𧡠Thread
Crypto Twitter has been ablaze with discussion of a potential attack, or "profitable trading strategy" on @aaveaave by @avi_eisen.
This kind of exploit could threaten not just Aave but lending protocols in general.
Hereβs how it could have worked, step by step π
$100 million $USDC is deposited on Aave using Account A.
Account A then borrows the entire liquid supply of $REN ($3 million), sending this to Account B.
Account B then deposits this back on Aave.
Meaning?
Aave now has $3 million of liquid $REN available for borrowing, again.
Aave cannot verify whether the deposited $REN is new, or just comes from its own platform.
Each time Account B deposits $3m $REN, Account A can borrow it, over and over.
This builds up two massive long/short positions on a relatively illiquid token.
See where this is going?
On Aave, $USDC has an LTV (Loan-to-Value) ratio of 87%.
This means that Account A, after depositing $100m of $USDC, can borrow up to $87 million of any liquid token on Aave.
But by depositing the borrowed $REN... wouldn't this strategy trade against itself?
Yes and No.
There are two accounts with huge long/short positions.
These positions are large enough that the price of $REN needs to move only around 5% to the upside, in order to trigger a massive liquidation.
The moment that the price of $REN moves notably in one direction, Aave will attempt to auction off the collateral to liquidation bots.
When that happens, Aave will try to sell $100 million of $USDC for $85 million of $REN.
Where can the liquidators find $85 million worth of $REN?
The short answer is, they can't.
That is around 70% of the current circulating supply.
Eisenberg puts it a little more explicitly: "once sellers run out of coins - price goes vertical".
twitter.com/avi_eisen/status/1582791152826462208?s=20&t=_1QL4rO0OfI0aRUDDuhWmw
In addition to this, Eisenberg suggests that with another $50 million USD, a fund could significantly affect the market price of $REN.
Borrowing $50 million against Account B would bring this to $100 million: enough capital to 2x, 4x, or even 10x the price of $REN.
While Aave struggles to liquidate Account A's debt, Account B reaps the rewards.
If the fund managed to use its liquid capital to 10x the price of $REN across major exchanges, then the original position of Account B would now be worth $850 million.
$REN is considered lower quality collateral than $USDC - as such its LTV ratio is merely 60%.
Hypothetically, almost $500 million worth of assets from Aave could be borrowed against Account B.
This loss would be greater than 3x Aave's entire treasury balance.
In light of Eisenberg's comments, tokenholders scrambled to pause borrowing on certain assets, including $REN.
These may, however, simply be stopgap measures.
Aave's platform is one of the largest and most used in all of DeFi, with over $5.6 billion of TVL.
Without fundamental mechanism change, deposits in DeFi may not be as safe as users believe.
As larger and larger entities enter the DeFi space, are so many of the 'blue chips' so big that they cannot fail?
A future exploiter may not be so kind as to post a 'how-to' on twitter.