Aave
APR5.15%(Variable)
Risk score62Medium
Aave, launched as ETHLend in 2017 and rebranded in 2018, is an open-source, non‐custodial "DeFi" protocol for supplying and borrowing crypto. Within Aave, USDT can be lent into liquidity pools at variable rates, earning interest paid by borrowers.
Interest rate
Variable (e.g. 5.15%)
Currency support
USDC, USDT, Others
Fees
0%
Collateral
wBTC, WETH, Others
LTV
Up to 73%
Loan type
Consumer
Liquidation LTV
78%
Margin call
N/A
KYC
No
Total loan issued
N/A
Launch year
2017
Loan duration
Flexible
Support
Email, Discord
Loan value
N/A
Total risk score62Medium
How we calculate risk?
Highlights
Long-standing, high-volume on-chain lending platform, yet its thin liquidation buffer and floating rates invite forced liquidations during volatility. Raising the collateral cushion and offering fixed-rate loan options would markedly improve borrower safety in stressed markets.
Penalties
Custody = 7
+5 pts
Security & Governance = 4
+3 pts
Rate & Term ≥ 7
+2 pts

Collateral
4/10
What are you pledging? Native BTC is safest; wrappers, bridges, or paper IOUs add redemption risk.
wBTC is wrapped BTC via BitGo with 1:1 backing.

Rehypothecation
2/10
Will your BTC be re-used? More hidden leverage → bigger blow-up chance.
Assets are pooled and reused only within Aave; no external rehypothecation.

Custody
7/10
Who can move the coins? Scores quorum design, recovery paths, and (for CeFi) bankruptcy-remote segregation.
Aave's Bitcoin-backed loans are classified as primarily “CeFi” in our model because the BTC underlying wBTC is held by a centralized custodian. Because of wBTC, these loans carry two distinct custody exposures. We split them in the risk model: the custodian risk is reflected in Collateral = 4, while Aave’s pooled, upgradeable smart-contract vault scores Custody = 7 on the DeFi ladder.

Security & Governance
4/10
How battle-tested are code and ops? Counts audits, bug-bounty, certs, and hardware key isolation.
>5 independent audits (Trail of Bits, OpenZeppelin, PeckShield, ABDK, SigmaPrime) and a US $1m Immunefi bounty prove strong review depth, but upgradeable contracts leave admin risk, so the protocol stays mid-risk.

Platform
7/10
Is the chain or bridge robust? Rates consensus security and smart-contract attack surface.
Aave’s core markets operate on Ethereum mainnet, inheriting both the network’s scale and its full EVM complexity. In July 2016, Ethereum developers coordinated a state-reversing hard fork to undo the DAO exploit—establishing precedent that the chain can roll back under extreme pressure. Combined with the EVM’s well-documented vulnerabilities (re-entrancy, integer overflows, etc.), the platform carries elevated technical and governance risk.

Oracle
4/10
How is price fetched and signed? Independence, on-chain proofs, refresh speed, circuit breakers.
Aave relies on a single oracle provider, Chainlink, whose “Decentralized Oracle Networks” typically contain 21–31 permissioned nodes. Those operators (e.g., LinkPool, T-Systems, Chainlayer) are hand-picked and replaceable by a Chainlink-Labs multisig that owns the OffchainAggregator contracts, so no permissionless process exists to add independent competitors. Operator rosters overlap heavily (four to five nodes appear in most major USD feeds) so a coordinated fault could still push a bad price through every Aave market. That risk materialized on 29 May 2025 when Chainlink’s deUSD feed on Avalanche printed a false $1.03 quote, triggering ≈ $500k in wrongful liquidations on Euler Finance. All nodes reported the same bad price, proving a multi-node DON can fail when data sources or incentives align poorly. Because Aave has no fallback oracle or circuit breaker on Ethereum, it inherits this correlated-failure exposure. Chainlink’s audited, multi-node design is safer than a single API (score 7) yet still more centralized than a dual-provider setup (score 2), so we assign Oracle = 4.

Liquidation Buffer
10/10
How much room and time before liquidation? Combines LTV gap, grace window, and flash-crash guards.
wBTC on Ethereum V3 Core Market: LTV 73%, liquidation at 78%, 5% buffer.

Rate & Term
7/10
Can interest spike mid-loan? Looks at fixed vs variable APR and funding duration match.
Borrow APR is algorithmic and can spike instantly with utilisation (e.g., USDC de-peg event). Variable-rate model fits “instant, uncapped rate shocks.".

Transparency
4/10
Can outsiders verify code & solvency? Rewards open-source + live PoR; punishes black boxes.
Fully open-source code and on-chain balances; real-time PoR is inherent, so no separate attestation needed.

Loan Currency
7/10
What asset do you borrow? Native-BTC best; fiat stables graded on reserves, audits, censorship risk.
Fully open-source code and on-chain balances; real-time PoR is inherent, so no separate attestation needed.

Privacy
2/10
How exposed is your identity? Scores KYC depth, data storage, and breach history.
Protocol is permissionless. No KYC, users only connect a wallet.

History
4/10
Have they proven themselves? Measures years live, audit/OSS footprint, and incident track record.
One “minor” loss event (Nov 2022 CRV liquidation ≈ $1.6 M, repaid).

Jurisdiction
4/10
Which legal system backs you? Rates clarity of licensing, creditor rights, and enforcement.
Cayman Islands.