Aave Protocol Loses $26.4 Million in 15 Minutes: How an Oracle Glitch Triggered a Cascade of Liquidations

Aave v3 protocol experienced a significant incident due to an oracle misconfiguration, leading its automated smart contracts to incorrectly identify thousands of wstETH positions as undercollateralized. This triggered a massive liquidation event, resulting in $26.4 million in user funds being forcibly closed within just 15 minutes. These users, who initially had sufficient collateral ratios, were subjected to low-price disposals during abnormal market volatility due to false price signals, and the system lacked any buffer for manual intervention.

This event highlights the double-edged sword nature of automated mechanisms in decentralized finance: while high-speed liquidations can help maintain protocol security under genuine market pressure, the same efficiency can become a risk amplifier when data sources are flawed. Fortunately, the Aave governance team quickly activated the "Emergency Guardian" mechanism, freezing the affected wstETH market and preventing further losses.

Within hours of the incident, the Aave DAO urgently pushed through a compensation plan, proposing to fully reimburse affected users for their liquidated principal through the protocol's built-in "Safety Module" insurance fund, and additionally compensate for Gas fees incurred due to the liquidations. This coverage far exceeds the response level of most DeFi News protocols in similar events. The market reacted positively, with the AAVE token price quickly stabilizing after a brief 2.4% dip, reflecting investors' high confidence in the protocol's governance capabilities. Technically, Aave is gradually transitioning from a single oracle source to a multi-source verification architecture composed of Chainlink and RedStone. The new system requires at least two independent data sources to reach a price consensus before liquidation operations can be executed, fundamentally avoiding the possibility of systemic risk caused by single points of failure. The essence of this event is not a failure of Aave's system design, but rather the exposure of a structural reliance on single price sources within DeFi News infrastructure. Even if the protocol's liquidation mechanism, governance response, and insurance mechanism are functioning well, the entire security system can still collapse instantly if the underlying data input is distorted. This serves as a warning to all DeFi News protocols that rely on off-chain data: true robustness lies not only in response speed, but also in the redundant design of prevention mechanisms.