its activity is always round-the-clock. In fact, blockchain leaders have spent years hardening the Layer 1 protocols against Byzantine faults and Sybil attacks. Yet, the one thing preventing traders from accessing their funds is when a bridge solver gets compromised, for instance, the Garden Finance incident, where $11 11million vanished.
The biggest losses this year came from the pipes connecting blockchains to users and to each other.
Follow the Money Out the Door
Taking a closer look at the losses, most of these losses happened during bridging attacks, API compromises, and routing logic errors. A security analysis revealed that $2.47 billion was lost in the first half of 2025 across 344 incidents, while $509 million was lost in the third quarter of 2025. Around $1.71 billion was stolen by the dominating wallet compromises and phishing attacks caused roughly $410.7 million losses.
Most risk frameworks still model protocol risk, calculating the probability that Ethereum or Solana suffers a consensus failure. But the actual exposure lies elsewhere. Connectivity risk is where the money gets lost, yet it barely registers in most threat models.
For instance, in the case of the Garden Finance attack, the team stressed the protocol was unaffected and that no user funds were lost, but the system still had to halt while the team investigated. That was the connectivity risk in its pure form.
Source: Certik
Where the System Breaks
Apart from the Cloudflare outage, there were several internet disruptions that users faced, affecting their access to the decentralized world. These incidents exposed a harsh reality of how decentralized applications still ran on centralized infrastructures despite all the so-called next-generation innovations in the space.
Let’s take an example of what happens when a trader executes a swap on a decentralized exchange. Most of the transaction takes place on-chain, but to get there, the trader requires multiple components to work in a sequence: CDN would serve as the front-end; the DNS resolves the domain; and finally, the RPC nodes would relay the transactions. Finally, the price oracles would fetch the market data, and the wallet providers would focus on maintaining the network connections.
Any single failure at any step would completely halt the whole transaction, making the blockchain’s operational status irrelevant.
Bridges make this worse because they add more moving parts between you and your money. When Garden Finance’s solver was exploited, users did everything right and still saw funds drained because the failure happened off chain, in the handoff. The blockchain kept recording transactions, but it could not protect what it could not see.
Bringing Institutions Into the Picture
Institutional interest in crypto has drastically increased this year alone. Firms are tokenising real-world assets, building treasury products, and pressing regulators for clearer rules on custody.
But all of it rests on a simple assumption that rarely makes the pitch deck: that you can reach the blockchain when it matters. Reliability is the whole chain of dependencies, from the CDN serving a login page to the custody API signing a transfer, to the bridge components moving value across networks.
A bank will not take comfort in Ethereum’s daily transaction count, and a tokenisation platform will not cite Byzantine fault tolerance if a custody connection fails during a wider outage or a bridge exploit drains client funds. In practice, the risk has moved up the stack, away from consensus and towards the infrastructure that connects users to it.
The Urgent Change
So what needs to change? There should be a standard practice of dependency mapping. This includes deciding on the CDN, DNS, RPC nodes, indexer, custody API, and the bridge components for moving assets across the chain.
Second, there must be a plan created in case of a failure, painting a clear picture in advance. There must be at least two providers for the parts that connect users and the chain, and ensure the system can automatically switch over in case of a failure.
Regular checks are important to maintain the health of the network. It is important to test the bridge and routing layer the way you would test a payment system. Run regular drills that assume something goes wrong, a solver is compromised, a relayer fails, a key is leaked, or routing rules misfire, and confirm you can pause flows, switch paths, and protect funds.
Counterparties should verify that platforms have tested failover procedures for infrastructure failures. The questions have to move beyond the blockchain. Boards should ask not only whether validators stay online, but whether the service still works when a CDN or DNS provider fails, and whether bridge controls can stop funds from being misrouted. Regulators looking at custody should test more than key storage. They should ask what happens when connectivity breaks and clients cannot reach their assets. And counterparties should want evidence, not assurances, that failover and incident response have been rehearsed under real outage conditions.
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of Cryptonews.com. This article is for informational purposes only and should not be construed as investment or financial advice.
The post Opinion: Crypto’s Real Problem Is The Plumbing appeared first on Cryptonews.
