On October 20, an issue in Amazon’s US-EAST-1 region sparked a chain reaction in the crypto industry. Coinbase reported degraded service, Infura and Alchemy issued AWS-related incident notes, and several wallets and rollups began to expire.
None of these failures came from the blockchains themselves. The consensus was a good thing. The problem lay in everything around it: the cloud databases, RPC gateways, DNS, indexers, and key management systems that turn a blockchain into a usable application.
It was a stark reminder that much of Web3 still relies heavily on Web2. When one region of AWS sneezed, a quarter of the crypto UI caught a cold.
The invisible monoculture
Behind the rhetoric of decentralization lies a discreet map of dependency that appears surprisingly centralized. A typical dApp starts with an interface hosted on S3 or Cloudflare Pages, served through a CDN such as Fastly, and resolved by Route 53 or Cloudflare DNS.
Below that are read and write RPCs, often Infura, Alchemy or QuickNode, most of which themselves run on AWS or another of the “Big 3” clouds. Then come indexers like The Graph or Covalent, sequencing services on rollups and custody or key management systems such as Fireblocks. Each layer introduces a single point of failure.
When AWS’s DynamoDB and DNS services failed, multiple layers were affected simultaneously. Coinbase’s API slowed down, Infura and Alchemy reported AWS issues upstream, and several rollups saw their sequencers stall until manual intervention. Even The Graph’s indexer for zkSync had already shown similar fragility weeks earlier.
The illusion of redundancy has also collapsed. Two independent RPC providers each promise “four-nine” uptime, but if they are both in the same cloud region, their outages are correlated. Statistically, independence breaks down: the effective correlation coefficient between AWS-centric stacks can reach 0.9.
This focus is not limited to cryptography. AWS still has about 30-32% of the global cloud share, Azure about 20%, and Google Cloud 13%. A six-hour outage in a major region impacts DNS, object storage and database services used by thousands of businesses.
For cryptography applications, this means that between 10% and 30% of EVM-based interfaces or read functions may degrade during such an event. Writes and transactions that depend on sequencers or guard signature paths may be frozen entirely.
The myth of independence
It’s easy to confuse on-chain resilience with application resilience. Blockchains like Ethereum or Solana can maintain consensus via global nodes; however, the tools actually used often depend on centralized intermediaries. Solana’s five-hour outage in February 2024 was a chain failure, but not the AWS outage. This was an off-chain problem, and much more common.
Each layer adds its own Achilles heel.
- Sequencers on L2 are still mostly single operator configurations. If their connection to Ethereum’s RPC is disrupted, so is their ability to release new batches.
- Content delivery and DNS introduce additional fragility: Cloudflare’s July 14 resolver issue left parts of the Internet inaccessible for nearly an hour.
- Even “decentralized” storage can still rely on a single company. The outage of Infura’s IPFS gateway on September 20 interrupted access to assets that were theoretically reflected on the network.
- Custodial and key management platforms, such as Fireblocks, used by exchanges and funds themselves experienced processing delays on October 26 and September 17, blocking withdrawals and settlements.
These failures are important because they affect user trust more than protocol availability ever could. A wallet showing a stale balance, or a bridging transaction stuck in limbo, erodes trust in the very decentralization it claims to offer.
Regulators began to notice. The European Digital Operational Resilience Act (DORA), which came into force in January 2025, requires financial entities to test and report dependencies on third-party ICT. The UK’s ‘critical third party’ regime is set to place hyperscalers under direct supervision next year.
As cryptocurrency custody, stablecoin issuers, and tokenized asset platforms now overlap with regulated finance, the same expectations for cloud diversification will soon apply here as well. Cloud dependence on a single vendor turns into a board-level risk.
The fix isn’t glamorous, but it happens
Solutions are shipped. In the short term, developers are introducing provider quorum RPCs that poll multiple endpoints, self-hosted, SaaS, and decentralized (like Pocket Network), and show a result only if two out of three agree. Tools like Helios bring lightweight customer verification directly into mobile wallets and apps, allowing users to validate data without relying on a centralized gateway.
Infrastructure teams are adopting multi-CDN and multi-DNS configurations with active failover. For storage, running your own IPFS gateway or mirroring assets to Arweave or Irys is becoming the norm. In the rollup world, projects like Espresso, Radius, and Astria are building shared or decentralized sequencers, while OP Stack has begun deploying permissionless failure proofs.
Further down the roadmap, Ethereum’s PeerDAS proposal aims to make data availability checks affordable enough to run at the wallet level. Combined with thin clients, this could push verification to the edges of the network rather than the center of the cloud.
Institutional pressure will reinforce these changes. Under the DORA and UK CTP rules, multi-cloud architectures become a policy and not a preference. Expect large custodians and exchanges to demand vendor diversification across RPCs, indexers, and key management providers.
None of this will make crypto completely independent of traditional infrastructure, but it will narrow the gap between decentralization ideals and messy operational reality. The lesson of October 20 is not that blockchains have failed, but that the scaffolding that supports them has not yet caught up.
A truly decentralized application does not mean that each user manages a server; this means that no server will be able to bring the system down. Until this is the default, every “Web3” outage will always start the same way: when the cloud sneezes, the blockchain shudders.
