Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi
The exploit saw the Moonwell protocol exploited for $1.78 million after cbETH was mispriced at $1.12 instead of about $2,200, intensifying debate around AI-co-authored smart contracts.
Moonwell, a decentralized finance (DeFi) lending protocol deployed on Base and Optimism, was exploited for about $1.78 million after a pricing oracle for Coinbase Wrapped Staked ETH (cbETH) returned a value of about $1.12 instead of $2,200, creating a mispricing that attackers were able to use for profit.
Moonwell said in an incident post-mortem that a governance proposal executed on Sunday misconfigured the cbETH oracle by using the cbETH/ETH exchange rate alone, causing the system to report cbETH at about $1.12. The protocol said liquidation bots and opportunistic borrowers exploited the mispricing, leaving roughly $1.78 million in bad debt.
The pull requests for the affected contracts show multiple commits co-authored by Anthropic’s Claude Opus 4.6, prompting security auditor Pashov to publicly flag the incident as an example of artificial intelligence-written or AI-assisted Solidity backfiring.