On March 11, it was reported that the decentralized lending protocol Aave recently experienced a large-scale liquidation event caused by a misconfiguration in the price oracle. Due to a temporary misjudgment of the Wrapped stETH (wstETH) price by the system, about 34 accounts’ collateral positions were automatically liquidated, involving approximately $26 million worth of assets, sparking widespread discussion in the DeFi community about oracle security and liquidation mechanisms.
According to subsequent disclosures, this incident was not due to a real market price decline but resulted from a technical discrepancy in Aave’s internal pricing system. Aave relies on on-chain price oracles to assess the value of collateral assets. When the collateral value falls below the safety threshold for lending, the system automatically executes liquidation to protect lenders’ funds.
The issue stemmed from Aave’s use of a security mechanism called CAPO (Capped Asset Price Oracle). This mechanism aims to limit abnormal asset price surges to prevent malicious market manipulation. However, due to unsynchronized updates of two key configuration parameters, the system temporarily calculated the wstETH price to be about 2.85% below its actual market value.
This seemingly minor price discrepancy had limited impact on ordinary users but was enough to trigger automatic liquidation for accounts with high leverage and collateral ratios close to the liquidation threshold. Ultimately, the system sold 10,938 wstETH to cover the loans, even though these positions should have remained safe under normal price conditions.
Risk analysis firm Chaos Labs released a report indicating that during the liquidation process, third-party bots monitoring liquidation opportunities earned approximately 499 ETH in profit. Although some user positions were forcibly closed, the Aave protocol itself did not suffer financial losses; all loans were repaid, and protocol reserves were not depleted.
Aave founder Stani Kulechov stated that the protocol’s security was not compromised, but affected users did incur losses. Therefore, the community will initiate a compensation mechanism. Currently, Aave has recovered about 141.5 ETH and 13 ETH in fees through the BuilderNet refund process, which will be directly returned to affected users.
Regarding the remaining funds, Aave confirmed that up to 345 ETH will be covered by the DAO treasury. This treasury is funded by protocol income and is used to handle emergency risks and protect user interests.
Meanwhile, community member Frida raised questions on the forum, suggesting that Chaos Labs, responsible for oracle configuration risk management, should bear some responsibility. In response, Chaos Labs founder Omer Goldberg stated that all affected users will receive full compensation, but the incident is categorized as a configuration issue rather than a system design flaw.
After the incident report was released, market reactions remained relatively stable, with AAVE’s price rising approximately 1.53% to $110.52, indicating that investors believe the issue has been effectively contained.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Crypto’s most ridiculous robbery? A hacker minted $1 billion in DOT tokens, but only stole $230k
Hackers exploited the Hyperbridge cross-chain bridge vulnerability to mint 1 billion Polkadot (DOT) tokens. The nominal value was over $1.19 billion, but due to insufficient liquidity, they ultimately cashed out only about $237k. The attack was successful because the smart contract did not properly verify messages, allowing the hackers to steal administrative control and mint coins. The incident highlights the key role of market liquidity in the success of arbitrage.
CryptoCity9h ago
Fake Ledger Live App Steals $9.5M From 50+ Users Across Multiple Blockchains
A fraudulent Ledger Live app on Apple's App Store stole $9.5 million from over 50 users by compromising wallet information. The incident, involving significant losses for major investors, raises concerns about App Store security, prompting discussions of a possible lawsuit against Apple.
GateNews11h ago
Criticized for freezing USDC too slowly! Circle CEO: We will definitely wait for the court’s order before freezing—refusing to freeze privately/by ourselves without authorization
Circle CEO Jeremy Allaire said the company will not proactively freeze wallet addresses unless it receives a court order or a request from law enforcement. Even amid hacker money-laundering disputes and community backlash, Circle still insists on operating in accordance with the rule of law.
Jeremy Allaire sets Circle’s law-enforcement bottom line
-----------------------------
As the global cryptocurrency market roils, Circle’s CEO Jeremy Allaire, the stablecoin issuer, delivered a clear stance on the most sensitive issue in the market at a press conference in Seoul, South Korea. He pointed out that although Circle has the technical means to freeze specific wallet addresses, unless it receives a court order or a formal instruction from law-enforcement authorities, the company will not take such action on its own.
CryptoCity13h ago
Attacker Exploiting Bridged Polkadot Vulnerability Transfers $269K to Tornado Cash
On April 15, Arkham reported that the attacker who exploited a Bridged Polkadot vulnerability transferred around $269,000 in stolen funds to Tornado Cash, complicating asset tracking.
GateNews13h ago
Bitcoin Developers Propose BIP 361 to Protect Against Quantum Computing Threats
Bitcoin developers have proposed BIP 361 to safeguard the network against quantum computer risks by freezing vulnerable addresses. The proposal includes a phased plan to transition users to quantum-safe wallets, but it has sparked debate on user control and security.
GateNews13h ago
Hackers Exploit Obsidian Plugin to Spread PHANTOMPULSE Trojan with Blockchain C2
Elastic Security Labs revealed that threat actors impersonated venture capital firms on LinkedIn and Telegram to deploy a Windows RAT named PHANTOMPULSE, using Obsidian note vaults for attacks, which Elastic Defend successfully blocked.
GateNews14h ago
