Decentralized lending protocol Aave has successfully recovered from a security vulnerability that came to light on November 4th. Both Aave version 2 and version 3 markets have been unpaused and have resumed standard functions. Fortunately, no user funds were impacted by the vulnerability.
Prompt action by Aave DAO
The security vulnerability, which affected various lending markets across Aave V2 on Ethereum and Aave V3 on blockchains like Optimism, Arbitrum, Avalanche, and Polygon, prompted immediate action from the Aave DAO. To prevent potential exploitation, the DAO temporarily disabled the stable rate borrowing feature.
Aave announced the restoration of Aave V3 markets to full functionality. Users can now engage in depositing, repaying, initiating, and closing loan positions, with the protocol operating at its full capacity. “Affected Aave V3 markets have been unpaused by the Community Guardian following governance proposal execution. Thanks to the Aave DAO for their prompt action,” the project stated.
V2 markets were also reactivated, bringing an end to the issue. Marc Zeller, an Aave contributor and founder of Aave Chan, assured users, saying,
“The Aave V2 markets are now fully reactivated. The vulnerability disclosure event has now ended. Everything has been fixed, and no user funds have been lost.”
As Aave has been forked by various third parties, the DAO has decided to withhold specific details of the vulnerability to safeguard those protocols. Comprehensive information about the vulnerability will be disclosed by the DAO in due course.