• Aave purchased 2.7 million Curve (CRV) tokens in order to clear excessive remaining bad debt following a failed short attack orchestrated by DeFi exploiter Avraham Eisenberg.
• The bad debt was caused by a sophisticated exploit that happened on November 23rd, resulting in a loss of $10 million by Eisenberg.
• Aave Improvement Protocol (AIP) 144 was approved by the community in order to deploy a swap contract and acquire the necessary CRV tokens.
Aave, the decentralized finance (DeFi) lending protocol, recently purchased 2.7 million Curve (CRV) tokens to clear excessive remaining bad debt from a failed short attack. The attack was orchestrated by DeFi exploiter Avraham Eisenberg on November 23rd, resulting in a loss of $10 million for the attacker. The bad debt was then left on the Aave protocol, and so in order to clear it, the community approved the Aave Improvement Protocol (AIP) 144. This protocol deployed a swap contract which acquired 2.7 million units of CRV, with a spend limit of $3,105,000 and a maximum unit value of $1.15 per CRV.
The attack happened when Eisenberg took on a series of heavy volume short CRV positions on Aave in an attempt to orchestrate a short squeeze and force developers to buyback his positions at upward of 100% slippage due to lack of liquidity. However, because Aave had much more liquidity than anticipated, the attack was unsuccessful, and Eisenberg ended up losing $10 million in the process. As a result of the incident, Aave was left with a total of 2.656 million CRV in bad debt and so the AIP 144 was implemented in order to clear it.
The AIP 144 successfully acquired the necessary tokens and the bad debt will be cleared within the next 15 hours in a series of over a dozen transactions. This move shows the resilience of the Aave protocol and its ability to react quickly to threats and protect itself from malicious actors. It is also a reminder to other protocols to be prepared for potential exploits and to have the necessary measures in place to protect against them.