On March 11, it was reported that the decentralized lending protocol Aave recently experienced a large-scale liquidation event caused by a misconfiguration in the price oracle. Due to a temporary misjudgment of the Wrapped stETH (wstETH) price by the system, about 34 accounts’ collateral positions were automatically liquidated, involving approximately $26 million worth of assets, sparking widespread discussion in the DeFi community about oracle security and liquidation mechanisms.
According to subsequent disclosures, this incident was not due to a real market price decline but resulted from a technical discrepancy in Aave’s internal pricing system. Aave relies on on-chain price oracles to assess the value of collateral assets. When the collateral value falls below the safety threshold for lending, the system automatically executes liquidation to protect lenders’ funds.
The issue stemmed from Aave’s use of a security mechanism called CAPO (Capped Asset Price Oracle). This mechanism aims to limit abnormal asset price surges to prevent malicious market manipulation. However, due to unsynchronized updates of two key configuration parameters, the system temporarily calculated the wstETH price to be about 2.85% below its actual market value.
This seemingly minor price discrepancy had limited impact on ordinary users but was enough to trigger automatic liquidation for accounts with high leverage and collateral ratios close to the liquidation threshold. Ultimately, the system sold 10,938 wstETH to cover the loans, even though these positions should have remained safe under normal price conditions.
Risk analysis firm Chaos Labs released a report indicating that during the liquidation process, third-party bots monitoring liquidation opportunities earned approximately 499 ETH in profit. Although some user positions were forcibly closed, the Aave protocol itself did not suffer financial losses; all loans were repaid, and protocol reserves were not depleted.
Aave founder Stani Kulechov stated that the protocol’s security was not compromised, but affected users did incur losses. Therefore, the community will initiate a compensation mechanism. Currently, Aave has recovered about 141.5 ETH and 13 ETH in fees through the BuilderNet refund process, which will be directly returned to affected users.
Regarding the remaining funds, Aave confirmed that up to 345 ETH will be covered by the DAO treasury. This treasury is funded by protocol income and is used to handle emergency risks and protect user interests.
Meanwhile, community member Frida raised questions on the forum, suggesting that Chaos Labs, responsible for oracle configuration risk management, should bear some responsibility. In response, Chaos Labs founder Omer Goldberg stated that all affected users will receive full compensation, but the incident is categorized as a configuration issue rather than a system design flaw.
After the incident report was released, market reactions remained relatively stable, with AAVE’s price rising approximately 1.53% to $110.52, indicating that investors believe the issue has been effectively contained.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Tydro Halts All Markets on May 5 Due to Oracle Issue; User Funds Safe
According to BlockBeats, Tydro, a lending protocol in the Ink ecosystem, suspended all markets on May 5 following a third-party oracle issue report. The team confirmed user funds remain safe and is actively investigating the
GateNews2m ago
India's Himachal Pradesh High Court Rejects Bail for Crypto MLM Fraud Promoter Affecting 80,000 Investors
According to The Crypto Times, on May 5, India's Himachal Pradesh High Court rejected the bail plea of Abhishek Sharma, a key promoter in a 500-million-rupee crypto MLM fraud affecting over 80,000 investors nationwide. The scheme involved false platforms including Korvio, Voscrow, DGT, Hypenext,
GateNews4m ago
Hacker tricks AI agents with Morse code! The attacker lures Grok and BankrBot into making transfers, stealing $170k worth of cryptocurrency
An AI agent vulnerability was exposed on the X platform: attackers used a Bankr Club NFT to obtain transfer privileges for a Grok wallet, then used Morse code instructions to prompt BankrBot to transfer out roughly 300 million DRB without human approval, worth about $175k. The issue stems from BankrBot’s architecture not treating AI output as authorization. The funds have been recovered, and defenses will be strengthened, including API key controls and IP whitelisting.
ChainNewsAbmedia1h ago
Aave Files Emergency Motion to Lift $73M ETH Freeze in Kelp DAO Exploit
Aave LLC filed an emergency motion in federal court on May 1 seeking to lift a court-ordered freeze of approximately $73 million in ether recovered from the Kelp DAO exploit, according to the filing. The order restricts Arbitrum DAO from moving the recovered funds while plaintiffs from years-old ter
CryptoFrontier2h ago
Zondacrypto CEO Disappears With 4,500 Bitcoin Private Keys on May 5; Current CEO Flees to Israel
According to BlockBeats, on May 5, the former CEO of Polish cryptocurrency exchange Zondacrypto disappeared in 2022 with private keys to a cold wallet holding 4,500 BTC (currently worth over $340 million). The current CEO admitted the wallet is now inaccessible and has reportedly fled to Israel.
GateNews3h ago
Payward Alleges $25M Crypto Custody Fraud Against Etana
Payward, the parent company of crypto exchange Kraken, has filed a lawsuit alleging $25 million in crypto custody fraud against Etana and the firm's CEO, according to the complaint. The allegations center on claims that client funds were misused, commingled, and concealed as part of a "Ponzi-like" s
CryptoFrontier4h ago
