A critical Aave wstETH glitch within Aave’s Correlated Asset Price Oracle (CAPO) system on March 10, 2026, led to approximately $26 million to $27 million in “unfair” liquidations of wrapped staked Ether (wstETH) positions across 34 accounts on its Ethereum Core and Prime instances.
The issue stemmed from a misconfiguration in Aave’s internal CAPO risk oracle, a safety mechanism designed to limit rapid price increases of yield-bearing tokens like wstETH. The core problem was a mismatch between stale parameters stored in a smart contract, specifically an outdated exchange rate reference and its associated timestamp. This inconsistency caused the CAPO system to temporarily calculate a maximum allowed exchange rate for wstETH that was about 2.85% lower than its actual market value.
This artificial undervaluation pushed some borrowing positions, particularly those in “E-Mode” with high leverage, below their safety thresholds, triggering automatic liquidations. While the underlying market oracle itself reported correct market values, the CAPO’s misconfiguration led to the erroneous liquidations.
Understanding the Oracle Misconfiguration
Approximately 34 accounts were impacted by the Aave wstETH glitch, resulting in the liquidation of roughly 10,938 wstETH. Liquidators, which are automated bots or traders, profited from this discrepancy, earning around 499 ETH in liquidation bonuses and profits.
Chaos Labs, Aave’s primary risk management provider, explained that an off-chain process oversight failed to account for an on-chain constraint. The snapshot ratio, a parameter used by the oracle, could only be increased by 3% every three days due to an on-chain rule. However, the off-chain logic intended to update the snapshot ratio to a value corresponding to the exchange rate seven days prior, which was a larger increase than the on-chain constraint allowed in a single update. This created the mismatch, causing the oracle to report an incorrect, capped exchange rate.
“The incident did not create any bad debt for the Aave protocol itself, but highlighted a critical configuration oversight.”
Aave’s Swift Response and Compensation Plan
Aave founder and CEO Stani Kulechov confirmed that the incident did not create any “bad debt” for the Aave protocol itself. Chaos Labs quickly intervened by temporarily reducing wstETH borrow caps and manually aligning the snapshot parameters to restore the correct oracle value. This rapid response was crucial in mitigating further impact from the Aave wstETH glitch.
A comprehensive compensation plan is underway for affected users. Aave recaptured 141.5 ETH in liquidation bonus revenue through BuilderNet refunds and an additional 13 ETH in liquidation fees, which will be used for partial compensation. Any remaining losses for affected users, capped at 345 ETH, are expected to be covered by the Aave DAO treasury. Chaos Labs founder, Omer Goldberg, stated that all affected users would be fully reimbursed for their losses from the Aave wstETH glitch.
Broader Implications for DeFi Oracles
This incident underscores the inherent complexities and potential vulnerabilities within DeFi protocols, particularly concerning oracle reliability. While Aave demonstrated a robust response and commitment to user compensation, the event serves as a stark reminder for the broader crypto ecosystem to continually audit and refine critical infrastructure like price oracles. Ensuring the synchronicity between on-chain constraints and off-chain logic is paramount for maintaining system integrity and user trust in related Crypto news.




