[ARC] Price Manipulation Implications on Aave: October 2022

The recent Mango market exploit has brought to the forefront of the DeFi community the risk of liquidity attacks on lending platforms. Here is a great Twitter thread from @joshua_j_jim showcasing how the user exploited Mango’s low market liquidity to drain $100M from the Mango market. This liquidity attack reaffirms the high risk of oracle pricing manipulation for low liquidity assets.

Gauntlet is continuing to analyze Aave’s V2 assets to measure the future risk of liquidity attacks and will follow up with an analysis of V3 markets. We will assess the risk of a liquidity attack for each asset and the potential impact on Aave’s solvency and will share findings on this thread. Gauntlet may recommend configuration changes to certain assets to reduce risk to the platform.

We welcome further discussions and feedback from the community.


TL;DR - Our analysis shows that an oracle manipulation-based attack analogous to the one that cost Mango Markets $117m is much less likely to occur on Aave V2 ETH due to collateral assets having much deeper liquidity than MNGO and Aave requiring loans to be over-collateralized.

Aave relies on Chainlink Price Feeds to report prices for collateral assets, which should be much more expensive and difficult to manipulate due to the many layers of aggregation logic run by independent parties, each of which is running a different proprietary algorithm observing multiple sources of liquidity. A successful attack would require manipulating the price on multiple liquid venues over an extended period of time. This is a stark contrast to the Mango attack, where price discovery largely occurred on a single illiquid venue, or typical flash-loan attack where the oracle price is instantaneously determined by a single Uniswap v2 style DEX pool.

However, out of an abundance of caution, we wanted to open community discussion on whether the Aave DAO should turn off certain illiquid assets as collateral given the risk/reward tradeoffs and these assets’ usage. Liquidity statistics are provided below.

Rather than delisting these assets entirely, it may cause less user friction by turning off the assets as collateral instead (e.g., changing LTV to 0% and gradually reducing LT).

We are targeting a Snapshot vote for Friday, 10/21/2022 for a temperature check on whether the community would like to turn off the below assets as collateral (and which assets if so).

We welcome thoughts from the community.


Hi @Pauljlei a few questions:

  1. Would changing the various risk params to more conservative values help decrease / eliminate the risk, or is the only option turning off collateral in general?
  2. Do the new risk controls introduced in V3 allow us to better address this risk? If so, changing collateral status could be done post V3 deployment.
  3. Do the figures / recommendation for DPI take into account the ability for it to be arb’d via issuance/redemption?

I would also advocate for continuing to keep BAL as collateral given the strategic relationship between the two DAOs. Balancer is one of Aave DAO’s closest partners, between the use of aBPT for the safety module, the use of bb-a-usd as the revenue token of veBAL, and multiple token swaps and acquisitions. Given the depth of the relationship between the two entities and the DAO’s desire to continue acquiring BAL, continuing to offer BAL as collateral should be strongly considered.


DPI can also fall back on liquidity of underlying constituents via exchange issuance, so +/- depth and volume may overstate susceptibility to manipulation. Top 5 constituents (UNI, AAVE, MKR, SNX, COMP) comprise roughly 80% of the index and generally have decent liquidity. Depending on how chainlink gathers DPI price data, it may be very costly to manipulate the oracle price of DPI due to arbitrage opportunities created with issuance/redemption.

Of note, the largest DPI supplier by a wide margin is currently using it (and aWETH) as collateral to borrow a significant amount of USDT. This may indicate that maintaining collateral usage is worthwhile as it anchors aDPI deposits (enabling others to short DPI) and helps drive utilization and reserve growth of aUSDT market. AAVE | Block Analitica


Thanks for the analysis.

Given the unlikelihood of such an attack in Aave V2 ETH and the community preference of having a brand new V3 market in ETH, I lean towards i) lowering LTV of the assets rather than removing them as collateral, ii) listing them in V3 as isolated so users can migrate there.

Additionally, I wanna echo this state by @oneski22 . 100% agree

I would also advocate for continuing to keep BAL as collateral given the strategic relationship between the two DAOs. Balancer is one of Aave DAO’s closest partners, between the use of aBPT for the safety module, the use of bb-a-usd as the revenue token of veBAL, and multiple token swaps and acquisitions. Given the depth of the relationship between the two entities and the DAO’s desire to continue acquiring BAL, continuing to offer BAL as collateral should be strongly considered.


As another option, you can also set supply caps for the various token. This would mitigate the risk vector, yet cause minimal disruption to the existing markets.

1 Like

idk if you are aware but there could be an issue with REN, see here.

Possible manipulation

1 Like

looking at coingecko, and specifically on REN (REN Price in USD: REN Live Price Chart & News | CoinGecko), the +2% liquidity numbers seems to be fake (ie exchange fake numbers for coingecko).
How did you come up with the $7m liquidity depth? coingecko shows that scam exchanges like Tidex and Dcoin are more liquid than binance and coinbase.


Hi @Pauljlei,

Some additional context, Llama has attained approval from Fireblocks to add DPI to the ARC Liquidity Pool and is currently progressing towards submitting the AIP.

Llama would encourage Gauntlet to revisit the composite oracle feed for DPI. Please note how the underlying asset’s Chainlink oracle must be manipulated in order to affect the DPI’s Chainlink oracle. As @oneski22 mentioned earlier, the Exchange Issuance module offered by Index Coop enables DPI to minted by acquiring the underlying constituents in the right composition. This means DPI’s liquidity is more a function of the liquidity of the constituents rather than the DPI token itself.

Llama would also like to highlight the strategic relationship with the Balancer community and indicate Llama does not support changing the BAL Reserve. Llama is actually looking into optimising this reserve in a similar way to the wMATIC Reserve on Polygon.

When looking at the Chainlink price feed relative to the BAL Uniswap pool, when price spikes it has minimal affect on the oracle. The BAL price is arbitraged against the Balancer liquidity pool. Llama created this chart to show how BAL behaves relative to the Chainlink Oracle feed.

1 Like

I’d like to encourage the community to take this category of risk seriously and consider pausing new supply in potentially manipulable markets. Relevant discussion in the Compound forum linked below.

As Paul states, an attack on an Aave or Compound market would require significantly more capital to manipulate prices on multiple exchanges that are the source for Chainlink price feeds over a period of time. The per asset supply and borrow limits introduced in Aave v3 greatly reduce the risk when used in combination with appropriate max LTV and other parameters.

Pausing supply in Aave v2 and encouraging migration to Aave v3 for these markets seems like a sensible step. Once mainnet Aave v3 launch is complete, I would urge the community to revisit taking this step if it has not already done so prior. It is better to err on the side of caution given the fairly low expected returns from borrows against long tail assets vs the enormity of funds in the Aave v2 market.

On the Compound side, asset supply pause has gone to governance:


Hi everyone -

We at Chaos Labs would like to echo the concerns of @pauljlei and @onetruekirk regarding the seriousness of these potential attack vectors. Over the past few days, we have been running simulations to understand the magnitude of the concern for low liquidity assets on Aave and the potential profit opportunity for a malicious actor.

What we’ve found is that with sufficient capital deployed ($100m+ starting capital), we believe a number of these markets could be a vector for the attack via methods similar to those laid out by Avraham with looped borrowing and illiquid price manipulation on multiple venues. The near-term revenue opportunity does not offset the potential.

As @onetruekirk mentioned, expediting the upgrade to Aave v3 would help mitigate a number of these concerns by utilizing Isolation Mode & Supply/Borrow Caps. Supply Caps, specifically, would put a cap on the ability to “loop” borrowing as described in the attack under consideration. One major question discussed during this analysis is at what threshold of capital deployed for an attack should the community be comfortable when determining Supply Caps and token parameter setting. We do not have a firm opinion here yet and will provide more thoughts as we begin launching parameter recommendation and asset listing tools in the near future.

As v3 launches on Ethereum, we would recommend the community discuss options to incentivize users to shift borrow and liquidity for low-liquidity assets from v2 to v3 as quickly as possible.

Chaos’s thoughts:

  • We would be in favor of turning off REN and ZRX as collateral immediately as we review the other assets and discuss the strategic options (i.e. BAL) with the community
  • Acknowledging the DAO2DAO relationship with BAL, the asset does still pose a risk that should be strongly considered for mitigation via pausing or reduction in LTV
  • We are still working through DPI, but the comments above regarding redemption make sense to leave it as is for the moment
  • In general, we would push for a more conservative stance with target assets as Aave migrates to v3

Thanks for this research, it helps better inform users:

While BAL offers benefits for the security module, it seems best to prioritize security over D2D relationships in this current market.

I acknowledge this could be a haste decision by the community as recent threats and hacks are still fresh, but caution against over-exposing our beloved Aave.

If other risk vendors such as @Pauljlei and Gauntlet agree with this analysis of BAL we would be supportive of updating the parameters for this asset.

1 Like

Although our analysis shows that an oracle manipulation-based attack analogous to the one that cost Mango Markets $117m is much less likely to occur on Aave, out of an abundance of caution, Gauntlet proposes the below parameter changes.


Copyright and related rights waived via CC0.

By approving this proposal, you agree that any services provided by Gauntlet shall be governed by the terms of service available at gauntlet.network/tos. This message is for informational purposes only and does not constitute an offer to sell, a solicitation to buy, or a recommendation for any security, nor does it constitute an offer to provide investment advisory or other services by Gauntlet Networks Inc. No reference to any specific security constitutes a recommendation to buy, sell or hold that security or any other security. Nothing in this report shall be considered a solicitation or offer to buy or sell any security, future, option or other financial instrument or to offer or provide any investment advice or service to any person in any jurisdiction. Nothing contained in this report constitutes investment advice or offers any opinion with respect to the suitability of any security, and the views expressed in this report should not be taken as advice to buy, sell or hold any security. The information in this report should not be relied upon for the purpose of investing. In preparing the information contained in this report, we have not taken into account the investment needs, objectives and financial circumstances of any particular investor. This information has no regard to the specific investment objectives, financial situation and particular needs of any specific recipient of this information and investments discussed may not be suitable for all investors. Any views expressed in this report by us were prepared based upon the information available to us at the time such views were written. Changed or additional information could cause such views to change. All information is subject to possible correction. Information may quickly become unreliable for various reasons, including changes in market conditions or economic circumstances


Quorum has been reached on Proposals 111 and 112.

Any time liquidation thresholds are changed, this may impact a user’s health factor. As of our latest data, these liquidation threshold reductions will lead to around ~$100 paid out in liquidation incentive bonuses.

We are continuing to analyze other assets, but as of now, our recommendations are confined to the assets mentioned above due to the community’s risk preference.


Just noticed that BAL and GHST on polygon are now hovering the 100% borrow cap utilization.
If risk allows, would imo be good to adjust the caps accordingly.


As an update to my previous post:

On polygon:

  • CRV has now reached 100% supply and 100% borrow cap
  • MAI also has 100% borrow cap

Also it’s a bit weird imo that CRV on polygon has a so high tvl compared to mainnet.
75% on polygon vs 55% on mainnet. Wouldn’t it make sense to align them a bit?


To assess risks in the protocol considering levels of partnership is not too professional, nor decentralized, if a hack could have been avoided by doing a better DD

1 Like