On March 12th, a significant trading error occurred in the decentralized finance (DeFi News) space, resulting in a loss of nearly $50 million for one cryptocurrency user. The incident stemmed from the user overlooking a critical slippage warning while conducting a transaction on a mobile device. Specifically, the user attempted to exchange approximately $50.43 million worth of aEthUSDT tokens for aEthAAVE via the CoW Protocol but ultimately received only 327.24 aEthAAVE, valued at around $36,000. This event highlights the severe consequences that can arise from ignoring risk warnings in seemingly ordinary asset transactions.
Who Profited from the Trade?
Other participants in the Ethereum network quickly seized the opportunity to profit from the erroneous transaction. Emmet Gallic of Arkham Intelligence noted that a maximum extractable value (MEV) bot exploited arbitrage opportunities between Uniswap and SushiSwap pools, generating substantial gains. The bot transferred approximately $34.8 million to Titan Builder for block processing, which in turn allocated around $1.2 million to Lido validators, retaining the majority. Furthermore, the bot realized nearly $10 million in profit from this single transaction.
Aave and CoW Swap's Warning Prompts
In the aftermath, both Aave and CoW Swap reiterated that the system clearly displayed slippage warnings, requiring manual user approval to proceed with the transaction. Aave founder Stani Kulechov emphasized that the user actively ignored the warnings and confirmed the associated risks via their mobile device.
CoW Protocol also stated that there was no malfunction or malicious activity involved, and the transaction was executed exactly as specified in the user's submitted order: "There was no bug, and there was no malice. The program executed in the manner specified by the submitted order."
Nevertheless, Aave and CoW Swap have committed to refunding approximately $600,000 in fees to the user and have guaranteed that any additional fees generated by the CoW platform will also be reimbursed.
Challenges to DeFi News User Safety?
This incident has once again sparked discussions about user safety in DeFi News transactions. Polymarket CTO Suhail Kakar pointed out that the root cause lies in the inadequacy of the user interface (UI), rather than the failure of smart contracts. He emphasized the need to improve alert mechanisms to better highlight potential losses and to implement stricter controls for high-value transactions, while also calling for improvements in wallet design. Aave and CoW have also pledged to enhance security protection features. CoW explained the need to strike a balance between allowing user autonomy and ensuring security: "Restricting transactions can sometimes lead to unintended consequences. This event shows that our interface needs to better protect user safety while maintaining design freedom."
The lessons learned from this event may prompt the emergence of more robust security features in the DeFi News space, aimed at protecting users' interests in the growing DeFi News landscape.