worldcoinindex.com
A massive decentralized finance trading error on March 12 has prompted detailed post-mortems from Aave and CoW Swap after a user swapped more than $50 million worth of aEthUSDT but received only about $36,000 in aEthAAVE.
The trade—executed through the CoW Swap-powered swap widget on Aave’s interface—is now widely viewed as the most severe execution loss recorded in DeFi.
While both teams agree on the sequence of events, their analyses highlight different root causes. Aave’s report emphasized the dangers of trading in an extremely illiquid market, while CoW Swap’s investigation described a series of infrastructure failures that worsened the outcome beyond already catastrophic initial quotes.
A Chain Reaction of Failures
According to CoW Swap, the swap was initiated as a “fill-or-kill” order involving an illiquid trading pair at an unusually large size. Multiple technical issues compounded the problem.
During the quoting phase, three independent solvers—third-party agents responsible for executing trades—submitted potential routes. The best unverified quotes suggested the $50 million order might return roughly $5–6 million worth of $AAVE tokens, already implying a loss of around 90%.
However, CoW Swap’s quote verification system enforced an outdated 12-million gas unit cap. Because modern routing paths often exceed that threshold, several of the better-priced quotes failed verification. The platform later acknowledged the limit was legacy code and has since removed it.
As a result, only a drastically worse quote passed verification. That route, provided by “Solver A,” offered roughly 329 $AAVE tokens—about 150 to 200 times worse than the rejected alternatives. The quote ultimately set the order’s limit price.
Execution Breakdown
The situation deteriorated further once the order entered the auction phase.
Another participant, “Solver E,” identified a better execution route and won two consecutive auctions to process the trade. But neither of its transactions ever appeared onchain—suggesting they were never submitted.
With the best solver unable to execute and eventually abandoning the order, weaker bidders remained. The system lacked safeguards to detect or escalate this pattern, leaving the trade to execute at the worst available route.
CoW Swap described the situation as a “compounding failure,” where the solver capable of better execution repeatedly failed to deliver.
Possible Mempool Leak
Investigators also uncovered signs that the supposedly private transaction may have leaked into the public mempool.
Despite being sent through a private RPC endpoint, the blockchain explorer Etherscan displayed a “confirmed within 30 seconds” label—an indicator that the transaction was visible publicly before block inclusion.
Such exposure could have enabled opportunistic trading strategies around the transaction, leading to large-scale backrunning activity in the same block. The investigation into this possible leak remains ongoing.
Aave Focuses on Market Liquidity
Aave’s report centered on the trade’s execution path and the extreme lack of liquidity in the pools used.
According to the protocol, the swap process redeemed the user’s aEthUSDT for $USDT on Aave V3, then converted the $USDT to WETH through Uniswap V3. The WETH was finally routed through a SushiSwap $AAVE/WETH pool with just about $73,000 in total liquidity.
This shallow liquidity meant the order’s size caused an enormous price impact.
The interface reportedly warned the user about this risk, displaying a “High price impact (99.9%)” message and requiring manual confirmation that the user accepted a potential total loss. Internal records show the warning was acknowledged from a mobile device before the trade proceeded.
The funds recovered from the swap remain held for the trader, who has not contacted either team.
New Safeguards Introduced
In response, Aave announced a new safety feature called Aave Shield. The system automatically blocks swaps with price impacts above 25% unless users manually disable the protection in the settings.
Meanwhile, CoW Swap acknowledged its responsibility for several technical shortcomings exposed by the incident.
The team admitted that relying on a simple confirmation checkbox is insufficient when trades involve tens of millions of dollars, stating that “technically correct is not the ceiling we should be building toward.”
MEV Profits and Governance Fallout
The trade also generated massive profits for onchain arbitrageurs.
Blockchain analytics from Arkham Intelligence indicate that block builder Titan Builder extracted roughly $34 million worth of ETH from the transaction. Another MEV bot reportedly earned nearly $9.9 million through opportunistic trading strategies.
Despite highlighting “significant backrun activity,” CoW Swap’s report did not directly characterize the behavior as a sandwich attack.
The event also revived an ongoing governance controversy within Aave. A 25-basis-point swap fee tied to the integration with CoW Swap has been the subject of debate over whether those fees were routed to the Aave DAO treasury or to a privately controlled address linked to Stani Kulechov’s development company.
Another Incident Adds Pressure
The massive swap loss came only two days after a separate issue affected the protocol. An oracle misconfiguration triggered roughly $26 million in unfair liquidations involving wstETH positions across 34 accounts.
Together, the two incidents have intensified scrutiny of infrastructure risks and governance decisions across DeFi—especially when trades of massive scale collide with fragile liquidity and complex execution systems.