A crypto trader lost more than $50 million in Aave-packaged USDT on March 12 after sending a single large order through the DeFi lending protocol’s exchange interface and clearing a slippage warning on a mobile device.
Data from Etherscan shows that the wallet exchanged $50.43 million worth of aEthUSDT for $327.24 aEthAAVE via the CoW protocol in Ethereum block 24,643,151.
At the current AAVE price of $111.52, the returned tokens were worth approximately $36,100, leaving an implied loss of approximately $49.96 million from the original order size.
The trade immediately attracted attention in crypto markets due to its scale and the fact that it took place through one of the largest venues in decentralized finance. Aave is the largest DeFi lending protocol with over $1 trillion in total cumulative loans.
Following the incident, Aave revealed its intention to contact the affected user and return approximately $600,000 in fees collected during the transaction. CoW Protocol said it would also refund any fees sent to CoW DAO.
Who is the victim?
Blockchain analytics platform Lookonchain said the wallet behind the exchange may belong to Garrett Jin, a popular crypto trader known as BitcoinOG1011short.
Lookonchain said on-chain tracing identified 13 wallets that may belong to Jin. He said these wallets received USDC or USDT from Binance on February 16 and 20, then became active again on Thursday and transferred funds to two new wallets.
According to Lookonchain, one of these wallets shared the same Binance deposit address as Garrett Jin.
This claim attracted considerable attention as Jin has previously been linked to other large and closely watched crypto transactions.
Last October, online sleuths linked him to a $735 million Bitcoin short position opened through Hyperliquid shortly before President Donald Trump threatened additional tariffs on China.
This transaction, which brought in up to $200 million in profits, subsequently fueled speculation about advanced knowledge because it came just before a massive market sell-off.
However, Jin rejected this narrative, saying the capital belongs to the customers. He added that his team runs nodes and provides information internally, and that he has no ties to the Trump family.
As of press time, Jin has yet to confirm any connection to the $50 million loss.
Ethereum intermediaries share the windfall
While the trader absorbed the loss, other participants in the Ethereum execution chain captured the spread released by the order.
Emmet Gallic, an analyst at Arkham Intelligence, said a maximum extractable value, or MEV, mediated the transaction between the Uniswap and SushiSwap pools.
In Ethereum markets, MEV refers to the profits captured by automated traders when they react to price gaps created during block execution.
Gallic said the bot paid Titan Builder 16,927 ETH, worth approximately $34.8 million. Titan Builder then paid 568 ETH, or approximately $1.2 million, to the Lido validator associated with the block proposal and retained approximately 16,359 ETH, or approximately $33.6 million. The bot operator ended up with around $10 million in winnings.
As a result, Titan Builder generated the highest revenue among crypto platforms over the past 24 hours, according to data from DeFiLlama.
Aave and CoW say user was notified of transaction
Meanwhile, DeFi protocols Aave and CoW both defended their platforms over this loss, claiming that the user received a clear warning before the order was executed.
Aave founder Stani Kulechov explained that the user manually overrode a warning signal reporting unusually high slippage and then proceeded to trade on mobile.
According to him:
“The transaction could not be advanced without the user explicitly accepting the risk via the confirmation checkbox.”
He described the outcome as “clearly far from optimal” and said the Aave team would look at stronger safeguards around similar transactions.
CoW Protocol gave a similar account, while explaining that:
“There is no indication of a protocol exploit or other malicious behavior. The transaction was executed according to the parameters of the signed order.”
CoW also said that available public and private liquidity sources could not enable reasonable execution for an order of this size.
Their explanation focused on execution conditions rather than software failures. The route searched for available cash, found a path, and passed the order through sites that reevaluated as the size passed through them.
The warning flow recorded user approval before the transaction hit the market.
Improving DeFi user experience
As a result, the episode brought renewed attention to how DeFi interfaces handle oversized orders.
Suhail Kakar, head of developer relations at Polymarket, said the incident showed a gap in protecting DeFi users rather than a failure of the underlying contracts.
He said Aave and CoW Swap executed the trade as planned, but cautioned that a mobile confirmation flow should not prevent a user from suffering a $49.9 million loss due to slippage.
Kakar added that wallets and frontends should more clearly display the expected loss in dollars and introduce stricter controls for oversized orders, including mechanisms that split large trades into smaller trades.
In response, Kulechov said Aave would implement stricter safeguards to prevent a recurrence, while CoW said the exchange showed the need to continue improving the DeFi user experience.
According to CoW:
“Preventing users from making transactions removes choice and can lead to terrible outcomes in certain situations (e.g. a stock market crash). That said, transactions like these show that DeFi UX is still not where it needs to be to protect all users. As a team, we are currently exploring how to balance strong safeguards with preserving user autonomy.”
