Crypto Research

DeFi vs CeFi: What the Difference Actually Means

DeFi and CeFi aren't just competing philosophies — they're different architectures for who enforces the rules. One uses code, the other uses institutions. The risks, failure modes, and regulatory treatment follow from that single difference.
Lewis Jackson
CEO and Founder

Most people who've spent time in crypto have heard both terms — often in the same sentence. DeFi and CeFi are frequently framed as competing philosophies, and they are. But the philosophical difference is downstream of something more concrete: who enforces the rules.

In CeFi, a company enforces the rules. They hold your assets, execute your trades, manage your loan, and — when things go wrong — decide what happens next. In DeFi, code enforces the rules. Smart contracts deployed on public blockchains execute transactions automatically, without a company in the middle.

That single architectural difference has cascading consequences. The risks are different. The failure modes are different. The regulatory treatment is different. Understanding what actually separates these two categories is more useful than treating the divide as ideological.

How CeFi Actually Works

In centralized finance, you hand custody of your assets to a company. You deposit funds, they hold them on your behalf, and all your interactions — trading, borrowing, earning yield — happen against their internal ledger. The blockchain might not be involved at all in the day-to-day operation.

Binance, Coinbase, and Kraken are CeFi exchanges. BlockFi, Celsius, and Nexo were CeFi lending platforms — all three failed or restructured between 2022 and 2023. The mechanics are familiar because they mirror traditional finance. You have an account, the platform has reserves, and you're effectively extending credit to the institution when you leave assets there.

The risk that crystallized with FTX in November 2022 — a $32 billion exchange found to have commingled customer funds with its proprietary trading arm, resulting in bankruptcy — wasn't caused by a bug. Customers were harmed by fraud and mismanagement at a company they trusted. That's classical counterparty risk, no different in kind from what's happened at banks and brokerages throughout financial history.

CeFi platforms typically require KYC (Know Your Customer) and AML (Anti-Money Laundering) compliance, operate under financial licenses in various jurisdictions, and offer recourse mechanisms: customer support, dispute resolution, and in some cases regulatory protection. That compliance infrastructure is part of what they're selling. Whether it's worth the custody tradeoff is the question the 2022 collapses forced into the open.

How DeFi Actually Works

DeFi strips the company out of the middle. Protocols like Uniswap (a decentralized exchange), Aave (a lending market), and Compound operate as smart contracts deployed on Ethereum and other chains. They execute trades, manage collateral, and distribute yield automatically, according to code that anyone can read and verify.

No one holds your assets. You interact with a protocol using a self-custody wallet — your assets stay in your wallet until the moment a transaction executes, at which point they move according to the contract's logic. There's no KYC, no account, no counterparty in the traditional sense.

The lending mechanism in Aave illustrates this concretely. You supply assets to a pool and receive interest-bearing tokens (aTokens) in return. Borrowers post collateral above 100% of the loan value — a ratio enforced by the protocol itself. If collateral value drops below a threshold, liquidation bots automatically execute sales to keep the system solvent. No human decides; the contract executes.

That automation is DeFi's core claim: the protocol can't lose your money through fraud, because the protocol can't commit fraud. What it can do is have a bug, get exploited, or suffer from poor mechanism design. The risk doesn't disappear — it shifts.

Where the Constraints Live

The binding constraints in CeFi are institutional: capital requirements, regulatory licenses, internal risk controls, and the honesty and competence of management. These can fail, as 2022 demonstrated comprehensively. Regulatory frameworks existed but proved insufficient to prevent the cascade of collapses.

In DeFi, the binding constraints are technical and economic. Smart contract audits reduce but don't eliminate vulnerability — the Euler Finance exploit in March 2023 drained $197 million from a well-audited protocol before a white-hat negotiation recovered most of it. Oracle manipulation (feeding false price data into a protocol) and flash loan attacks are failure modes specific to DeFi's architecture. The permissionless, non-custodial model also means there's no recourse when something does go wrong.

Both models face evolving regulatory constraints. CeFi faces banking-style oversight in most jurisdictions. DeFi's treatment is less settled. The OFAC sanctions against Tornado Cash in August 2022 established that even code — a smart contract with no human operator — can be sanctioned under US law. The legal debate around that continues, but the signal was clear: regulators don't treat “it's just code” as an exemption.

What's Changing

The clean DeFi/CeFi binary is blurring at the edges.

Post-2022, institutional appetite for regulated, custodied crypto services didn't disappear — it sharpened. BlackRock, Fidelity, and others pursued regulated custody and ETF structures, which are CeFi in every meaningful architectural sense. The approval of spot Bitcoin ETFs in the US in January 2024 accelerated this.

On the DeFi side, the pressure is regulatory. The SEC's pursuit of centralized exchanges and its April 2024 Wells Notice to the Uniswap Foundation signaled intent to extend enforcement to DeFi protocols. The change in US regulatory posture in early 2025 pulled back from that trajectory, but the question of DeFi's regulatory status isn't resolved — it's paused.

A newer structural development: permissioned DeFi pools. These are DeFi-style on-chain execution with KYC gates at the entry point — attempting to capture DeFi's capital efficiency while meeting institutional compliance requirements. If institutional capital starts moving on-chain at scale through these structures, it changes both the DeFi economics and the regulatory pressure on the broader category.

What Would Confirm This Direction

The convergence thesis — DeFi and CeFi architectures merging around regulated on-chain execution — would be confirmed by permissioned DeFi pools gaining significant TVL from institutional participants; regulated institutions using on-chain protocols for settlement at scale; and legislative frameworks in major jurisdictions that distinguish DeFi protocols from CeFi platforms without treating them identically.

What Would Break or Invalidate It

A major exploit affecting a well-audited, widely-used DeFi protocol at scale could reset institutional confidence in on-chain execution. Regulatory action that effectively prohibits permissionless DeFi in major jurisdictions would structurally constrain the model.

For CeFi: another major exchange collapse following the FTX pattern, particularly post-regulatory frameworks that were supposed to prevent exactly this, would accelerate migration to self-custody and reinforce DeFi's core architectural claim.

Timing Perspective

Now: The CeFi/DeFi risk distinction is practically relevant for anyone deciding where to hold assets. Counterparty risk vs smart contract risk is an active tradeoff, not a theoretical one.

Next: Permissioned DeFi infrastructure is the watch item. If institutional capital starts moving on-chain at scale through KYC-gated DeFi pools, it changes both the DeFi economics and the regulatory pressure.

Later: The longer-horizon question is whether on-chain settlement becomes standard infrastructure for traditional finance. At that point, the DeFi/CeFi distinction may become less useful than the on-chain/off-chain one.

What This Explanation Doesn't Cover

The DeFi vs CeFi distinction is architectural, not a verdict. Both models have real failure modes, different regulatory surfaces, and different risk profiles.

This post explains the mechanism. It doesn't recommend either model, evaluate specific platforms, or address the tax treatment of DeFi yield or CeFi interest in any jurisdiction. What applies to your situation depends on factors outside this scope.

Related Posts

See All
Crypto Research
New XRP-Focused Research Defining the “Velocity Threshold” for Global Settlement and Liquidity
A lot of people looking at my recent research have asked the same question: “Surely Ripple already understands all of this. So what does that mean for XRP?” That question is completely valid — and it turns out it’s the right question to ask. This research breaks down why XRP is unlikely to be the internal settlement asset of CBDC shared ledgers or unified bank platforms, and why that doesn’t mean XRP is irrelevant. Instead, it explains where XRP realistically fits in the system banks are actually building: at the seams, where different rulebooks, platforms, and networks still need to connect. Using liquidity math, system design, and real-world settlement mechanics, this piece explains: why most value settles inside venues, not through bridges why XRP’s role is narrower but more precise than most narratives suggest how velocity (refresh interval) determines whether XRP creates scarcity or just throughput and why Ripple’s strategy makes more sense once you stop assuming XRP must be “the core of everything” This isn’t a bullish or bearish take — it’s a structural one. If you want to understand XRP beyond hype and price targets, this is the question you need to grapple with.
Read Now
Crypto Research
The Jackson Liquidity Framework - Announcement
Lewis Jackson Ventures announces the release of the Jackson Liquidity Framework — the first quantitative, regulator-aligned model for liquidity sizing in AMM-based settlement systems, CBDC corridors, and tokenised financial infrastructures. Developed using advanced stochastic simulations and grounded in Basel III and PFMI principles, the framework provides a missing methodology for determining how much liquidity prefunded AMM pools actually require under real-world flow conditions.
Read Now
Crypto Research
Banks, Stablecoins, and Tokenized Assets
In Episode 011 of The Macro, crypto analyst Lewis Jackson unpacks a pivotal week in global finance — one marked by record growth in tokenized assets, expanding stablecoin adoption across emerging markets, and major institutions deepening their blockchain commitments. This research brief summarises Jackson’s key findings, from tokenized deposits to institutional RWA chains and AI-driven compliance, and explains how these developments signal a maturing, multi-rail settlement architecture spanning Ethereum, XRPL, stablecoin networks, and new interoperability layers.Taken together, this episode marks a structural shift toward programmable finance, instant settlement, and tokenized real-world assets at global scale.
Read Now

Related Posts

See All
No items found.
Lewsletter

Weekly notes on what I’m seeing

A personal letter I send straight to your inbox —reflections on crypto, wealth, time and life.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.