Aave holds security at its core with V3 audits by Trail of Bits, ABDK, Peckshield, OpenZeppelin, [SigmaPrime] and formal verification by Certora further detailed in Security & Audits.
Aave Protocol V3 introduces more sophisticated risk parameters and features to provide the protocol with a high level of protection against potential insolvency.
👇🏻 is the list of new protocol risk management additions
- Isolation mode assets allows to list riskier assets in Isolation, restricting to:
- borrowing restricted to isolated stablecoins
- use of single isolated asset as collateral at a time
- Siloed assets allows assets with potentially manipulatable oracle to be listed as supply-only i.e. cannot be used as collateral.
- New Permissioned Roles for
RISK_ADMINAave Governance can now elect entities with a permissioned role in the protocol. These entities can change risk parameters, if needed, without a governance vote for parameter update. This enables protocol to adjust risk parameters more efficiently and quickly as the market matures.
- Supply and Borrow caps each asset reserve can now be configured to have upper bounds on supply and borrow (optional). This helps in reducing exposure to certain assets and mitigates infinite minting or price oracle manipulation risks.
- Variable liquidation close factor In V3 liquidation mechanism has been improved to allow the position to be fully liquidated when it approaches insolvency (HF < 0.95)
- Price Oracle sentinel mainly aimed for L2s to handle eventual downtime of the sequencers by introducing a grace period for liquidations and ability for
RISK_ADMINSto disable borrowing for a reserve under specific circumstances.
The following documentation analyses the fundamental risks of the protocol and describes the processes in place to mitigate them in more details.
If you have any questions, join the Aave community Discord server; our team and members of the community look forward to helping you understand Aave's risks and risk management procedures.