Moonwell cbETH Oracle Bug: How $1.78M Vanished on Base

Moonwell cbETH oracle bug was not a theft, a flash-loan attack, or market manipulation. It was a deployment error in an oracle configuration pushed by governance on February 15 that priced cbETH at about $1.12 instead of about $2,200, triggering immediate liquidations on Base and leaving roughly $1.78 million in bad debt.

Moonwell’s cbETH incident was a protocol-made liquidation event

Moonwell’s official incident summary says MIP-X43 executed at 6:01 PM UTC on February 15, enabling Chainlink OEV wrapper contracts across core markets on Base and Optimism. One oracle configuration was wrong: instead of deriving cbETH’s USD price by multiplying the cbETH/ETH feed by ETH/USD, the deployed configuration used only the raw cbETH/ETH exchange rate. That made the protocol read cbETH at about $1.12, which is the exchange ratio, not the dollar price. Anthias Labs says monitoring detected the discrepancy at 6:05 PM UTC, but by then liquidations were already live.

The outcome was severe and mechanical. Moonwell’s forum post says 1,096.317 cbETH was seized by liquidators and the protocol was left with $1,779,044.83 in bad debt across multiple borrowed assets, led by cbETH, WETH, and USDC. Rekt’s reconstruction adds the market logic in plain terms: with cbETH mispriced at $1.12, bots could repay roughly one dollar of debt and seize collateral worth thousands in real market terms. This is why calling the event an “exploit” can be misleading. The protocol executed exactly what its own oracle told it to execute.

Moonwell’s official incident summary

Rekt’s reconstruction

One missing multiplication was enough to turn healthy loans toxic

The technical mistake was simple enough to be embarrassing. Anthias Labs’ post-mortem says the oracle should have multiplied two values: the cbETH/ETH ratio and the ETH/USD price. Instead, it used only the first value. In effect, the contract treated “1 cbETH ≈ 1.12 ETH” as if it meant “1 cbETH = $1.12.” That is not a subtle rounding issue or a rare edge case. It is a broken unit conversion pushed into production pricing.

That one bad number cascaded through lending math immediately. Borrowers using cbETH as collateral became liquidatable in the same block, and Moonwell says a smaller set of users also moved in the opposite direction by supplying minimal collateral and over-borrowing cbETH at the distorted price, creating more bad debt. The protocol later published a spreadsheet and a remediation dashboard for affected addresses, which shows the team treated this as a protocol-caused event rather than ordinary market risk. A recovery-plan thread says the full on-chain review found about $2.68 million in total net losses across roughly 181 borrowers during the February 14–18 incident window, a figure larger than the protocol’s bad debt because it includes user-level loss beyond what sat on Moonwell’s books.

The real failure was the deployment pipeline, not only the formula

The formula was wrong, but the larger failure sat in the controls around it. Anthias Labs says they reduced both supply and borrow caps for cbETH to 0.01 within minutes to stop new borrows and new collateral deposits into the broken market, but liquidations continued because correcting the oracle required a five-day governance vote and timelock. That means the protocol had a fast path for limiting new exposure, but not a fast path for disabling a catastrophically wrong live price.

This is where the incident becomes a builder story rather than a blame story. If a governance proposal can push a live oracle configuration that changes collateral pricing, then a pre-execution system should simulate the exact post-upgrade market state before the transaction is broadcast. Moonwell’s own post-mortem shows that such a simulation would have surfaced an output price of $1.12 for cbETH. That number should have failed any reasonable deployment gate. Rekt says tests existed, but not the right one for this case. The missing defense was not another audit badge. It was an environment-aware sanity check on final oracle outputs.

At minimum, four checks should have existed. First, a forked-mainnet simulation of the proposal with current live feeds. Second, unit tests that validate dimensional correctness, not just type correctness. Third, deployment-time assertions for plausible price bounds on major collateral assets. Fourth, a kill switch that can temporarily suspend liquidations for a market when a trusted secondary price view diverges massively from the active oracle. None of those require new research. They require disciplined release engineering.

The AI angle is real, but it is not the official root cause

Rekt and several security commentators focused on a separate detail: commit metadata reportedly showed a Co-Authored-By: Claude Opus 4.6 line on the change associated with MIP-X43, and smart contract auditor pashov publicly pointed to that as a possible early case of “vibe-coded” Solidity failing in production. There is even a public Anthropic issue noting that Claude Code used a Co-Authored-By: Claude Opus 4.6 trailer by default at the time, which means the trailer alone does not prove the exact model or the depth of model contribution. Moonwell’s official forum post does not attribute the root cause to AI tooling.

That is the right level of precision here. The AI angle is relevant because it highlights a growing operational risk: teams are clearly using coding assistants in live DeFi infrastructure. But the official, evidenced root cause remains a bad oracle configuration and insufficient deployment safeguards. Even if AI assisted the code, humans reviewed it, merged it, queued it in governance, and let it execute against production collateral. Treating AI as the culprit would let the real process failure off too easily.

The better lesson is narrower and more useful: if teams are going to use AI-assisted development in high-stakes smart contract systems, they need stronger simulation, stronger invariant testing, and stronger human review of semantic correctness. A code suggestion engine is not uniquely dangerous here. A deployment pipeline that cannot detect a $1.12 price for cbETH is.

Recovery plan thread

pashov’s post on X

Restitution helps users, but it does not solve the architecture problem

Moonwell did move toward restitution. The recovery-plan thread says the protocol completed an on-chain review of the damage and proposed a framework combining treasury funds with future protocol revenue, beginning with roughly $310,000 from the Moonwell Apollo Treasury and ongoing repayments over time. A later governance call summary says MIP-B58 initiated the first round of cbETH incident restitution payments. That is meaningful for users, and it supports the claim that the team did not treat the event as ordinary liquidation risk.

But reimbursement is downstream of the real design question. The protocol lost money because a critical safety input could move from proposal to production without any automated proof that the resulting market state remained sane. Moonwell’s forum shows this was not a hypothetical nuisance either: users described entire portfolios being dragged into liquidation after cbETH was marked at $1.12, including non-cbETH collateral that got caught in the cascade. That is what happens when a pricing failure hits a cross-collateral lending system. The blast radius expands beyond the asset with the broken feed.

The next thing to watch is not whether Moonwell says sorry again. It is whether future oracle and governance deployments on Base get hard simulation gates, market-wide price sanity assertions, and faster emergency response paths than a five-day timelock. Without those, this was not a one-off bug. It was a preview of how automated deployment error can keep turning configuration mistakes into protocol losses.

Anthropic Claude Code issue on commit trailers

• Moonwell Governance Forum — MIP-X43 cbETH Oracle Incident Summary — https://forum.moonwell.fi/t/mip-x43-cbeth-oracle-incident-summary/2068
• Rekt — Moonwell - Rekt — https://rekt.news/moonwell-rekt