The collapse of Stream Finance shook the broader DeFi ecosystem. This report explains the structural causes behind the chain of failures, the responsibility of each party involved, and the steps needed to prevent future collapses.
Key Takeaways
The failure of Stream Finance’s xUSD spread across the DeFi market, impacting MEV Capital, Elixir, Compound, and others.
Risk curators, lending protocols, and researchers all share responsibility for the outcome.
Without tools such as rating systems and slashing frameworks, the DeFi leverage cycle is likely to repeat.
1. DeFi Jenga Collapse
A failure that began in Stream Finance quickly spread through the DeFi market and caused major losses. The whole system worked like a Jenga tower—many pieces stacked tightly together. When one weak piece slipped, the stress moved to the rest of the structure. That single protocol’s breakdown then caused other parts of the network to fall apart as well.
What happened, and who should be held responsible?
2. Collapse Triggered in Stream Finance
2.1. Breakdown of Stream Finance
Stream Finance is a “risk curator,” essentially a type of asset manager. It claimed to run user funds such as USDC with professional strategies in a decentralized way.
Its main product was xUSD. Users could deposit USDC and receive an 18 percent annual yield.
Stream Finance said it earned this yield through a market-neutral strategy that aims to generate stable returns regardless of price swings. Yet at that time, most market-neutral products, including Ethena, offered only single-digit yields. This made Stream Finance’s double-digit rate hard to justify.
The project also did not provide proof of reserves, and its fund structure was not clear. It was unclear whether it held any insurance pool.
Users had no way to check how funds were managed. This raised a reasonable concern that the project may have operated in ways that did not match its stated strategy.
On October 29, CBB raised the issue in a public post on X. It said that xUSD held only 170 million dollars of on-chain collateral but had borrowed 530 million dollars, or 4.1 times more.
Not all on-chain data from that period is available now, but the structural problem was clear.
The issuer of xUSD used its own token as collateral to borrow again from lending protocols. It’s basically like taking out a bank loan using an IOU you wrote yourself. The assets ended up in a loop, making it difficult to tell what the collateral was actually worth.
Around the same time, the Balancer hack spread panic through the market. Users began to pull their funds from Stream Finance, which created a bank run. The system could not hold under this stress. Stream Finance, already in a state of internal insolvency, released a statement saying that an external fund manager caused a loss of 93 million dollars.
2.2. Impact of xUSD
xUSD collapsed at once, and the DeFi Jenga stack began to fall.
Curators such as MEV Capital took the largest hit. MEV Capital managed USDC from its users, and a key part of its position was in the xUSD/USDC market.
The situation grew worse during the xUSD breakdown. The real price of xUSD crashed, but the oracle price stayed frozen at 1.26 dollars.
So why was the price being updated manually?
In most cases, oracles such as Chainlink update market prices in real time. But some protocols use manual updates to avoid unwanted liquidations during short price swings. This setup can protect borrowers in normal times, but it becomes a risk when the asset’s value is truly falling.
As the value of xUSD dropped, the system failed to catch it. Liquidations did not trigger when they should have, and the market ended up with about 650,000 dollars of USDC debt. The loss fell directly on investors who trusted MEV Capital with their funds.
2.3. Impact on deUSD
Elixir’s native stablecoin, deUSD, also took a major hit.
Stream Finance held about 90 percent of the total deUSD supply, roughly 75 million dollars. Once Stream collapsed, Elixir could no longer operate as normal and chose to shut down the project. The fall of deUSD, following xUSD, sent shockwaves through the wider DeFi market.
The biggest risk appeared in Compound, which allowed deUSD to be used as collateral. As concerns about deUSD grew, its actual market price slipped between 0.86 and 1 dollar, showing clear signs of stress. But Compound’s oracle still priced it at 1.06 dollars.
Attackers used this price gap. They could buy deUSD in the market for less than 1 dollar, deposit it as collateral, and the system treated it as 1.06 dollars. This allowed them to borrow more USDC and USDT than they could have. Gauntlet, the risk manager, responded by halting withdrawals in major markets such as USDC and USDT. About forty hours after the halt, the price of deUSD fell to zero.
The chain reaction did not stop there. Yei Finance, which supported sfastUSD, a derivative backed by deUSD, faced the next shock. When sfastUSD dropped to zero, it created about 8.6 million dollars in bad debt. The Yei Finance team said it would cover the full loss.
Beyond these cases, the impact continued across TelosC, Re7 Labs, Treeve, and others.
3. Who Is Responsible for the Fallen Jenga?
Traditional financial products must be licensed or registered, depending on the type. In DeFi, anyone can create a product in any form they choose. They can design, package, and launch it without review or oversight.
In this environment, new layers of derivatives keep stacking up with little regard for the underlying risks. Each added layer raises the apparent yield while making the structure weaker. Over time, the products link together in a dense web. When one part fails, as in the Stream Finance case, the connected assets can fall with it.
So who is responsible for this damage?
Investors bear the direct loss, but the deeper responsibility lies elsewhere. It sits with the risk curators who run the products, the platforms that connect users to protocols, and the researchers who should guide the market and warn of danger.
3.1. Risk Curators Without Real Expertise
After the incident, many argued that investors should DYOR. But it is not realistic for individuals to verify every detail. Investors rely on the platforms that offer these products and on the risk curators who claim to manage them.
Yet, as noted earlier, DeFi assets are tied together in complex ways, which makes risk analysis even harder. It is not clear how many risk curators have the skill or structure to manage these risks in a systematic way.
In traditional finance, firms commit significant resources to risk control. Large global institutions often staff risk teams that make up around 1 to 5 percent of total employees. They keep dedicated risk units and set independent risk functions within business lines.
In contrast, the risk curators involved in this case showed the opposite approach. Rather than managing risk, they built an implicit leverage loop that amplified it. This was not a simple management error. It was closer to allowing risk to grow in pursuit of fee-based revenue.
3.2. Protocols Hidden Behind the Permissionless Label
Lending protocols such as Morpho and Euler act as financial infrastructure in DeFi. They run a permissionless system and leave the actual operations to the risk curators who list their strategies on the platform.
Some argue that, because the system is permissionless, the protocols hold no responsibility. But this claim is only half true.
A similar argument often appears in traditional finance. When a broker offers access to a product and it later fails, the broker may claim that the asset manager ran the strategy and that investors made their own decisions. Yet this argument does not hold in practice. Brokers earn fees by giving clients access to products, so they cannot fully avoid responsibility for what they promote.
The same logic applies to DeFi protocols. They earn revenue from user activity and are therefore part of the chain of responsibility.
Morpho’s case makes this clearer. Morpho maintained a whitelist for vaults that could appear on its front end. Only vaults approved by the platform team were shown to users. High-risk vaults that relied on Stream’s xUSD were part of this whitelist. By approving and displaying them, the platform effectively signaled that these vaults were acceptable, even though the strategies carried significant risk.
3.3. Researchers Who Failed to Serve as the Market’s Beacon
Researchers are meant to act as a beacon for the market. Finding new projects and tracking trends is part of the role, but the more important duty is to warn the market of risk.
Many research firms focus on writing project summaries or promoting new narratives. But they often fall short in the task of identifying risk and protecting investors. They rarely examine the underlying issues that sit beneath the surface.
The Stream Finance case showed this gap clearly. The 18 percent APY offered by xUSD was widely known, yet there was almost no warning about the structural risks behind that yield. Key questions were not raised: how much leverage was built into the product, how the liquidation risks were managed, or whether the collateral had enough liquidity to support the strategy.
Tiger Research is not exempt from this responsibility. We spend most of our time watching the market, so we should have spotted these risks early and raised a warning. We acknowledge that we did not fully meet our role as researchers and take this seriously.
4. Is the Current Structure Right?
The debate has moved beyond responsibility and toward the structure itself, where risk curators manage their own vaults. The core question is whether this setup is right.
DeFi lending protocols mainly follow two models:
Unified Pool Model (AAVE): Assets sit in one shared pool and follow a single risk framework.
Independent Vault Model (Morpho, Euler): Each curator runs its own vault, using the assets supplied by users, and operates with its own strategy.
AAVE stood on the opposite side of the recent curator issue. This led AAVE’s Stani Kulechov to criticise the independent vault model. He argued that curators take on excessive risk to differentiate their vaults, and a single large failure can damage trust across the entire ecosystem.
Morpho’s Paul Frambot, who represents the independent vault model, presented a different view. In his view, vaults work like on-chain fund. Some perform well and others do not, just as in traditional markets. A fully open and decentralized system must accept this range of outcomes and manage it.
It is hard to say that one structure is inherently right.
A unified pool offers consistent risk control but limits the range of strategies. Independent vaults allow curators to test new ideas and build diverse strategies. If risk is handled well, this model can support financial innovation that DeFi alone can provide.
In the end, the structure itself is not the main issue. Any model must come with transparency and clear responsibility. If DeFi aims to scale into a multi-trillion-dollar market, separating infrastructure from risk management will be necessary, but that separation cannot become an excuse to avoid accountability.
5. The Importance of Risk Management
DeFi’s scale has enabled an endless stack of leverage, and this collapse is only the start. As long as another form of xUSD can appear, the Jenga game will continue.
The question is how to prevent the next failure. The answer lies in risk management, approached from two angles. First is objective risk assessment through an independent evaluator. Second is a structural design that places direct responsibility on the operators.
DeFi lacks a trusted third party, so it needs a basic trust layer. This does not mean a regulator that grants or denies approval, like a financial watchdog. What DeFi needs is a system similar to S&P or Moody’s: a rating framework that measures risk clearly and neutrally.
The market has already begun moving in this direction. Multiple groups are working on Yield Risk Rating systems. They are testing oracle-based credit assessment, cryptographic proofs of vault data, real time risk dashboards, and tools that compare yields across protocols. These developments are essential if DeFi wants a more transparent and safer market.
But ratings alone are not enough. Operators must also face real responsibility. A slashing model can support this. Curators post collateral, and the system slashes it when their vaults create losses. This reduces the chance of risk-blind behaviour and limits reckless leverage.
A rating system and an operator-responsibility structure can provide a base level of trust for investors. Yet even these will not be enough without a shift in behaviour. Curators need to aim for stable returns rather than aggressive leverage. Protocols should prioritise safety over fee growth. Researchers must focus on objective analysis rather than promotion.
If these changes take hold, this incident will not remain a disaster but can become a turning point in building a safer and more mature DeFi system.
We thank Joel Mun for his support throughout this work.
🐯 More from Tiger Research
Read more reports related to this research.Pendle and Boros: Turning Funding Fees into DeFi Derivatives
Definitive: 50+ Institutions’ Choice for DeFi on Base and Beyond
Disclaimer
This report has been prepared based on materials believed to be reliable. However, we do not expressly or impliedly warrant the accuracy, completeness, and suitability of the information. We disclaim any liability for any losses arising from the use of this report or its contents. The conclusions and recommendations in this report are based on information available at the time of preparation and are subject to change without notice. All projects, estimates, forecasts, objectives, opinions, and views expressed in this report are subject to change without notice and may differ from or be contrary to the opinions of others or other organizations.
This document is for informational purposes only and should not be considered legal, business, investment, or tax advice. Any references to securities or digital assets are for illustrative purposes only and do not constitute an investment recommendation or an offer to provide investment advisory services. This material is not directed at investors or potential investors.
Terms of Usage
Tiger Research allows the fair use of its reports. ‘Fair use’ is a principle that broadly permits the use of specific content for public interest purposes, as long as it doesn’t harm the commercial value of the material. If the use aligns with the purpose of fair use, the reports can be utilized without prior permission. However, when citing Tiger Research’s reports, it is mandatory to 1) clearly state ‘Tiger Research’ as the source, 2) include the Tiger Research logo. If the material is to be restructured and published, separate negotiations are required. Unauthorized use of the reports may result in legal action.
