[ARFC] Aave V4 Security Funding

Governance
1

Summary

As outlined in the AL Service Provider Proposal, the security effort for Aave V4 was expected to proceed via a separate proposal. This ARFC asks the DAO to ratify a security budget of up to 1.5M. Aave Labs will pay invoices upfront and later request reimbursement via the Aave Finance function in proof of every invoice.

The scope covers a layered security program coordinated around V4’s feature‑complete codebase, including independent researcher reviews, multiple manual reviews by audit firms, formal verification campaigns, invariant test suite, and a security contest.

Motivation

Aave V4 reached feature complete in July and entered internal review with multitrack security preparations. DAO service providers received early access to the prototype for targeted testing. This budget funds the final phase of external review and hardening ahead of public testnet and mainnet rollout.

Relative to 2021–2022 reviews on V3, market pricing has expectedly risen. However, because V4’s codebase is smaller and more modular, auditor quotes were actually lower than initially expected.

While no code is flawless, the program is designed to materially mitigate risk through layered review, formal methods, and adversarial testing.

Specification

Scope

A layered program designed to strengthen V4 through diverse methodologies and independent perspectives:

  1. Independent Security Researchers

    • Four private reviews, targeted code reviews focused on critical paths, edge cases, and integration surfaces.

    • One public manual review covering the full protocol.

  2. Manual Review (multiple firms)

    • Four end‑to‑end manual reviews covering the full protocol are expected, although more may be needed.

    • Staggered and overlapping schedules to reduce correlated blind spots.

  3. Formal Verification (Certora)

    • Property‑based proofs on core contracts and safety invariants aligned to the V4 feature set.

  4. Invariant Test Suite (audit firm)

    • Design and implementation of a reusable invariant suite, with fuzzing and scenario generators to strengthen continuous testing during maintenance.

  5. Security Contest

    • Community contest on a curated scope to surface adversarial insights and broaden reviewer diversity.

RFQ and Selection Process

  • A two‑round, tight‑scoped RFQ was conducted, receiving 20 total proposals from firms and independent researchers.

  • Round 1 gathered baseline quotes and methodologies; Round 2 focused on cost efficiency.

  • Final selections were made based on experience, methodology, and budget.

Budget and Payment Terms

  • Cap: Up to 1.5M (GHO‑equivalent) for the complete V4 security program described above.

  • Pre‑financing: Aave Labs will pay all invoices upfront. Any unused funds, from the approved cap, that are not invoiced, will be kept by the DAO.

  • Reimbursement: Through the Aave Finance function, against itemized actuals up to the approved cap.

  • Cancellations: Any audit engagement deemed no longer necessary will be cancelled, not submitted for reimbursement and reallocated back to the Aave DAO.

Disclaimers

Aave Labs submits this as a technical service provider. Decisions on funding and deployment rest with the Aave DAO.

Next Steps

  1. Engage with the community and service providers to refine the detailed proposal

  2. If consensus is reached on this ARFC, escalate this proposal to the Snapshot stage

Copyright

Copyright and related rights waived via CC0.

3 Likes