Commissioned, curated and published by Russ. Researched and written with AI.
On March 12, 2026, someone tried to rotate $50 million in yield-bearing aEthUSDT into aEthAAVE through Aave’s interface. They ended up with 327 AAVE worth roughly $36,000. The interface warned them. They checked the box. Every contract involved performed exactly as designed.
That is the whole story, except it isn’t.
What the Route Actually Did
This wasn’t a spot buy. The user held aEthUSDT – Aave’s yield-bearing wrapper for USDT deposits – and wanted to move into aEthAAVE, the same mechanic applied to AAVE. A collateral rotation. Institutional rebalancing, DeFi-style, handled atomically through Aave’s swap feature.
The Aave interface routed the order through CoW Protocol. A solver found a path: burn the aEthUSDT, pull $50.4M USDT out of Aave, swap into 17,957 WETH via Uniswap V3’s deep USDT/WETH pool (that leg was clean), then push all of that WETH into the SushiSwap AAVE/WETH pool to buy AAVE, deposit it back into Aave, and deliver aEthAAVE to the user.
Three of those four steps were fine.
The SushiSwap AAVE/WETH pool (0xD75EA151a61d06868E31F8988D28DFE5E9df57B4) held 331.63 AAVE and 17.65 WETH at the time of the trade. Total liquidity: approximately $74,000.
The trade pushed 17,957 WETH into a pool holding 17.65 WETH. That is 1,017 times the pool’s entire WETH reserve. The AMM did what AMMs do when you overwhelm them: it surrendered almost every AAVE token it held for essentially nothing.
Output: 327.24 AAVE. Worth roughly $36,000.
The transaction: 0x9fa9feab3c1989a33424728c23e6de07a40a26a98ff7ff5139f3492ce430801f
Price Impact, Not Slippage
The framing that dominated early coverage – that this was a slippage failure – missed the point. Aave engineer Martin Grabina clarified the distinction to Decrypt: the core issue was price impact, not slippage.
The CoW explorer’s quote field showed the rate before any fees or slippage applied: 50M USDT for fewer than 140 AAVE. That was the accepted quote. The route was broken before settlement touched it.
The order’s slippage tolerance was set at 1.21%, the system’s automatic setting. Slippage protection on a trade that had already accepted a 99% price impact is not a safeguard. The signed minimum buy amount baked into the order was 324.94 AAVE. Settlement delivered 327.24 AAVE – slightly more than the minimum. Every contract performed. The route was not mangled in flight. It was born broken.
Two warnings appeared in the interface. The user was required to check a box. They did.
The Food Chain
$50 million did not disappear. It redistributed, upward, in one block, to everyone who understood what had just happened better than the person who initiated the trade.
The MEV bot arrived at transaction index 2, one block after the user’s transaction at index 1. On-chain forensics confirm the Sushi pool was untouched before the user’s trade landed. This was a backrun, not a sandwich – the bot did not front-run the trade or cause the loss. The damage was already done. The bot just walked in after the floor collapsed.
It pocketed roughly $9.9M backrunning the AAVE/WETH leg and another $2.6M backrunning the USDT/WETH leg. Total take: approximately $12.5M. The harvest transaction (0x45388b0f9ff46ffe98a3124c22ab1db2b1764ecb3b61234e29e5c9732b7fd4ab) sent 13,087 ETH – roughly $30.2M – directly to Titan Builder, and kept 4,824 ETH ($11.1M) for itself.
Lido, as the block proposer, received 568 ETH (approximately $1.2M). DEX liquidity providers absorbed the remaining ~$3.5M as passive beneficiaries of a pool that took a freight train at full speed. BlockSec confirmed to CoinDesk that arbitrageurs extracted more than $43M within that single block. Broader on-chain estimates put Titan’s total revenue from the incident at approximately $34.3M.
Aave confirmed it collected $110,368 in fees from the transaction and pledged to return them to the user pending verification. CoW DAO separately committed to refunding whatever fees had flowed to CoW Protocol from the trade.
Nobody in that food chain did anything wrong. The bot spotted an opportunity. Titan built the block it was paid to build. The LPs happened to be in the pool.
The Guardrail That Didn’t Survive the Migration
In December 2025, Aave Labs replaced its ParaSwap-based swap integration with a new CoW Protocol-powered implementation. The upgrade was announced as the first flash loan product built for intent-based infrastructure.
What did not make the migration was the hard slippage cap.
Marc Zeller, founder of the Aave Chan Initiative, who had already announced ACI’s departure from Aave on March 3rd, stated in the hours after the incident that the previous frontend had a hard slippage limit of approximately 30%. The new integration had no equivalent ceiling – the user’s trade settled with 99% price impact because the system allowed it to.
ACI member Nandy put the governance failure plainly: shipping a replacement implementation without verifying that the original safety coverage is still present is a different matter, especially when the teams who built the original mechanism are available for review.
The contrast came from an unlikely direction. 0xngmi, founder of DefiLlama, posted a screenshot of LlamaSwap attempting the same trade: the buttons were locked. The swap was blocked entirely. A free, community-built tool had harder guardrails than the official Aave frontend. Marc Zeller’s response was a single line: “Just use defillama.” This from a man whose signature phrase during better times was “Just use Aave.”
The Governance Layer
The CoW integration sits at the centre of a dispute that predates this incident by months.
Within a week of the December rollout, on-chain analysis revealed that swap fees from the new integration were flowing to an Aave Labs-controlled address rather than the DAO treasury. Orbit-Delegate EzR3aL’s analysis put the figure at a floor of $10M per year across just two networks, with likely higher actual numbers. Aave Labs disputed the framing in the governance forum, arguing the interface is a private product they fund and maintain independently of the DAO. Marc Zeller described it as the stealth privatisation of approximately 10% of Aave DAO’s potential revenue.
A Snapshot vote on brand asset ownership was rejected, 55% against.
BGD Labs, the core technical contributor that built much of the original swap infrastructure, had already announced in February that it would cease contributing when its contract ended in April. Zeller and ACI announced their own departure, planned for July.
The teams who built the original slippage protection were on their way out the door when the new integration shipped without it.
What Actually Failed
The contracts worked. The warnings appeared. The user clicked through. This is not a hack by any definition.
But a $50M trade was routed into a $73K pool by an aggregator solver that had no obligation to decline the route, through an interface that had removed its predecessor’s hard cap on acceptable price impact, while the teams who built that cap were in the process of leaving the protocol.
The system had no single point of failure. It had several layers of progressive failure, each of which was individually defensible, and collectively catastrophic.
A free tool blocked the same trade automatically. The official interface required a checkbox and then let it through.
That is the question worth sitting with: when every warning fires and every contract executes correctly, what exactly is the warning system protecting?