Greetings, Aave community!
Aave Labs has continued to make steady progress on multiple protocol endeavors in line with its service provider scope, with Aave V4 development as the primary focus.
The below summary highlights developments in the Aave Protocol and reflects Aave Labs’ transparent and collaborative approach of building in public, welcoming community feedback, and fostering auditability through open-source principles.
January update:
-
Progressed Aave V4 hardening towards the v0.5.7 and v5.0.8 milestones, improving integration readiness through security-driven refactors and operational refinements.
-
Advanced new Aave V4 components, including the Tokenization Spoke and Position Managers, bringing additional integration primitives closer to audit readiness.
-
Continued Aave Pro and SDK workstreams, shipping token-to-token swaps, progressing position swaps, and publishing updated React integration documentation for integrators.
-
Progressed the GHO integration for Aave V3 on Aptos through testnet deployment and iterative testing, while continuing to support ongoing integrations.
Aave V4 Updates
Aave V4 work this month progressed towards the v0.5.7 and v5.0.8 milestones, with a focus on hardening and integration readiness. This included documentation updates to reflect the latest changes, reentrancy locks, multiple interface and struct adjustments across the codebase, and a set of improvements that help integrations and day‑to‑day ergonomics.
We also completed implementation of the TokenizationSpoke and Position Managers, two key components of v0.5.8. TokenizationSpoke is an ERC‑4626 compatible spoke that supports tokenized, vault‑style integration patterns on top of the Hub. Position Managers introduce permissioned execution primitives to support delegated and “on behalf” position management flows commonly used by integrations and automation.
We are finalizing the security process and reports are soon to be public. We also concluded the Sherlock security contest phase. Currently, we are awaiting the final consolidated report, including any gas optimization recommendations; preliminary triage to date has not identified valid security findings. As noted by the Sherlock team during the contest, one contributing factor to the lack of validated findings so far is that the codebase is intentionally designed with security-first primitives and a robust architecture. In addition, we are planning a final audit round with a reduced set of teams already familiar with the codebase, targeting a concentrated review window.
Hub and Spokes configuration is progressing in parallel as a dedicated workstream, with input from multiple Service Providers, including risk managers. Aave Labs is meeting regularly with @LlamaRisk, @ChaosLabs, and @TokenLogic to align on the initial configuration set targeted for the Aave V4 launch.
Finally, code licensing remains an active workstream as we evaluate options that balance resilience of the system with clear, workable terms for ecosystem contributors and integrators. The intent is to publish the final licensing and contributor terms alongside the production release and the codebase migration to the DAO owned repository, after internal review and alignment with the DAO.
What else are we working on?
Aave V3 on Aptos
Work on the GHO integration for Aave V3 on Aptos is now feature-complete. A testnet deployment is live and the integration is progressing through iterative testing rounds. Once outstanding external dependencies are resolved, the team will proceed to final validation and release preparation ahead of a mainnet deployment.
Interface
Aave Pro (Aave V4 Interface)
Work on Aave Pro this month concentrated on streamlining core flows and aligning the experience with integrator expectations for Aave V4. Alongside continued refinement of the supply path and ongoing separation of Supply and Borrow experiences, we shipped token-to-token swaps and progressed implementation of position swaps. We also iterated on Hub selection, expanded visualization components to better communicate position outcomes during creation and management, and continued UX improvements and design polish across key screens. In parallel, we consolidated documentation updates required by recent protocol iterations, rolling v0.5.6 and v0.5.7 changes into a single refreshed pass.
Aave Software Development Kit (SDK)
SDK work this month focused on improving integrator readiness for Aave V4 and supporting the Aave Pro rollout. We published comprehensive React integration documentation and refreshed guidance for new hooks and observables, including advanced examples covering network fee calculations.
We also aligned the SDK surface with recent protocol iterations by updating the Asset and UserPosition struct definitions, and addressed outstanding security warnings in the SDK v3 address module across multiple PRs. In parallel, we completed backend indexing work and performance optimizations, leaving the SDK in a stronger position to support the Aave Pro launch.
Ongoing Integrations
Integration efforts this month centered on reinforcing existing deployments and evolving the incentives stack that supports them. Working with @ACI and @TokenLogic, we delivered bug fixes, incremental feature improvements, and UX refinements in support of current growth initiatives. We also updated aOP as the rewarded token on Celo’s Masiv campaign.
What’s coming next?
Our main focus for the coming month will be
-
Concluding the final phases of the Aave V4 security effort by consolidating audit and contest outputs, publishing reports, and executing the final audits round.
-
Finalizing Hub and Spokes configuration setup along with DAO risk managers.
-
Progressing Aave Pro and the SDK toward broader integrator readiness and documentation updates.
-
Moving forward the Aave V3 on Aptos GHO integration towards final validation and release.
Stay tuned for next month’s update.
Aave Labs