DeFiScan pfp
DeFiScan
@defiscan
PART 1/2 Aave V3's decentralization review: Stage 0 Aave v3 is a lending protocol that allows users to lend and borrow different ERC20 assets. Users are able to create positions that consist of debt in different loan assets which is secured by different collateral assets. The lending market allows anyone to liquidate insolvent positions, based on an external price feed and specific collateral factors representing an asset's specific risk profile. Furthermore, instead of borrowing supplied assets, Aave V3 also issues its own stablecoin, GHO. Users can borrow and lend GHO like any other asset in the system. The Aave DAO is Aave's onchain governance system, allowing AAVE, stkAAVE and aAAVE holders to govern over various aspects ranging across treasury management, risk management and strategic initiatives. Different Aave Instances exist and are managed by the Aave DAO. Each focuses on specific use cases and chains. This review covers the Ethereum Mainnet instance.
0 reply
0 recast
1 reaction
DeFiScan pfp
DeFiScan
@defiscan
Make sure you follow @deficollective and @defiscan for the upcoming reports on the Prime (Lido) and EtherFi instances on Ethereum Mainnet!
0 reply
0 recast
0 reaction
DeFiScan pfp
DeFiScan
@defiscan
⛓️Chain 🟢The report is concerned with the Aave V3 Core instance deployed on Ethereum mainnet. Ethereum achieves a Low chain score.
0 reply
0 recast
0 reaction
DeFiScan pfp
DeFiScan
@defiscan
🚨Upgradability 🔴High Upgradability Score The Aave v3 protocol can be analyzed in a number of logical modules: -Core Lend & Borrow -Reserve Parameters -Treasury -Aave Ecosystem Reserves & Rewards -$GHO Stablecoin -Aave Governance. Each module exposes various degrees of control as explained in more detail below. Overall, these control vectors could result in the loss of user funds, loss of unclaimed yield or otherwise materially affect the expected performance of the protocol. All the control vectors, apart from the Emergency Admin's privilege, are behind governance vote or if permissions are given to a multisig account, the permission is successfully restricted to prevent mis-use by using steward contracts that enforce guardrails. If the Emergency Admin adhered to the security council standards, the Upgradeability Risk would achieve a medium score. With the current setup the Aave V3 core instance achieves a High centralization risk score.
0 reply
0 recast
0 reaction