The DeFi protocol AAVE experienced a temporary issue with its oracle system on Ethereum Core and Prime deployments on March 10th, resulting in the incorrect liquidation of approximately $26 million worth of wstETH positions.
The decentralized lending protocol AAVE experienced a critical technical issue on March 10th across two Ethereum Core and Prime implementations, when the oracle system incorrectly reported the wstETH exchange rate, triggering a wave of unwarranted liquidations. The event highlighted a systemic blind spot in DeFi architecture: the gap between Off-Chain processing logic and on- chain coded constraints.
According to a post-incident analysis report by Chaos Labs, AAVE's primary risk management unit, the cause lies in the Correlated Asset Price Oracle (CAPO) mechanism—a protection layer designed to prevent sudden price fluctuations. Specifically, the Off-Chain process determined that the Snapshot rate needed to be updated to approximately 1.2282 to reflect the actual exchange rate.
However, an on- chain constraint limiting the maximum increase to 3% every 3 days makes a direct update to that value in a single go impossible. This mismatch between the Snapshot rate and the Snapshot timestamp thus creates a discrepancy of approximately 2.85%, causing the oracle to report an effective rate of 1.1939 instead of the actual market rate of around 1.228.
34 accounts were affected, and a compensation plan is being developed using funds from the DAO.
The direct consequence was that approximately 10,938 wstETH in E-Mode were wrongly liquidated, affecting 34 accounts with an estimated total value of $26 million. Third-party liquidators profited approximately 499 ETH from the incident. The only positive aspect is that AAVE did not incur any bad debt from this event.
Chaos Labs stated that it intervened urgently by temporarily reducing the borrowing limit for wstETH and manually adjusting Snapshot parameters to restore the correct oracle exchange rate. A compensation plan is underway, using 141.5 ETH recovered from the incident combined with up to 345 ETH from the DAO treasury to reimburse affected users.
Chaos Labs emphasizes that the incident does not reflect a flaw in the core design of CAPO or the Off-Chain risk oracle system, but rather stems from a configuration mismatch where the two layers of systems operate under different update constraints. This distinction is technically important, but from a risk management perspective, that boundary is not very meaningful for users who lose money due to unintended liquidation.
The incident raises questions about a common design flaw in DeFi: complex oracle systems often comprise multiple layers of logic with varying update speeds and constraints, and asymmetry between those layers can create dangerous intermediate states that no single layer alone considers faulty. With AAVE 's total assets locked currently in the tens of billions of dollars, this is a technical problem that needs to be thoroughly addressed before DeFi can move toward serving a larger institutional market.
