rAAVE Farming Contract Exploit explained

A. What happened

1. Deposit

2. Withdrawal

3. Removal of Liquidity

4. GRO/rAAVE Dump on Uniswap

5. Distribution

B. Detail of the vulnerability

  • the GRO/rAAVE Uniswap pool address
  • the address of the token to be deposited
  • the amount being deposited
  • and the acceptable minimum number of LP shares to be accepted in return

C. Attack Mitigation

  • Removal of remaing rAAVE Treasury liquidity from the staking contracts
  • Call for action for the community via GrowthDeFi and rAAVE communication channels



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Growth DeFi

Growth DeFi


Leveraging the power of DeFi protocols to maximize capital efficiency