top of page
Search

The Agony of AAVE - How to lose US $50M with one click...

  • Writer: Michael Bacina
    Michael Bacina
  • 4h
  • 4 min read

AAVE is a large player in the crypto DeFi space, enabling lending, borrowing and swapping of crypto tokens, usually on Ethereum. It has become well known for a liquidity pool model and enabling flash loans (which enable a borrower to borrow and repay crypto within the same transaction).


Users can access the Aave protocol either through direct smart contract interactions or through open source front ends, the most popular of which is operated by Aave Labs.


This week, an as-yet unidentified user entered a trade on AAVE's front end using their mobile phone. The user sought to swap US$50M of USDT for AAVE tokens. This is a pretty large trade and definitely a very large trade to be done from a mobile phone.


The user was provided a warning that the trade could lead to unexpected pricing on the tokens but clicked through to confirm the swap anyway. They received $36K worth of AAVE Tokens in return for their US$50M...



Stani, Founder and CEO of AAVE labs, said in an X post:

the Aave interface, like most trading interfaces, warned the user ... and required confirmation via a checkbox. The user confirmed the warning on their mobile device and proceeded with the swap, accepting the high slippage, which ultimately resulted in receiving only 324 AAVE in return [worth $36,297].
The transaction could not be moved forward without the user explicitly accepting the risk through the confirmation checkbox.
Events like this do occur in DeFi, but the scale of this transaction was significantly larger than what is typically seen in the space.

Stani noted that AAVE Labs would return the $600,000 in fees AAVE received from the trade if they can identify the person involved. CoW DAO, the DAO which operates CoW Protocol, which is a decentralised aggregator that routes transactions to find liquidity for trades, said:

No DEX, DEX aggregator, public liquidity pool, or private liquidity pool (or combination thereof) would have been able to fill this trade at anywhere near a reasonable price.

and confirmed that:

The transaction executed according to the parameters of the signed order.

They took the position that CoW Protocol would not build guardrails or limits on user trades as:

Preventing users from making trades removes choice and can lead to terrible outcomes in some situations (e.g. a market crash).

CoW DAO accepted that "DeFi UX still isn't where it needs to be" and confirmed that they would refund any fees from the transaction which were received by CoW DAO.


Some users on X are suspicious of the whole transaction, with @Zacodil asserting that it was likely money laundering. Many were questioning how this could possibly happen in a front end given the wildly unreasonable price, which can be seen as having been inserted into the rate of the swap that the user confirmed.


So where did the $50M go? The way AAVE works, every swap is sent through CoW Protocol. CoW Protocol has a network of 'solvers' who are responsible for finding the best execution path for a trade, with the transaction settling in one transaction, instead of a series of transactions. This can protect users from Maximum Extractable Value (MEV) attacks, where someone sees an order and pays higher fees to front run that order. But what exactly happened here:-


  1. The wallet routed 50.43M USDT, which had been received from Binance 20 days earlier, into AAVE Cow Protocol / CowSwap.

  2. The 'solver' swapped USDT for 17,958 WETH, losing $13.6M due to slippage).

  3. The WETH was then routed into a small SushiSwap AAVE/WETH pool, which delivered only 331 AAVE (worth $36K) in return to the user.


Put more simply, an automated MEV bot borrowed $29M of WETH with a flash loan from Morpho Protocol and paid priority fees (known as tipping) to minors to the tune of $20M to have the transaction included in a block, leaving the bot with a $9M profit and minors with $20M of tips.


An interesting analysis has been posed by @Ehsan1579 which suggests something more serious may have occurred:

Aave’s CoW adapter quote path did not include the flash-loan and hook metadata that actually defines execution. The UI emphasized an optimistic receive amount.

The author here suggests that the solver deliberately chose a small liquidity pool which could not handle the order size, while ignoring a deep liquidity pool which could have provided the correct amount of AAVE to the user. The suggestion is that AAVE's use of CoW Protocol enabled one of the 'solvers' to then deliberately choose a routing which they could take advantage of, and the user was not aware of this in the UX:

The user is looking at a quote produced in one context. The system later posts an order in a different context entirely.

The analysis here was that once the user had selected a minimum floor number of AAVE (here 324 AAVE) then any solver in CoW Protocol could 'solve' the transaction to complete the order (which does not have to be the best solution or best price).


This transaction raises a raft of possible legal issues, which we will explore in a bit more detail in a subsequent post.


By Michael Bacina








© Michael Bacina and Steven Pettigrove. All rights reserved

  • White LinkedIn Icon
bottom of page