During a security review of the Aave protocol, a technical problem has been detected, affecting a small sub-set of assets under specific circumstances and configurations.
In order to be cautious and reduce any type of risk, as technical service providers of the DAO we have recommended to the Aave Guardian to temporarily halt new supplying and borrowing of WMATIC, MATICx and WAVAX, with all other functionality remaining fully operative.
To be clear, no funds are at risk and all other assets and pools are operating as always.
Next steps
We will keep the investigation, and communicate more details to the community in due time.
Yes, any more information about this will be very appreciated. The market is extremely volatile right now and the timing of this decision couldn’t be worse.
Recognize you can’t say precisely, but could the team provide any kind of rough order of magnitude on expected timing here? i.e. Are you anticipating more of a 6 hours or 6 days kind of thing?
The radio silence for almost 24hrs after freezing assets is indicative of liquidity issues…
Please update us when you’re going to unfreeze Matic so we can decide to move out of AAVE ASAP or not.
We are still working on this, and we can’t still estimate a precise timeline for its resolution. Highly probably will require a governance proposal, which would extend the freezing for some days, given the voting duration limitations.
There is no liquidity problem or funds at risk. Withdrawals and repayments on the assets frozen are completely active, together with liquidations. Only “additive” actions like supplying and borrowing them are halted.
Given the isolated nature of the protections, it is possible to use any other asset of each pool to refill collateral in any position, including those with similar denomination as sAVAX and stMATIC.
As always, our priority as service providers of the DAO is to look for the security of the protocol, and we will keep informing the community about any following steps.
We will be creating a governance proposal to apply permanent fix regarding the technical problem detected.
We have asked Certora (security service provider of the Aave DAO) and Avara Labs (development contributor) to review the proposal for extra assurance, and to comment on this threat certifying that no issue has been detected during the review.
Once that review procedure is finished, we will proceed with the proposal creation.
Behalf of Aave Labs, confirming that we have reviewed the technical issue and the proposed BGD fix, and we confirm that the fix addresses the issue completely and precisely, while not impacting any other elements of the Protocol.
On behalf of Certora, i can affirm that we reviewed the proposed solution for the issue and that the implementation indeed resolves the problem with no undesired side effects.
Certora will vote YES on the proposal once voting starts
What happened??? Is this how it works? I didn’t monitor it for 3 days, I don’t follow social media. I left MATICX and MATIC in lending and with a safe margin and I was liquidated, why yes??? Do I always have to be in front of the computer??? Is that what SAFETY is???
