As an update on the incident:
-
Since our first communication on Saturday, we have been focusing our effort on re-evaluating everything surrounding the vulnerability reported. Protection of the protocol and reducing users’ impact are the highest priorities for us, as service providers to the Aave DAO.
-
In addition to the measures taken on Saturday, after further research and for caution, we have advised the Aave Guardian to escalate protections on the previously only frozen assets: now the following assets are paused too:
- Aave v3 Polygon: USDT, USDC, DAI, EURS.
- Aave v3 Optimism: USDT, USDC, DAI.
- Aave v3 Arbitrum: USDT, USDC, DAI, EURS.
-
In parallel, we have designed a new mechanism to be introduced on all networks where protections have been activated: the Liquidations Grace Sentinel.
Whenever an asset is paused, no action can be done on it by design of the Aave protocol, including liquidations. Once the asset gets unpaused, all actions will be available again, which means that positions that couldn’t be refilled or repaid before, would be under immediate liquidation conditions. The Liquidations Grace Sentinel is a type of emergency oracle (Aave Guardian controlled) that allows to activate a “liquidations grace period” for any asset listed in a pool.
Whenever this grace period is on, even with the asset unpaused, liquidations involving it will not be allowed.
In the current Aave v2 Ethereum paused scenario, the idea will be that, if the market becomes really volatile affecting Aave positions, the risk providers of the community (@Gauntlet, @ChaosLabs) will be able to define a grace period of for example 1-3h after the unpause, on which people will be able to refill/repay their positions and avoid liquidation.
To be clear, pausing is part of the design of a system like Aave with its risks/advantages, but we believe this gives immediate value and doesn’t compromise decentralization, as it is in practice a more granular way of pausing/unpausing. -
Additionally, as permanent remediation and protection, we are submitting a governance proposal to upgrade the Stable Debt Tokens across all Aave instances where stable rate is active.
This will have the effect that no more stable debt can be minted in the future, which we think is the safest direction and aligned with the community strategy (no stable debt has been enabled in v3 instances for some time).
To answer some concerns raised in this thread: current stable rate positions will not be affected. However, we also think that in the future, the DAO should consider migration of user positions from stable to variable, as if not, there is important inconsistency and asymmetry.
IMPORTANT. The moment of this governance proposal execution will mark when assets can be unpaused. -
For the previous 2 measures, we have involved both an extra reviewer (@AaveLabs ) and a security service provider of the DAO (Certora), to have maximum security assurances, in addition to rigorous internal testing from BGD.
-
For a matter of good DeFi community ethos, we have checked all Aave forks (v2/v3) and advised protection measures for all those exposed to the vulnerability. Even if we don’t have any responsibility to them (we are not providing services), we think the Aave community should show good values, as leaders in the space.
We will keep informing the community as frequently as possible.