Moonwell’s lending pools racked up about $1.78M in bad debt after a cbETH oracle mispriced the token at nearly $1 instead of around $2.2k, enabling bots and liquidators to drain collateral within hours of a misconfigured Chainlink-based update reportedly using AI-generated logic.
Summary
- Misconfigured cbETH oracle set price near $1 vs roughly $2.2k, triggering a ~99% valuation gap that broke Moonwell’s collateral math.
- Liquidators repaid around $1 per position to seize over 1,096 cbETH, leaving Moonwell with roughly $1.78M in protocol-level bad debt.
- Faulty formula and scaling logic were reportedly co-authored by AI model Claude Opus 4.6, spotlighting new DeFi risk around AI-written oracle and pricing code.
Decentralized finance lending protocol Moonwell suffered a $1.78 million exploit due to a pricing oracle bug that misvalued Coinbase-wrapped ETH (cbETH), according to reports from the platform.
You might also like: Thai SEC clears $BTC, crypto, carbon credits for derivatives
The vulnerability originated in oracle calculation logic reportedly generated by the AI model Claude Opus 4.6, which introduced an incorrect scaling factor in the asset price feed, according to the protocol’s disclosure. Attackers borrowed against severely underpriced collateral, extracting funds before the error was detected and corrected.
Moonwell lost $1.78M due to a smart contract bug reportedly introduced in AI-generated code.
The vulnerable logic was generated by Claude Opus 4.6. A flaw in the oracle formula caused cbETH to be priced at $1.12 instead of $2,200, opening the door for exploitation.
Commits in… pic.twitter.com/4xG5AxZWA4
— Web3 Antivirus (@web3_antivirus) February 18, 2026
The cbETH mispricing effectively collapsed the collateral requirement for borrowing within affected pools. Because lending systems rely on accurate collateral ratios, the incorrect price allowed attackers to extract assets with minimal backing value, according to the protocol’s technical analysis.
Price oracles represent critical security components in DeFi lending systems. Incorrect asset valuation can enable under-collateralized borrowing or liquidation failures. Many major DeFi exploits have historically involved oracle manipulation or pricing errors rather than core protocol flaws, according to industry security reports.
The Moonwell incident differs from traditional oracle exploits in that the faulty logic appears linked to automated AI code generation rather than malicious oracle data feeds, according to the protocol’s preliminary investigation.
The exploit highlights risks associated with AI-assisted smart-contract development in financial applications. Language models can accelerate coding workflows, but financial protocols require precise numerical correctness, unit handling and edge-case validation, according to blockchain security experts.
In DeFi systems, small arithmetic or scaling mistakes can translate into systemic vulnerabilities affecting collateral valuation and solvency. The incident raises questions about whether AI-generated contract components may require stricter auditing standards than manually written code, according to security researchers.
AI-assisted development is increasingly used across Web3 engineering workflows, from contract templates to integration logic. Security models and audit frameworks have not yet fully adapted to AI-generated contract code, according to industry observers.
The broader implications center on how automated code generation errors in financial logic represent a new category of DeFi risk. Oracle math, scaling factors and unit conversions remain high-precision domains where automation failures can propagate into protocol-level vulnerabilities, according to technical analysis of the incident.
As AI-assisted smart-contract development expands, audit methodologies will likely need to evolve toward verifying not only code correctness but generation provenance and numerical invariants, according to blockchain security firms.
Read more: David Bailey’s Nakamoto strikes $107M deal to buy $BTC Inc and UTXO