A Sunday morning pricing glitch turned into a multimillion-dollar headache for the DeFi lending platform Moonwell, after a "misconfigured oracle" briefly valued Coinbase Wrapped ETH (cbETH) at just $1.

The pricing error effected caused a 99.9% discount from the asset's actual market value of roughly $2,200. The error triggered a wave of liquidations, ultimately leaving the platform with approximately $1.78 million in bad debt.

“Once identified, our risk manager @anthiasxyz moved quickly to reduce the cbETH borrow cap to 0.01 to contain further risk to the protocol,” Moonwell wrote on X on Monday. “The supply cap was also reduced to 0.01 to prevent new users from unknowingly supplying to the affected market.”



In a Moonwell forum post on Monday, risk management firm Anthias Labs reported the error occurred at 6:01 PM UTC on February 15, when the Moonwell DAO governance proposal, MIP-X43, was executed, enabling Chainlink OEV wrapper contracts across markets on Base and Optimism. One of these oracles was misconfigured and failed to price cbETH’s USD value correctly.

Moonwell said that instead of multiplying the cbETH/ETH feed by the ETH/USD price, the system used only the raw cbETH/ETH exchange rate. As a result, the oracle reported cbETH at around $1.12.

Trading bots began targeting cbETH collateral positions, and because the system believed cbETH was worth just over $1, liquidators were able to repay roughly $1 of debt to seize a total of 1,096.317 cbETH, the company said.

“This wiped out most or all of the cbETH collateral for many borrowers, while leaving substantial bad debt on their positions since the repaid amount was far below the actual borrowed value,” Anthias Labs wrote.

The distorted pricing also enabled exploitation.

“A smaller number of users exploited the distorted pricing to supply minimal collateral, massively over-borrow cbETH at the artificially low reported price, and instantly generate additional bad debt denominated in cbETH,” the firm added.

While the misconfigured Oracle took much of the blame, users on X began circulating images of the MIP-X43 as being co-authored by Claude Opus 4.6, with some calling it a “vibe coding” error.

When asked by Decrypt about the error and resulting exploit, Moonwell spokesperson declined to comment.

Overall, Moonwell was left with $1,779,044 in total bad debt across various markets, according to the post.

According to Moonwell, a forthcoming governance vote will address the oracle configuration following the required timelock period.

Moonwell is the latest in a growing list of DeFi projects exploited due to misconfigured oracles. In December, Ribbon Finance lost about $2.7 million after a decimal mismatch in an oracle upgrade distorted asset pricing and enabled over-collateralization.

In January, DeFi platform Makina Finance was exploited via flash-loan-driven oracle manipulation, allowing an attacker to extract roughly $4 million in ETH.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。