[ARFC] AaveShield — Modular Security Framework for Aave V4

Governance
1

[ARFC] AaveShield — Modular Security Framework for Aave V4 Hub & Spoke Architecture

Author

Kristiyan Petrov (@zontak)

Date

April 14, 2026

Summary

AaveShield is a modular, open-source security framework that wraps Aave V4’s Position Manager layer with 8 composable security modules — protecting against 39 identified security gaps across the Hub, Spoke, and Position Manager layers.

The framework is fully implemented, deployed on Sepolia, and verified on Etherscan. All 296 unit/integration tests pass. This ARFC requests community feedback on integrating AaveShield into Aave V4’s security infrastructure, with a Phase 1 grant of $50,000–$75,000.

Motivation

The Security Gap

Aave V4 launched on Ethereum mainnet on March 30, 2026, introducing the Hub & Spoke architecture — the most significant architectural change in Aave’s history. BGD Labs ceased all contributions on April 1, 2026, with their security retainer expiring June 1, 2026.

Our independent security analysis identified 39 specific vulnerabilities across three layers:

Severity Count Examples
CRITICAL 7 Premium delta manipulation, deficit reporting without proof, oracle staleness, dust liquidation exploit, cross-hub desync, cross-chain signature replay, missing PM identity validation
HIGH 12 Halted spoke premium changes, interest rate reentrancy, unlimited reinvestment sweep, flash loan position manipulation, multicall non-atomicity
MEDIUM 16 Fee receiver deadlock, config staleness, liquidation bonus gaming, decimal mismatch, share dilution
LOW 4 Nonce collision, ETH trap, unlimited approvals

Key Risks Without Mitigation

  • Premium manipulation — Spokes report arbitrary premium deltas to the Hub. Crafted offsets can permanently brick assets via .toUint256() overflow.
  • Zero-validation deficit reportsreportDeficit() accepts bad debt claims without proof. Pure accounting entry, no funds required.
  • No oracle safety netgetReservePrice() only checks price > 0. No staleness, deviation detection, or fallback.
  • Flash loan attacks unblocked — Unlike V2/V3, V4 has no mechanism preventing flash-loan-powered position manipulation within a single transaction.
  • Cross-hub desync — Reserves using different Hubs have no atomic cross-hub health factor verification.

Specification

Architecture

User --> AaveShieldRouter (Position Manager wrapper)
           |-- Collect protocol fee (configurable BPS)
           |-- delegatecall --> Module.onBeforeOperation() [each enabled module]
           |     \-- returns guardFee (punitive fee if threat detected)
           |-- call --> Spoke.supply/borrow/withdraw/repay
           |-- delegatecall --> Module.onAfterOperation() [each enabled module]
           \-- Split fees: protocolShare --> treasury, remainder --> Aave reserves

Users opt in by approving AaveShieldRouter as their Position Manager. Modules execute via delegatecall in the router’s storage context using ERC-7201 namespaced storage for isolation. EIP-1153 transient storage provides gas-efficient pre/post-operation snapshots (100 gas vs 20,000 SSTORE).

8 Security Modules

# Module Gaps Covered Key Protections
1 HubInvariantModule 8 (2 CRITICAL) Liquidity conservation, share consistency, deficit bounds, premium integrity, cap enforcement
2 OracleValidatorModule 2 (1 CRITICAL) Price staleness, EMA deviation, intra-block manipulation detection
3 LiquidationGuardModule 3 (1 CRITICAL) Dust attack prevention, sandwich detection, self-liquidation, post-HF verification
4 FlashLoanShieldModule 2 (2 HIGH) 6 flash loan attack patterns, per-block activity tracking
5 UtilizationBreakerModule 2 (1 HIGH) Soft/hard circuit breakers, sweep rate limiting, velocity tracking
6 PositionGuardModule 5 (1 CRITICAL) Cross-hub validation, reentrancy snapshots, whale rate limits
7 PremiumValidatorModule 8 (1 CRITICAL) Independent premium recalc, halted spoke blocking, deficit fraud detection
8 IntentValidatorModule 8 (2 CRITICAL) Cross-chain replay prevention, atomic multicall, approval verification

Total coverage: 39/39 gaps addressed — all 7 CRITICAL, all 12 HIGH, all 16 MEDIUM.

Response Modes

Each module supports two response modes per spoke:

  • Soft mode (default): Charges a punitive fee proportional to threat severity. Attack becomes economically irrational while legitimate transactions proceed.
  • Hard mode: Reverts the transaction entirely. Used for critical attack patterns where any execution is unacceptable.

Access Control (Two-Tier)

Role Controls
Owner Protocol fees, treasury, module registry, spoke admin permissions, emergency pause
Spoke Admin Module selection, threshold tuning, hard/soft mode toggle (within owner-granted permissions)

All parameters are runtime-configurable — no redeployment required for fees, thresholds, permissions, or module implementations.

Revenue Model

  1. Protocol Fee — Configurable BPS on every operation (default: 5 BPS = 0.05%)
  2. Punitive Fee Share — When modules detect threats, configurable share goes to protocol treasury (default: 50%)
  3. Service Provider — Ongoing maintenance, monitoring, and incident response

Evidence of Work

GitHub Repository

  • 8 fully implemented security modules
  • AaveShieldRouter with delegatecall dispatch, fee engine, two-tier access control
  • 296 passing tests (unit, integration, invariant)
  • 95–100% line coverage across all modules
  • Full deployment and configuration scripts
  • MIT licensed

Sepolia Testnet Deployment (Verified on Etherscan)

All contracts deployed, registered, configured, and verified:

Contract Address Etherscan
AaveShieldRouter 0xE6b5B72d8909141b187bd71d2EBe2509a45C1d2f View
HubInvariantModule 0xB799601C457fbE8C9A6D652C65e3ac6947EE72d8 View
OracleValidatorModule 0x81695365d5ccdE878B8E024525910f286c236270 View
LiquidationGuardModule 0x664AE1aF620c61Dec7Ec0b881afA47Bb169C3f15 View
FlashLoanShieldModule 0x9ebE9389625eDeBC3B6987F79A02e28dBF2EB7E4 View
UtilizationBreakerModule 0x361f7b0aA62c608579B6FfbB05c728ed1048b7F6 View
PositionGuardModule 0xf8d9C1752f8584de4aB5BdFCE62e7833179D0af6 View
PremiumValidatorModule 0x6B595526a669F54EB59998F69072299B110f30c6 View
IntentValidatorModule 0x9F358e0dac6535980dC7950c3e48853372dF3403 View

Additionally deployed: MockHub, MockSpoke, MockOracle for end-to-end demonstration.

Mainnet Fork Validation

13 integration tests run against live Aave V4 mainnet state (Core Hub 0xCca852..., Main Spoke 0x94e7A5...), confirming:

  • Modules read real Hub asset state (liquidity, deficit, shares)
  • Modules read real Spoke reserve configurations
  • Modules read real oracle prices
  • All 8 modules configure correctly against real V4 addresses
  • Gas overhead within acceptable bounds

Test Coverage

Component Line Coverage
AaveShieldRouter 97.35%
AaveShieldMath 100%
HubInvariantModule 95%+
OracleValidatorModule 95%+
LiquidationGuardModule 95%+
FlashLoanShieldModule 95%+
UtilizationBreakerModule 95%+
PositionGuardModule 95%+
PremiumValidatorModule 95%+
IntentValidatorModule 95%+

Team

We built ShieldPad — the first modular security framework for Uniswap V4 hooks:

  • 5 security modules (anti-rug, MEV protection, oracle validation, volume guards, vesting unlock protection)
  • 143+ unit tests, ~90% line coverage
  • Same architecture: delegatecall composition, ERC-7201 namespaced storage, soft/hard modes
  • Deployed on Arbitrum One

AaveShield directly adapts ShieldPad’s proven architecture for Aave V4’s lending-specific attack surface, scaling from 5 modules / 15 attack vectors to 8 modules / 39 attack vectors.

Budget

Phase 1 — $50,000–$75,000

Already delivered:

  • All 8 modules implemented and tested
  • Sepolia deployment with Etherscan verification
  • 296 passing tests, 95%+ coverage
  • Full documentation

Remaining Phase 1 work:

  • Professional security audit (coordinated with Aave security)
  • Mainnet deployment preparation
  • Gas optimization pass
  • Community feedback integration

Phase 2 — Service Provider ($300,000–$500,000/year)

  • Module updates for new Spoke types and Hub upgrades
  • Real-time monitoring dashboard
  • Incident response support
  • Security advisory for governance proposals
  • Expansion to new chain deployments (Base, Arbitrum, etc.)

Budget Context

Reference Amount
AaveShield Phase 1 ask $50K–$75K
BGD Labs annual retainer Multi-million (expired)
Aave Labs recent funding $25M
V4 Sherlock audit contest $365K
V4 Sherlock bug bounty $1.5M ongoing
Protocol annual revenue $140M+

AaveShield’s ask is a fraction of the protocol’s security budget and fills the critical infrastructure gap left by BGD Labs’ departure.

Timeline

Phase Status Timeline
Security Analysis (39 gaps) Complete
8 Module Implementation Complete
296 Test Suite Complete
Sepolia Deployment Complete
Etherscan Verification Complete
Mainnet Fork Validation Complete
Community Review (this ARFC) Current April 2026
Professional Audit Pending May 2026
Mainnet Deployment Pending June 2026
Service Provider Proposal Future Q3 2026

How This Aligns with Aave

  1. Security first — 39 gaps identified and mitigated before any exploit occurs
  2. Non-invasive — Position Manager wrapper, no changes to Aave V4 core contracts
  3. Opt-in — Users choose to route through AaveShield; no governance action required for integration
  4. Open source — MIT licensed, fully auditable by community
  5. Revenue-aligned — Punitive fees make attacks economically irrational while funding ongoing security
  6. BGD replacement — Fills the security tooling gap with working code, not just proposals

Links

Copyright

Copyright and related rights waived via CC0.