Chronic-exploit flag (≥3 incidents)

Aave v3's assessment for RD-F-078 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

4 incidents in 50-month operational history. Chronic flag (≥3 incidents) fires. CRV bad debt (Nov 2022), stable rate vulnerability (Nov 2023), periphery exploit (Aug 2024), rsETH/Kelp (Apr 2026). Count = 4, threshold = 3.

Sources #

URL
Protocol profile known incidents section.research/protocols/aave-v3/00-profile.md §10retrieved 2026-04-27
Curator note
Kelp DAO Hack Report (internal hacksdatabase)hacksdatabase/hacks/kelp-dao-rekt.mdretrieved 2026-04-27

Methodology #

Determine whether the protocol has ≥3 distinct incidents in the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol aave-v3 factor RD-F-078 score red collected_at 2026-04-27 23:28:46