Prior exploit count

Aave v3's assessment for RD-F-077 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

4 incidents on record. rsETH/Kelp bad debt ($123–230M) remains unresolved at M3a date — $160M raised of ~$200M needed (as of 2026-04-26); ~$40M residual shortfall; no on-chain AIP vote executed. CRV bad debt ($1.6M) was DAO-compensated (resolved). Periphery $95K was DAO treasury loss (unrecovered but small). Two incidents involve unrecovered loss; the rsETH case is material and unresolved.

Sources #

URL
CRV Trade Aave Bad Debt — The DefiantCRV bad debt coverageretrieved 2026-04-27
Governance
rsETH Incident Report — Aave Governance ForumrsETH Incident Report (April 20, 2026)retrieved 2026-04-27
Governance
rsETH Incident Funding Update ARFC — Aave GovernanceARFC rsETH Incident Funding Updateretrieved 2026-04-27
URL
Aave Raises Nearly 80% of the $200M It Needs to Cover Bad Debt Left by Kelp DAO ExploitDeFi United $160M raised as of 2026-04-26retrieved 2026-04-27
Governance
Periphery Contracts Incident — August 28, 2024Periphery incident post-mortem (Aug 2024)retrieved 2026-04-27

Methodology #

Count the number of distinct incidents in the hack database affecting this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol aave-v3 factor RD-F-077 score red collected_at 2026-04-27 23:28:46