Aave lending markets resume normal operations after security scare

In the wake of a security vulnerability that surfaced earlier this month, Aave version 2 and 3 markets have been unpaused and have resumed standard functions, marking recovery for the decentralized lending protocol. No funds have been impacted.

The vulnerability that came to light on Nov. 4 impacted various lending markets across Aave V2 on Ethereum and Aave V3 on blockchains including Optimism, Arbitrum, Avalanche, and Polygon. The issue prompted immediate action from the Aave DAO. In response to the issue, the DAO temporarily disabled the stable rate borrowing feature, a move to prevent any potential exploitation.

Yesterday, Aave announced the restoration of v3 markets to full functionality. Users can once again engage in depositing, repaying, initiating and closing loan positions, with the protocol operating at its full capacity. “Affected Aave V3 markets have been unpaused by the Community Guardian following governance proposal execution. Thanks to the Aave DAO for their prompt action,” the project stated.

Today, v2 markets were also reactivated, thereby bringing an end to the matter. “The Aave V2 markets are now fully reactivated. The vulnerability disclosure event is now ended. Everything has been fixed and no user funds have been lost,” noted Marc Zeller, Aave contributor and founder of Aave Chan.

Given that various third parties have forked Aave, the DAO has so far withheld specific details of the vulnerability to safeguard those protocols. Comprehensive information about the vulnerability will be disclosed by the DAO in due course.

Updated with information that version 2 lending markets were also reactivated.