Author: Jae, PANews
Inside Aave, a "black swan" emerged before external pressures from the bear market.
Aave, which has long dominated the lending sector, is currently experiencing its most severe ecosystem upheaval since its founding—without any hacks or code vulnerabilities, only loss of control and conflicting interests.
From the resolute departure of technical pillar BGD Labs, to the public rift with governance pioneer Aave Chan Initiative (ACI), and the official severance by risk management steward Chaos Labs, a mass exodus of service providers is underway.
The depth of this conflict goes far beyond a simple cooperation dispute—it triggers the ultimate paradox of DAOs (Decentralized Autonomous Organizations): the tension between the founder’s vision and decentralized governance, the conflict between protocol long-termism and capital’s short-term profit-seeking, and the challenge of balancing decentralized ideals with centralized efficiency during a blue-chip protocol’s scale-up phase.
Can Aave keep winning?
Why did Chaos Labs abandon its risk control gate?
On April 7, Chaos Labs, which had spent three years deeply involved in Aave V2/V3 and achieved “zero major bad debt,” announced its separation from Aave. This departure by a top-tier risk management firm directly struck Aave’s safety red line.
Chaos Labs cited three reasons: prolonged financial losses, the departure of key contributors BGD Labs and ACI, and fundamental disagreements with Aave Labs regarding risk management principles in the context of Aave V4's launch.
Among these, the main point of contention centers on V4’s “hub-and-spoke” architecture: Chaos Labs noted that while this design improves capital efficiency, it also exponentially amplifies risk. In an environment where legal liability is unclear, the risk management team must double their workload to maintain both the V3 and V4 systems simultaneously.
Aave Labs respects this decision and thanks them for their many years of contributions; the protocol's smart contracts and network deployments remain unaffected. However, this separation between the two parties stems from underlying reasons.
Aave Labs disclosed that it has engaged in multiple rounds of negotiations with Chaos Labs regarding a renewal proposal, supporting an increase in risk management fees from the current level to $5 million, but not supporting a direct increase to $8 million without subsequent附加条款. Additionally, Aave Labs explicitly opposes the following three exclusivity clauses: designating Chaos Labs as the sole risk manager, replacing Chainlink with the Chaos Labs oracle, and setting the un-audited Chaos Labs treasury as the default treasury for all B2B integrations.
In simple terms, Chaos Labs wanted to expand control and commercial interests. However, for a DeFi protocol, over-reliance on a single vendor for risk management significantly increases systemic risk and undermines the protocol’s governance independence. For Aave, the potential risks were too great.
Moreover, in March of this year, a chain configuration error in the Aave CAPO oracle, managed by Chaos Labs, caused wstETH to be undervalued by approximately 2.85%, incorrectly triggering forced liquidations of about $27 million in healthy positions.
Aave Labs emphasizes that it will continue to uphold the two-layer risk management model and introduce a third layer of technical risk management led by Aave Labs. During the transition, LlamaRisk will assume greater risk coverage responsibilities previously held by Chaos Labs, with Aave Labs providing support through team and budget expansion, as well as engineering and analytical resources to ensure a smooth handover.
Regarding Aave V4, its architecture introduces isolated risk markets, new liquidation logic, and governance-controlled parameter mechanisms, enabling the DAO to manage risk across different markets and assets with greater precision. In the short term, Aave Labs will work closely with LlamaRisk to ensure a smooth transition of risk management and uninterrupted protocol operation.
Both technology and governance have failed, intensifying internal risks at Aave.
In addition to its security defenses, Aave's technology and governance have both been compromised over the past two months.
On April 1, BGD Labs, the technical service provider for Aave V3, announced the termination of all technical contributions—not an April Fools' joke. As the primary development team for V3, BGD accused Aave Labs of forcibly pushing the immature V4, artificially restricting V3 feature development, maliciously undermining its value, and even coercing users to migrate through parameter changes.
BGD claims that V3 contributed 98% of Aave’s code and nearly all of its TVL, generating over $100 million in annual revenue, making it the "crown jewel" of the protocol. Aave Labs has shut down V4 development and sidelined external teams. With no voice and no fair compensation, BGD Labs can only protest this "radical transformation" and the disregard for users' asset security by leaving.
ACI, a governance service led by Marc Zeller, also plans to exit in July, directly triggered by BGD Labs’ departure. Marc Zeller accused Aave Labs of orchestrating a “slow-motion coup,” pointing to on-chain data showing it controls 23% of the AAVE token supply, overwhelming community proposals with its whale voting power.
ACI's exit marks Aave's governance shift from "checks and balances" to "centralization," forcing third-party service providers to become mere afterthoughts.
Although Aave was once a model of decentralized collaboration in the DeFi market—where Aave Labs set the direction, third-party service providers handled development, governance, and risk management, and multiple parties complemented each other to establish Aave’s leading position in lending—this long-standing golden combination is now showing increasing fractures within its structure.
Pain or terminal illness? Aave faces a test of financial trust
In this complex and chaotic battle, the interests of both sides present starkly different pictures.
From the perspective of Aave Labs and founder Stani Kulechov, they aim to transform the protocol from a loosely connected multi-stakeholder collaboration into a more cohesive and executable closed-loop ecosystem through V4 and the “Aave Will Win” framework.
The business logic behind this transition is that DeFi has entered a scaling phase, and loose collaboration alone cannot meet institutional-level demands or compete in the global financial arena.
By centralizing resources to develop high-margin products and unifying brand ownership, Aave can enhance execution efficiency, reduce fragmented decision-making, and improve AAVE token's value capture.
Of course, this is an issue that all mature DeFi protocols will need to confront as they scale, and Aave, as the leading lending protocol, has had its internal turmoil amplified, becoming a mirror of the entire DeFi governance model.
However, this increase in efficiency under strong leadership is seen as coming at the cost of the DAO’s decentralized credibility.
Service providers fundamentally rely on their expertise to receive funding from the DAO. When Aave Labs attempts to marginalize them or offers compensation insufficient to offset growing legal and operational risks, they will inevitably choose to withdraw. This also reveals that, under the current DAO service provider model, even top-tier teams face challenges in sustaining a viable business model.
For Aave, will the departure of service providers be a short-term setback or a long-term fatal blow?
From an optimistic perspective, the wave of departures among service providers may be a "pain point" in Aave's transition process.
- Streamlined decision-making: With several external stakeholders having departed, Aave Labs can advance V4 more smoothly, enabling a faster product release cycle in a highly competitive market.
- Front-end revenue recycling: If the "Aave Will Win" proposal ultimately achieves 100% front-end revenue redistribution to the DAO, the AAVE token will evolve from a mere governance token into a true yield-bearing asset.
- Unified technical paradigm: V4’s hub-and-spoke architecture resolves the fragmentation issues of V3 across multiple chains. By centralizing liquidity hubs, Aave is positioned to gain a first-mover advantage in the RWA and institutional credit markets.
However, positive expectations are largely based on the assumption that everything is going smoothly, while real-world negative impacts are more immediate.
- Security downgrade: The complexity of V4 requires stricter risk management mechanisms. With the loss of Chaos Labs, Aave now relies solely on LlamaRisk as its primary risk service provider, significantly increasing systemic risk during extreme market conditions.
- Knowledge vacuum: The service provider’s departure took with it three years of historical operational data and expertise. In the event of an unexpected issue with the protocol, newly onboarded teams like LlamaRisk may respond slowly due to lack of deep involvement.
- Reputation damage: Aave Labs’ intervention in voting through large token holdings effectively depletes the protocol’s reputation capital. If the DAO loses its checks and balances, its appeal to new developers will significantly diminish.
These negative impacts are also raising concerns about capital. Although Aave has never experienced a severely serious security incident in the past, uncertainty around risk is increasing, and the community is beginning to question its execution capability and risk management. Some have bluntly stated, “When the old crew has all left and the new crew hasn’t yet learned the route, don’t put all your assets on board.”
Currently, Aave stands at a critical crossroads.