Aave Compatibility Disaster Report: MEV Withdrawal Mystery of 34 Million as CoW Swap Summary Disputes Emerge

On March 15, Aave and CoW Swap released post-incident analysis reports regarding the disaster that occurred last week. The two reports present markedly different perspectives on responsibility attribution, key narratives, and severity assessments. The reason behind the MEV earning of $34 million remains unclear. As a response, Aave announced the launch of “Aave Shield,” a feature that automatically intercepts swap transactions with price impacts exceeding 25% by default.

Event Recap: $50.4 Million Slippage in a $7,000 Liquidity Pool

(Source: Aave X)

According to Aave’s post-incident analysis, the transaction path executed by CoW Swap’s solver was as follows: the user’s aEthUSDT was exchanged for USDT on Aave V3, then swapped for WETH via a Uniswap V3 pool, and finally routed to SushiSwap’s AAVE/WETH pool—which had a total liquidity of only about $7,000.

Aave emphasizes that the swap plugin displayed a warning before the transaction indicating “significant price impact (99.9%)” and required users to check a box to confirm acceptance of potential 100% loss. Internal audit records confirm that the user manually confirmed this warning on a mobile device. Aave states that the seized funds are still under custody, but the involved user has not proactively contacted any party.

Core Disputes Between the Two Reports: Who Tells a More Complete Story?

Aave’s stance: primarily attributes the loss to a “liquidity-constrained market,” distinguishing between “price impact” and “slippage” on a technical level, and emphasizes that the user manually confirmed the transaction with full warning received.

CoW Swap’s stance: depicts a more complex systemic failure scenario, explicitly pointing out a series of overlapping failures:

• Large orders in illiquid pools: Enforcing oversized Fill-or-Kill orders on extremely thin trading pairs.

• Legacy code restrictions: The quote verification system enforces a hard cap of 1.2 million gas units, which is a “legacy code” predating current gas consumption patterns. This caused multiple better-priced routes to fail verification due to gas limits—CoW claims this issue has been fixed.

• Solver failures: A solver named “Solver E” found more favorable execution paths and won two consecutive bids but did not submit on-chain transactions (no rollbacks observed on-chain). Subsequently, it abandoned bidding altogether, leaving only suboptimal solutions with worsening outcomes.

• Memory pool leak suspicions: Despite transactions being submitted via private RPC, Etherscan shows a “confirmed within 30 seconds” label—this label only appears after transactions enter the public mempool, implying possible leakage and resulting in significant front-running arbitrage activity within the block.

CoW admits in the report: “Technical correctness should not be our sole goal. When the risk reaches $50 million, checking the confirmation box becomes a blunt instrument.”

MEV Issue: The Biggest Blind Spot in Both Reports

Neither post-incident analysis details the MEV bots that directly profited from this transaction, which is directly related to CoW Swap’s core integration—when Aave and CoW Swap expand their partnership in December 2025, a key selling point is “MEV-resistant execution,” providing protection against front-running and sandwich attacks.

According to on-chain analysis by Arkham Intelligence, block builder Titan Builder extracted about $34 million worth of ETH from this transaction, and another MEV bot profited approximately $9.9 million via sandwich attacks. CoW’s report only mentions “significant rollback activity” and lists the top five addresses with the most ETH in the block but does not use the term “sandwich attack” nor details the specific MEV mechanisms involved.

Notably, Aave founder Kulechov on March 12 (the day of the incident) stated he would attempt to refund “about $600,000 in fees,” but the post-incident analysis corrected the actual swap fee to $110,368 (based on 25 basis points in CoW Swap metadata), calling the former an “early rough estimate.” The dispute over the fee’s attribution—whether it flows into the Aave DAO treasury or a private address controlled by Aave Labs—remains a core governance controversy within the protocol since December last year.

Additionally, two days before this swap disaster, Aave experienced another incident caused by oracle misconfiguration: approximately $26 million worth of wstETH was unfairly liquidated from 34 accounts.

Frequently Asked Questions

Q: How will Aave Shield protect users from similar losses?
Aave Shield is a newly launched security feature in response to this incident. By default, it will automatically block any swap transactions with price impacts exceeding 25%, rather than just showing warnings. If users still wish to proceed with high-impact trades, they must actively disable this protection in settings, which introduces higher friction compared to the previous “checkbox confirmation,” aiming to reduce accidental confirmation of extremely risky trades.

Q: Did CoW Swap violate its MEV protection promises in this incident?
This is one of the most debated issues in the community. One of CoW Swap’s key selling points is “MEV-resistant execution,” but on-chain data shows over $40 million worth of value was extracted via MEV activities in this transaction. CoW’s report admits potential mempool leaks and states “investigations are ongoing,” but does not directly address whether their MEV protection promises were ultimately unfulfilled.

Q: What does this event mean for future collaboration between Aave and CoW Swap?
The stark difference in tone between the two reports reflects divergent narratives on responsibility. CoW’s self-critical stance is clearer, while Aave emphasizes that users were warned. Beyond these reports, the incident has reignited ongoing governance debates within Aave regarding fee attribution and transparency. Whether future cooperation terms will be adjusted remains to be discussed by the community.