On February 15, 2026, at 6:01 PM UTC, a governance proposal called MIP-X43 went live on Moonwell, a DeFi lending protocol operating on Base and Optimism. The upgrade was supposed to enable Chainlink OEV (Oracle Extractable Value) wrapper contracts across the protocol's core markets. Instead, a single misconfiguration in the oracle pricing formula caused Coinbase Wrapped ETH (cbETH) to be valued at approximately $1.12, a 99.9% discount from its actual market price of roughly $2,200 at the time of writing. Within four minutes, liquidators had begun seizing cbETH collateral for pennies on the dollar. By the time the risk manager slammed the borrow cap to 0.01, the protocol had accumulated $1,779,044.83 in bad debt.
The One-Line Bug That Broke a 1,964x Price Feed
The root cause was deceptively simple. When Moonwell's oracle was updated to use Chainlink's OEV wrapper contracts, the cbETH pricing formula was configured to use only the raw cbETH/ETH exchange rate rather than multiplying that ratio by the ETH/USD price feed. The result: instead of calculating cbETH's dollar value as (cbETH/ETH) * (ETH/USD), the oracle reported only the cbETH/ETH ratio, which sits near 1.12 at any given time.
That made cbETH appear to be worth $1.12 instead of approximately $2,200.
This is the equivalent of a currency exchange booth displaying the EUR/USD exchange rate of 1.08 as the actual euro price in dollars, telling customers that one euro costs $1.08 when it should cost, well, $1.08. The analogy breaks because the cbETH/ETH ratio happens to look like a plausible dollar price. Automated systems did not pause to question why cbETH had apparently crashed 99.95% in a single block.
Four Minutes From Execution to Exploitation
The post-mortem published by AnthiasLabs on February 17 reconstructs the timeline:
- 6:01 PM UTC: MIP-X43 executes on-chain, enabling the new Chainlink OEV wrapper contracts.
- 6:05 PM UTC: Moonwell's monitoring systems detect the oracle discrepancy. The risk manager immediately reduces cbETH supply and borrow caps to 0.01, effectively freezing the market.
Four minutes. That was the entire window. But in DeFi, four minutes is an eternity.
Liquidators, both opportunistic bots and manual actors, saw cbETH positions suddenly appear massively under-collateralized. At $1.12 per cbETH, every borrower who had posted cbETH as collateral was technically insolvent. Liquidators could repay roughly $1 of a borrower's debt and seize their full cbETH collateral in return.
Some actors went further. Rather than just liquidating existing positions, opportunists supplied minimal collateral and massively over-borrowed cbETH at its distorted price. Why wouldn't they? The protocol believed cbETH was nearly worthless.
$1.78 Million in Bad Debt Across 11 Assets
The damage spread across the entire Base core market. According to the AnthiasLabs breakdown, the bad debt totals $1,779,044.83:
- cbETH: 467.76 tokens ($1,033,393)
- WETH: 239.66 tokens ($478,998)
- USDC: 232,607 tokens ($232,584)
- EURC: 9,719 tokens ($11,566)
- cbBTC: 0.17 tokens ($11,442)
- cbXRP: 5,481 tokens ($7,947)
- DAI: 1,520 tokens ($1,520)
- USDS: 1,053 tokens ($1,052)
- AERO: 642 tokens ($204)
- MORPHO: 126 tokens ($171)
- wstETH: 0.07 tokens ($164)
Liquidators seized a total of 1,096.317 cbETH tokens. The protocol cannot recover these through normal operations because the debt positions are now underwater: the collateral is gone, but the borrowed tokens were never returned.
No other markets on Optimism were affected. The bug was isolated to the cbETH Core Market on Base.
The AI Code Controversy
Smart contract auditor Pashov flagged on X on February 17 that the vulnerable code was co-authored by an AI model. "Claude Opus 4.6 wrote vulnerable code, leading to a smart contract exploit with $1.78M loss," Pashov wrote. "cbETH asset's price was set to $1.12 instead of approximately $2,200."
Blockchain security researcher Cos from SlowMist identified the root cause as "an error in a low-level oracle price feed formula," noting how pricing errors can propagate throughout connected protocols and enable liquidity drains.
Project pull requests reportedly showed commits co-authored by AI during development cycles. If confirmed, this would be one of the first significant DeFi losses directly attributed to AI-generated smart contract code, raising uncomfortable questions about code review processes when AI is part of the development pipeline.
The lesson is not that AI-assisted development is inherently dangerous. It is that oracle pricing logic, the single most critical component in any lending protocol, demands human verification regardless of who or what wrote it. A two-variable multiplication error is not a subtle logic flaw. It is the kind of mistake that a line-by-line code review should catch every time.
What Affected Users Should Know
If you had cbETH supplied as collateral on Moonwell's Base core market, your position may have been liquidated during the four-minute window. The governance forum post includes a detailed spreadsheet tracking affected addresses, bad debt positions, and liquidation events.
Community members have proposed calculating "net losses" for affected borrowers rather than full reimbursement of seized cbETH. One affected user reported on the forum: "I had 2.6 cbETH supplied to Moonwell and was borrowing about 2,000 USDC against this. I also had some AERO and Virtuals which got liquidated."
A governance vote is planned to address the oracle configuration after the required five-day timelock period expires. However, the protocol faces a structural problem: liquidations continued throughout the timelock window because existing protocol parameters could not be overridden faster than the governance delay allowed.
For DeFi users more broadly, the incident is a reminder that self-custody does not eliminate protocol risk. Holding your own keys protects against exchange insolvency, but supplying assets to lending protocols introduces smart contract risk that no amount of personal security can mitigate.
A Pattern of Oracle Failures in DeFi Lending
This is not Moonwell's first oracle incident. In November 2025, a separate Chainlink oracle malfunction inflated wrsETH (Kelp DAO's wrapped restaked ETH) to approximately $5.8 million per token, enabling an attacker to extract roughly $1 million while leaving the protocol with $3.7 million in bad debt. Before that, in October 2025, a market crash triggered by tariff announcements left Moonwell with $1.7 million in bad debt. A December 2024 flash loan attack cost another $320,000.
Four oracle-related incidents in 14 months is a pattern, not bad luck. And it extends beyond Moonwell. Decrypt reports that Ribbon Finance lost $2.7 million to a similar oracle misconfiguration in December 2025, and Makina Finance lost approximately $4 million in January 2026.
The common thread: oracle pricing is the foundation of every lending protocol, and the industry still treats configuration upgrades as routine maintenance rather than the highest-risk operation in the stack.
FAQ
How did the Moonwell oracle bug work? The oracle was configured to report only the cbETH/ETH exchange ratio (approximately 1.12) instead of multiplying it by the ETH/USD price to get the actual dollar value. This made cbETH appear to be worth $1.12 instead of approximately $2,200.
Was this a hack or a configuration error? It was a configuration error introduced through governance proposal MIP-X43. However, opportunistic actors exploited the error by liquidating positions and over-borrowing cbETH at the distorted price, so the line between "bug" and "exploit" blurs.
Will affected users be compensated? A governance vote is planned, but no compensation framework has been finalized. Community proposals suggest calculating net losses rather than fully reimbursing all seized cbETH.
Was AI-generated code really responsible? Smart contract auditor Pashov claimed the vulnerable code was co-authored by Claude Opus 4.6, citing pull request evidence. This has not been independently verified by Moonwell, which declined to comment.
How can DeFi users protect themselves from oracle failures? Diversify lending positions across multiple protocols, avoid using volatile wrapped assets as sole collateral, monitor governance proposals before they execute, and never supply more than you can afford to lose to any single protocol.
Overview
A governance upgrade on Moonwell's Base lending market misconfigured the Chainlink OEV oracle wrapper for cbETH, reporting the asset at $1.12 instead of its actual $2,200 value. Within four minutes, liquidators seized 1,096 cbETH tokens from affected users, leaving the protocol with $1.78 million in bad debt across 11 different assets. This marks Moonwell's fourth oracle-related incident in 14 months and part of a broader pattern of oracle misconfiguration exploits in DeFi lending. Auditor Pashov has alleged the vulnerable code was AI-generated, though this remains unconfirmed. A governance vote to remediate the damage is pending, constrained by the protocol's five-day timelock.
Recommended Reading
- Scammers Are Mailing Fake Trezor and Ledger Letters With QR Codes Designed to Drain Your Wallet
- Ethereum PoS Deposit Contract Crosses 50 Percent of Total Supply for the First Time
- Bitcoin Has Lost Half Its Value Since October and VanEck Says Five Forces Are to Blame
