Summary
This post is to provide further details to the community on the recent GHO pausing event which occurred Aug-25-2023 1:37:35 CET. A technical issue was discovered on the GHOVariableDebtToken which led to a series of remediations. To safeguard against potential misuse, the Aave Guardian paused the GHO reserve. Community contributors Aave Companies, BGD Labs and Certora coordinated with governance proposals on a technical upgrade of the GHO VariableDebtToken. No funds were impacted or lost.
Technical issue investigation
According to the investigation, a user could repay their full debt and afterwards be left a ‘dust’ balance (i.e. in technical terms with a non-zero scaled balance of the VariableDebt token even though their borrow state was simultaneously set to false). In this scenario, if a user borrowed again, the borrow state for the user would not be updated to true. This was possibly due to the GHOVariableDebtToken accounting having an incorrect precision. To remedy this, an upgrade was required to prevent possible repeated borrowings of GHO up to the amount of the supplied collateral / LTV permits.
Timeline
| Date / Time | Details |
|---|---|
| August 24th at 16:37 CET | The Aave Companies receives a notification from a user concerning the https://app.aave.com interface (“Interface”) explaining that they were facing an issue to repay a GHO borrowed position from the Interface. |
| August 24th at 17:45 CET | Aave Companies begins investigation into reported bug submission. |
| August 24th 21:30 CET | Aave Companies identifies an issue with the GHO VariableDebtToken contract and begins technical assessment and risk analysis. |
| August 24th 23.21 CET | Aave Companies contacts DAO service providers BGD Labs to confirm the assessment. |
| August 24th 23:26 CET | DAO Service provider BGD Labs validates the issue and Aave Guardian is contacted. |
| August 25 1:37:35 CET | Aave Guardian initiates first-protection remediation by pausing the GHO reserve. |
| August 25 3:53 CET | AIP 307 Proposal created to unpause GHO and instead, freeze the reserve. |
| August 25 10:54 CET | Security service provider Certora contacted by Aave Companies and BGD Labs and disclosed technical issue details. |
| August 25 - August 27 | Aave Companies in collaboration with BGD Labs and Certora continue with security procedures and develop a fix for GhoVariableDebtToken contract. |
| 27 Aug 2023, 22:03 CET | AIP 308 is created for resolution of the identified technical issue in the GHO integration with the Aave V3 Ethereum Pool. |
| August 29 23:46 CET | AIP 307 Executed and GHO reserve changed from paused to freeze. |
| September 1, 2023 CET | AIP 308 is Executed and the investigation is remediated. |
Consequences and current state
The pausing and subsequent freezing of the GHO reserve had no impact on users, and no position(s) created bad debt.
AIP 308 was successfully Executed on September 1, 2023, and the investigation has been remediated. GHO now has a borrow cap of 35 million and the GHOVariableDebtToken has been upgraded. Additionally, moving forward, the Aave Guardian has been granted the ability to freeze the GHO reserve.
We would like to thank the community, BGD Labs and Certora for their efforts to resolve this issue quickly. A bounty will be proposed to the DAO for the community member who reported the issue on the Interface.