decrypt.co
A notorious crypto trader, who gloated just last month about making away with over $100 million in a controversial price manipulation maneuver, appears to have lost millions on a similar exploit attempt that backfired early Tuesday.
Avraham Eisenberg, the trader behind October’s Mango Market hack, recently borrowed 40 million curve (CRV) tokens from decentralized lending platform Aave, according to on-chain data. The drastic move is part of an apparent scheme to sell off the tokens, plummet CRV’s value as a result, and make away with millions in short positions on the token—leaving Aave saddled with a massive quantity of bad debt.
The ploy did not execute as planned, however. CRV’s price declined early Tuesday from $0.53 to $0.41, but then quickly recovered, shooting up as high as $0.71. At writing, CRV is up 31% in the last 24 hours to $0.67, according to data from CoinGecko.
Weeks ago, Eisenberg publicly outlined a plan to manipulate a loophole in Aave’s lending policies that would theoretically allow a scheme like the one attempted by the trader on Tuesday to succeed.
I've been advised aave is perfectly safe so here's the potential trading strategy. Not financial or legal advice, but if you do make 9 figures on this feel free to send a tip
Note that starting with more initial capital increases success odds and profit percentage pic.twitter.com/HKAF7Y5ogM
— Avraham Eisenberg (@avi_eisen) October 19, 2022
At the time, some users decried the pronouncement as harmful to the crypto ecosystem.
I recommend no more tweets like this for the sake of the people, the crypto industry, and your business. But if this continues I have no choice but to add you to notifications for news/narrative trades.
— Route 2 FI (@Route2FI) October 19, 2022
Yet, in the weeks following it, neither Aave nor Gauntlet—the financial modeling platform employed by Aave—moved to take any precautionary steps to prevent an exploit like the one Eisenberg outlined from occurring.
On Tuesday afternoon, after Eisenberg’s short strategy proved unsuccessful, Gauntlet issued a statement to clarify that Aave had emerged from the incident relatively unscathed.
“The attempt to squeeze CRV on Aave has been unsuccessful and unprofitable,” Gauntlet tweeted. “Despite this, Aave has accrued a much smaller insolvent position.”
The attempt to squeeze CRV on @AaveAave has been unsuccessful and unprofitable. Despite this Aave has accrued a much smaller insolvent position
Our immediate recommendation is to freeze a number of tail assets on v2 to mitigate the risks of similar, likely unprofitable, squeezes
— Gauntlet (@gauntletnetwork) November 22, 2022
That smaller insolvency amounts to $1.6 million in bad debt on Aave’s end, according to blockchain data analyzed by Blockanalitica—an amount that could have been far larger had Eisenberg’s exploit succeeded.
In a reply to a since-deleted tweet, Gauntlet announced that it would help cover the $1.6 million loss as part of its insolvency refund program, which commits to covering losses incurred by clients such as Aave due to flaws in Gauntlet’s “risk parameter optimizations.”
Hours after Eisnberg’s CRV maneuver failed, an Aave governance proposal was drafted to prevent a similar scheme from manipulating other cryptocurrencies on the platform in the future.
Some Aave DAO members reacted negatively to the proposal.
“Better late than never, no?” one member wrote. “Gauntlet should have done this proposal way before that Avi pulled the trigger. What were you doing all this time while Avi was bragging about his attempt to economically exploit AAVE?”
Last month, when Eisenberg made away with over $100 million from Solana-based Mango Markets via an oracle price manipulation, Mango DAO agreed to forego any pursuit of criminal charges against the trader—if he returned $67 million of the seized funds to help the organization cover its bad debt.
Eisenberg agreed to the deal; the next day, he outed himself as the trader behind the maneuver, calling the event, widely regarded as a hack, a “highly profitable trading strategy.”
He did not immediately respond to a request for comment on Tuesday's events from Decrypt.