First to market is only part of the problem. Another self inflicted problem is that execution of those "smart" "contracts" cost tokens (so essentially money). This incentivizes developers to write the shortest possible code, without any "fluff" like tests or additional checks or more verbose style. And the immutability problem also increases severity of the problem - you either deploy immutable "contract" signifying that it should be respected because it can't be changed later for malicious purpose, or you deploy modifiable "contract" and that is not good for the reputation of the company.
Immutable code is a poor replacement for trust in a company.
It shifts the trust from the company as it is now to the same company (and their capabilities) sometimes in the past. Preferably the company is operated completely anonymously.
It seems like the crypto community would do anything to avoid the legal/regulatory system and it's established processes of operation requirements, insurance and liabilities.
Doing that they regularly fail at performing the most basics of basic financial duties like not getting hacked and not throwing the keys to the kingdom.
I've yet to hear of a bank loosing funds and getting away with telling "tough luck" to their customers, but we've witnessed many crypto "banks" doing just that.
That also involved failing to have a viable rollback plan. It affected so many people so badly that questions were asked in Parliament; TSB were down for a week.
Now with cryptocurrency we've disintermediated the bank to produce a much better solution: your contract can be down forever and there's no Parliament to ask questions in.
