Web Analytics
S StakingBoard
DeFi

What Is a DeFi Protocol?

"Protocol" is just developer-speak for "app." Here's how to read what one does, why people use it, and what it can earn you on the tokens you already hold.

Updated April 2026

Apps tracked
1,204
Chains covered
93
Aggregated value held
$200.1B
Best yield now
28.23%
Updated hourly

A DeFi protocol is software that runs on a public blockchain and lets people earn, lend, swap, or borrow without a bank in the middle. You'll also see them called DeFi apps or dapps — same thing, friendlier word. Lido, Aave, and Uniswap are protocols. Together, they hold tens of billions of dollars in user deposits.

Critically, the protocol holds your tokens — not the company that built it. Code in the smart contract decides what happens next. That's the difference between a DeFi protocol and a regular fintech app: nobody can freeze your account, and you can withdraw whenever the contract allows.

Why Are They Called "Protocols"?

Calling something a "protocol" leans into the idea that it's a set of rules anyone can use — like email or HTTP. Anybody can plug in. Other apps can wrap them, frontends can compete, and the rules don't change unless the contract is upgraded.

For a newcomer, treat "protocol" and "app" as interchangeable. We use both on this site. The browse page is at /protocols, labelled "Apps" in the top nav.

What Can a Protocol Actually Do?

Most DeFi protocols fall into one of a handful of categories. Knowing the category tells you 80% of what to expect — what you put in, what you get back, and the main risk.

Lending

You deposit a token (USDC, ETH, BTC). Other people borrow it and pay you interest. You can withdraw any time the pool has free liquidity. Examples: Aave, Compound V3, Morpho Blue. Generally the lowest-risk DeFi flavour for novices — but smart-contract risk and bad-debt risk both apply.

Liquid Staking

You stake a token (ETH, SOL). The protocol runs validators on your behalf and gives you a tradeable receipt token (stETH, JitoSOL, mSOL) that earns rewards over time. You can use the receipt across DeFi without unstaking. Examples: Lido, Rocket Pool, Jito. Read more in our liquid staking guide.

Decentralised Exchanges (DEXes)

Two flavours. First, you can swap tokens — like a normal exchange, but on-chain. Second, you can deposit two tokens into a pool and earn a share of the trading fees as a "liquidity provider." Examples: Uniswap V3, Curve DEX, Meteora DLMM. Liquidity providing has its own risk — impermanent loss — which can leave you with less value than just holding both tokens.

Stablecoin Issuers

These protocols issue dollar-pegged tokens — USDC, USDT, DAI, USDe. You can hold the stablecoin to avoid volatility, or earn on it via lending or specific pools. Read our stablecoin yield guide for the mechanics. The risk is the peg breaking — sometimes briefly, sometimes severely.

CDPs (Collateralised Debt Positions)

Lock up a volatile token (often ETH or BTC) as collateral, mint a stablecoin against it. You keep upside on the token, walk away with cash. If the collateral falls below the safety ratio, part of it gets liquidated to repay the loan. Examples: Sky (formerly MakerDAO), Liquity.

Yield (Farming) Aggregators

Apps that automatically route deposits between other DeFi protocols chasing the best rate. Convenient, but you're now exposed to both the aggregator's smart-contract risk and the underlying protocols'. See the yield farming guide for the trade-offs.

Derivatives & Perpetuals

Trade leveraged or perpetual contracts on-chain. Different game entirely — not a "deposit and earn" surface. Yield can come from market-making (filling other people's trades), but losses are unbounded. Examples: Hyperliquid, GMX, dYdX.

How a Protocol Spreads Across Chains

Most protocols ship on more than one chain. Aave runs on Ethereum, Arbitrum, Base, Polygon, Avalanche, Optimism, Gnosis, Scroll, BSC, and others — each is a separate deployment with its own contract addresses, fees, and rates. On the protocol page we list every chain it runs on with the per-chain value held, sorted by size. Pick the chain you already use.

Protocol vs Pool — Don't Conflate Them

A protocol is the app. A pool is one specific position inside it.

Aave is a protocol. "Aave V3 USDC on Arbitrum" is a pool. The pool has its own pool size, its own interest rate, and its own risk profile that differs from "Aave V3 USDC on Ethereum" or "Aave V3 wETH on Arbitrum." Browse pools at /pools; browse the parent apps at /protocols.

How to Read "Value Held" (Sometimes Called "TVL")

Value held — short for "total value locked" — is the dollar value of every token currently sitting in the protocol's smart contracts. It doesn't say anything about safety directly, but it's a decent proxy:

  • Bigger usually means more battle-tested. Code that has held $5B for two years has had more attack surface than code that holds $5M for two months.
  • Bigger usually means deeper liquidity. You can deposit and withdraw at sane rates without moving the price.
  • Bigger doesn't mean lower yield by default. The biggest lending markets often pay near the median — but they also rarely run dry.

We update value-held figures hourly across every chain a protocol runs on.

Common Risks That Apply to Every Protocol

  • Smart-contract risk. A bug in the contract can drain user deposits. Audits help; they don't eliminate the risk. Look for protocols with multiple public audits and a long live track record.
  • Governance risk. If the protocol can be upgraded, whoever holds the governance keys can change the rules. Decentralised governance helps; it's still a risk.
  • Frontend risk. The contract is on-chain, but the website you interact with isn't. A compromised frontend can route your transaction somewhere malicious. Bookmark the official URL; double-check before signing.
  • Chain risk. The protocol's only as safe as the chain it runs on. Smaller chains have less validator decentralisation, faster outages, and shakier finality.
  • Category-specific risk. LP impermanent loss, lending bad debt, stablecoin de-pegs, CDP liquidations, perp funding rates. Each category brings its own — match the category to your risk tolerance.

How to Pick a Protocol

  1. Pick the category first. Decide what you want to do — earn lending interest, stake liquidly, provide DEX liquidity. The category narrows the field instantly.
  2. Filter by chain. Use the chain you're already on. Bridging adds friction, fees, and a new risk surface.
  3. Sort by value held. Among the top 5 by TVL in a category, you're picking between battle-tested options.
  4. Check audits + age. Three or more public audit reports and 18+ months live is a reasonable safety floor for a novice.
  5. Read the protocol's own docs. Every page on this site links out to the official site. Read at least the "Risks" section before depositing.
  6. Start small. Move a fraction of what you eventually want to deposit. Watch for a week. Then size up.

Bottom Line

A DeFi protocol is just an app — but one where the rules live in code, not customer service. Pick the category that matches what you want to do, the chain you already use, and the most battle-tested option in that category. Never deposit more than you can afford to lose.

Largest DeFi apps right now

By total value held across every chain. Bigger usually means more battle-tested.

LI
Lido $20.4B
Staking
SS
SSV Network $17.1B
Staking Pool
AA
Aave V3 $14.7B
Lending
BI
Binance Staked Eth $8.6B
Staking
EI
EigenCloud $7.7B
Staking
MO
Morpho Blue $7.4B
Lending
SK
Sky Lending $5.9B
Lp
ET
Ether.Fi Stake $5B
Staking

Frequently asked questions

Is a DeFi 'protocol' the same as a 'dapp'?

Effectively yes. 'Protocol' emphasises the rule-set part — anybody can plug in. 'Dapp' (decentralised app) emphasises the user-facing part. The same project is often called both. We say 'app' on this site because it's friendlier.

Who controls a DeFi protocol?

Depends. Some are immutable — the code can never change. Most have governance, where token holders vote on upgrades. A few have an admin key that can pause or upgrade contracts unilaterally. Check the protocol's docs for the governance model — it materially affects risk.

Is using a DeFi protocol safer than using a centralised exchange?

Different risks. With a centralised exchange (Coinbase, Binance) you trust the company to hold your tokens correctly and not get hacked. With a DeFi protocol you trust the smart-contract code to be bug-free and the chain to keep running. Neither is risk-free; they're different shapes of risk.

Can a protocol freeze or block my withdrawal?

Most can't — the contract decides, not a person. A few have admin keys that can pause withdrawals in an emergency. A few more rely on a bridge or oracle that can fail. Read the docs; the disclosure is usually honest.

Why are some protocols only on one chain?

Deploying to a new chain costs developer time, audits, and ongoing maintenance. Protocols that haven't expanded yet are usually still proving the concept on their original chain, or are intentionally chain-specific (apps built for a chain's unique features).

How do you decide which protocols to track?

We mirror the public DeFi catalog — every app with $1M+ in user deposits gets a page. Smaller apps are excluded by default to keep the browse surface useful for novices, but we revisit the threshold periodically.

Data and review: Yield numbers above are aggregated from public on-chain data, refreshed hourly. Asset prices update on the same cadence. Last reviewed: April 28, 2026.
Browse all protocols
Every staking and DeFi protocol we track.
Open protocols
Compare chains
See every chain we track, side by side.
Open chains
Explore yield farming
Lend, pool, and earn — and the risks each strategy brings.
Read guide