Decentralized lending protocol Moonwell suffered a $1.78 million exploit after a pricing error in its cbETH market misreported the asset’s value at $1.12 instead of roughly $2,200, according to onchain analysts and the team’s public statement.
The issue was isolated to the cbETH Core Market on Base, the protocol confirmed.
“No other markets on Base or OP Mainnet were affected. The issue is isolated to the cbETH Core Market on Base.”
Oracle Mispricing Enabled Exploit
The vulnerability stemmed from an incorrect oracle formula that drastically undervalued cbETH, creating an opportunity for attackers to manipulate collateral conditions within the affected market.
Once the issue was identified, Moonwell’s risk manager, @anthiasxyz, moved to mitigate further damage by sharply reducing both the borrow and supply caps for cbETH to 0.01.
“The supply cap was also reduced to 0.01 to prevent new users from unknowingly supplying to the affected market.”
All other markets across Base and OP Mainnet remained operational with normal parameters, according to the team.
A full postmortem is expected to be published on Moonwell’s governance forum.
AI-Generated Code Under Scrutiny
Following the exploit, several onchain analysts pointed to repository commits suggesting that parts of the vulnerable code were co-authored by Claude Opus 4.6, an AI model developed by Anthropic.
Analysts claim the flawed oracle implementation may have originated from AI-assisted Solidity code generation, raising questions about the risks of “vibe-coded” smart contracts in production environments.
If confirmed, the incident could represent one of the first high-profile exploits linked to AI-generated smart contract code.
About Moonwell
Moonwell is a non-custodial DeFi lending and borrowing protocol operating across Base, Optimism, Moonbeam, and Moonriver. Users can supply digital assets to earn yield or use them as collateral to borrow other assets, with interest rates managed algorithmically via smart contracts.
The incident adds to a growing debate within the crypto industry around the use of AI-assisted development tools in security-critical blockchain infrastructure.