Chaos Labs exits, who will take over Aave's risks?

Authored by: Omer Goldberg

Translated by: Peggy, BlockBeats

Editor’s note: Chaos Labs has announced that it will proactively end its risk management partnership with Aave and seek an early termination of this authorization relationship. As the core team that, over the past three years, has provided risk pricing and management for all Aave V2 and V3 markets, its departure is happening at a critical stage as Aave is pushing forward with its V4 architecture restructuring and institutional expansion.

In its statement, Chaos Labs emphasized that this decision was not driven by a short-term budget disagreement, but by a mismatch in how the two sides understand the fundamental question of “how risk should be managed.” As core contributors leave, system complexity rises, and V4 brings an architecture rewrite, the scope and cost of risk management have expanded significantly, yet resource commitments and priority setting have not been adjusted in tandem.

The article further points out that, as DeFi gradually attracts institutional capital, risk records themselves have become the most critical “admission asset.” When a protocol needs to simultaneously handle more complex system structures and higher compliance requirements, risk is no longer just a technical issue—it becomes the underlying capability that determines whether the system can keep running.

As DeFi enters its next phase, where exactly should risk management be placed, and whether the industry is willing to bear the corresponding costs.

Below is the original text:

Since November 2022, Chaos Labs has priced every loan initiated on Aave and has been responsible for managing all risk across Aave V2 and V3 markets and each network, during which there have been no bad debts that had any material impact.

Over this period, Aave’s total value locked (TVL) increased from $5.2 billion to more than $26 billion, cumulative deposits exceeded $2.5 trillion, and more than $2.0 billion in liquidations were completed.

Today, we have decided to proactively end this authorization relationship and seek to terminate our collaboration early.

This decision was not made in haste. We have always collaborated in good faith with DAO contributors, and Aave Labs has always maintained professionalism—and it even increased the budget to $5 million to retain us. However, we chose to leave because this partnership no longer aligns with our basic understanding of “how risk should be managed.”

Even though there are differences between the two sides regarding the future path, I still believe that Aave Labs is acting in the way it believes is most beneficial to Aave.

Why we chose to leave

Over the past three years, we have stood with Aave through multiple market crises—moments that almost tested every parameter we set and every machine learning model we built.

When we joined, the DAO’s annualized net expenditure was negative $35 million; a few months ago, its peak reached $150 million. Throughout this process, as one of the core contributors, we truly felt proud.

People don’t easily give up an experience like that. Therefore, for the sake of transparency—and also in the hope that it can serve as reference for the DAO’s future—we are stating our reasons here.

Money can solve many problems, but it is not everything. The deeper issue is that there is a structural disagreement between the two sides on the fundamental question of “how to manage risk.” As discussions about the future path continued, this divergence became increasingly clear.

In the end, the problem boils down to three points:

The departure of core Aave contributors significantly increases workload and operational risk;

The launch of V4 expands the scope of risk management responsibilities, adding operational and legal liabilities, while its architecture was not designed by us and is not the design approach we would adopt;

Over the past three years, we have carried Aave’s risk management work while operating at a loss. Even if the budget increases by $1 million, the overall operation would still remain at a negative-profit level.

This means there are only two choices left—and we cannot accept either of them:

Do our best with insufficient resources, but cannot meet the risk management standards required to support “the world’s largest DeFi application”;

Continue to subsidize Aave’s risk operations with our own funds and continue bearing losses.

Even if the economic issues are resolved, the disagreement between the two sides on risk priorities and management approaches would still remain—and this is not something that can be solved simply by increasing the budget.

But none of this changes our view of this work.

For Chaos Labs, being able to contribute to Aave has always been an honor—and it also implies a heavy responsibility. Our reputation comes from our past track record. For every collaboration, either it is completed to the standards it deserves, or we don’t do it.

People, technology, and operational experience

Aave is an excellent brand. Its leading position does not come from the flashiest features or the most aggressive growth strategy.

What truly allows Aave to maintain its advantage long term is its “reliability.” Brand and market sentiment are, in essence, only lagging reflections of its performance, safety, and risk management capability—especially in those extreme market environments that destroy other participants. And precisely on that foundation, the consensus of “Just Use Aave” gradually formed.

Competitors have rolled out more aggressive mechanisms and growth strategies, but one after another they collapsed due to risk management failures or security vulnerabilities. In a market made up of the world’s most volatile assets, “survivability” is itself a product. Whoever can manage risk better and for longer wins.

Aave’s real innovation, however, shows up in areas many other protocols overlook: processes and infrastructure. The Risk Oracles we built and first deployed on Aave enable protocols to self-repair and update parameters in real time based on dynamic and sharply fluctuating market conditions. This infrastructure supports Aave’s expansion to 250+ markets across 19 blockchains—handling hundreds of parameter updates per month—while still maintaining rigorous operational standards, thereby earning the trust Aave has today.

Over the past year, Chaos Labs has executed and continuously pushed more than 2,000 risk parameter updates across Aave markets, covering both manual adjustments and automated Risk Oracle management mechanisms. This infrastructure enables Aave to expand to 250+ markets across 19 blockchains while still achieving real-time risk management

the number of Aave risk parameter updates carried out by manual operators and via Chaos Risk Oracles.

This rigor comes from a specific collaboration system and execution stack: ACI handles growth and governance (@Marczeller), TokenLogic handles treasury management and growth (@Token_Logic), BGD handles protocol engineering (@bgdlabs), while Chaos Labs handles risk management.

Brand is the portion the outside world can see; what truly makes it worth seeing is the people, technology, and operational experience behind it.

GTM and institutional expansion

Our contribution goes far beyond risk management.

Over the past few years, the crypto industry has rapidly moved toward institutionalization. The world’s largest financial institutions have started to access DeFi, but even if the “on-chain” yield is real, it cannot outweigh a prerequisite: if institutions worry that customers’ funds could be harmed, then all of this is meaningless. For any regulated entity, everything begins with risk and ends with risk. A few additional basis points of return are never worth taking principal risk. Institutions pursue risk-adjusted returns, and they will not allocate funds to a protocol that cannot be “explained clearly” to a compliance team.

For this reason, Aave’s risk track record has become its most important GTM asset. And we, as the builders of this record, can therefore speak directly with these institutions. At Aave Labs’ request, we took on this role—meeting with partners globally, producing research and due diligence materials, and personally participating in Aave’s institutional expansion. We also hope the DAO can continue to benefit from these accumulated efforts in the coming months.

The Ship of Theseus

If every plank of a ship is replaced, is it still the same ship? The name doesn’t change, the flag doesn’t change, but the underlying reality is long different.

Aave is in exactly that kind of state now. The core contributors who built and operated V3 have already left, and the operational experience that supported Aave through market cycles over the past three years has also flowed away with them.

We are the last remaining technical contributor among this group.

V3 is still the largest application in DeFi by scale and requires risk management 24/7/365. Although Aave Labs is optimistic about a rapid migration to V4, history shows that these migrations often take months or even years. Until V4 fully takes over V3’s markets and liquidity, the two systems must run in parallel. The workload won’t be halved—it will double.

More importantly, there is operational experience. Even if we assume different teams have equal capability, the experience accumulated from running continuously for three years cannot be transferred directly during handover.

How long does it take to make up this gap? The answer is clearly not “zero.” And until the gap disappears, someone has to bear that cost—and that responsibility falls almost entirely on us, especially since the budget is already insufficient even as the scope expands.

Brand continuity is not the same as system continuity.

Why V4 is different

V4 is an entirely new lending protocol, with entirely new smart contract code, system architecture, and design paradigms. Other than the name, it is almost nothing like Aave V3.

Architecture-level changes directly affect risk: more cross-market and cross-module interdependencies, a newly adjusted credit structure, and revised liquidation logic. Any protocol’s “second-order risks” will only gradually become apparent once real funds enter the system.

Taking responsibility for inheriting this system means rebuilding the infrastructure, toolchain, and simulation systems, and doing a complete operational run from 0 to 1 on a codebase that has not yet gone through market validation. This scope is far greater than V3—and this is at the core of our decision.

Risk is downstream of architecture. When architecture undergoes fundamental change, risk management itself must be rebuilt accordingly. Unlike “standardized services” such as price oracles or reserve proofs, Risk Oracle and its supporting systems must be tailored to the specific protocol architecture. Once the architecture is rewritten, the risk infrastructure must also be rebuilt.

The issue is that the scope expands significantly, but resources are not increased accordingly. Aave Labs may be able to accept such a trade-off, but we cannot.

The real cost of this

What we give up is a collaboration that has worked well historically and comes with a $5 million price tag. For a startup, this is absolutely not a casual move, so it deserves fuller background explanation.

Compensation is only part of it. More important is a signal: how many resources an organization is willing to put into risk reflects its prioritization of risk.

At the same time, I also believe that very few people truly understand the actual costs, real expenditures, and the risks being borne by systems like this. So here, we hope to make all of that clear.

It should be made explicit that the DAO has every right to decide what it values and how much it is willing to pay for it. I have no objection to that. My responsibility is only to determine whether these conditions fit us—and this time, they do not.

Comparing Aave to banks

Aave often compares itself to banks, and we use that same yardstick. Banks typically allocate 6%–10% of their revenue to compliance and risk infrastructure. In 2025, Aave’s revenue was $142 million, while our budget was $3 million—about 2%.

We estimate that the minimum risk budget for V3 + V4 should be $8 million, to cover a broader risk scope, additional infrastructure, and the GTM work we have already taken on—amounting to about 5.6% of revenue, still below the bank’s lower bound.

And this comparison may even be “generous.” The openness of blockchains makes them more complex and more asymmetric with respect to market risk and network security risk. Protocols being open-source and transparent means the attack surface is visible to everyone. A recent series of attacks has already proven that this is not a theoretical risk. We believe DeFi should require higher risk investment than traditional finance—not lower.

Of course, Aave’s scale has almost no comparable peers in DeFi; banks are only a reference point for how much institutions that typically treat risk seriously actually invest. Whether a protocol “is capable of” investing in risk is one thing; whether it “chooses to” invest is another.

For Aave, capability is not the problem: the DAO holds reserves of about $140 million, and Aave Labs has just passed a $50 million self-funded proposal. Even if resources are scarce, the cost of risk management will not change. Budgets cannot reshape the threat structure—cost is cost.

Costs that won’t appear in the budget

Besides labor and infrastructure—which are explicit costs—there are additional implicit costs that are harder to quantify, but must still be borne.

First is legal and institutional risk. In DeFi, doing risk management (whether as a risk manager or a vault manager) involves responsibility boundaries that have not yet been clearly defined. Without a mature regulatory framework, without a “safe harbor,” and without clear legal definitions of what responsibilities risk managers should bear when a protocol fails. When the system is operating normally, these tasks are “invisible”; but if something goes wrong, the responsibility does not disappear.

Second is network and operational security. Providing risk services for a protocol that manages hundreds of billions of dollars in assets automatically makes it a target for attack. The costs of building audits, monitoring, infrastructure, and internal control systems will rise in parallel with user deposit volumes.

These costs are not unique to us. Any team taking on this role at this scale will face the same exposure. The question is whether this collaboration structure reflects that reality.

If upside returns are limited while downside risks are infinite, then choosing to continue is not “having conviction”—it is simply bad risk management.

Our principles

At Chaos, we always adhere to a simple principle: we only put our name on work that we fully recognize and endorse.

When everything is going smoothly, it is easy to stick to this principle. What truly matters is when it requires a cost. Today, that cost is $5 million.

I have written in “The Market Crypto Never Built” what institutional-grade risk management should look like. This decision is the real-world embodiment of that belief. If we argue that the industry needs higher standards, then we must first hold ourselves to those standards.

I hope V4 succeeds. If it turns out that our concerns were overestimated, then it will be good news for the entire industry.

To the Aave community: Thank you for the trust you’ve placed in us during this period. It is an honor for us.