Risks, immutability, countermeasures and decentralization

Before I start, I'd like to point out that I've been an Ethereum user since 2018, all my assets are based on this blockchain.
For the past few months, I've been focusing on security, formerly a developer in MedTech and FinTech the transition wasn't very hard.

I started by looking more closely at the clients (execution+consensus), which was really very interesting and quite clean. EVM shines in its simplicity(but U256 suck), and the multi-client approach is a real shield against the most dangerous vulnerabilities.

Then I switched to smart contract…
I quickly found bugs(in smart contract with millions of $ TVL), complex code due to a lack of knowledge of design patterns, unverified smart contracts and so on.
I think all developers can agree that it's impossible to guarantee bug-free code, and the longer the code, the higher the probability.

This brings me to the questions I'd like to discuss with you.

– Why don't we use circuit breakers?
Bug-free code is impossible, but we can reduce the risk by auditing, bug bounty, etc.
Why don't we reduce the possible damage by preventing a contract from draining 100% of its TVL in a single transaction?

– Why is on-chain insurance so little used?
I see people putting money into a smart contract with tens of thousands of lines of code to earn 4 or 5% a year.
Is it a lack of understanding of the risks involved, or do I overestimate them now that I've done a bit of work in the field ? (even Aave has come close to being hacked several times in recent years)

– Shouldn't we take the Application chain approach and allow the social layer to undo a bug via forks? And how can this be coupled with the Rollup roadmap?
If we want to do more than just on-chain transfers, and if we want to have financial instruments that don't rely on very high (speculative) returns, shouldn't we set up insurance (=human decision), circuit breakers (=human update) and forks(=human consensus) in the worst case?
I think application-specific rollups could have their place, especially if their bridges implement circuit breakers or other limits.

Thanks for your feedback!