On April 6, 2026, Chaos Labs announced it was stepping down from its role as Aave's risk manager after roughly 3 years working across Aave V2 and V3.
Chaos framed the exit around a "fundamental misalignment" over how Aave should handle risk going forward, not just a contract renewal gone wrong.
That is the headline. The more interesting story is underneath it.
What exactly happened between Aave and Chaos Labs?
Chaos Labs made it clear this was not just about money. In its departure post, the firm said the real issue was a "fundamental misalignment" over how Aave should manage risk as it grows.
Chaos pointed to 3 pressures:
-
A heavier workload after other contributors left
-
Bigger operational and legal exposure tied to Aave V4
-
The claim that its Aave engagement had been unprofitable for 3 years
Put simply, Chaos argued that Aave had become much larger, but its risk setup had not scaled with it. The firm said Aave grew from $5.2 billion to more than $26 billion in TVL during their time working together, while the job expanded far beyond routine parameter updates into automation, institutional support, and more complex infrastructure.
Aave did not deny the negotiation. In Aave's governance forum, Chaos Labs said Aave Labs backed a raise to $5 million, while Aave CEO Stani Kulechov said Aave was open to about 2x the prior budget but rejected broader terms that would have given Chaos more control over Aave's risk stack.
The cleanest way to read it is this: the budget gap was real, but the deeper split was over scope, control, and responsibility.
Why Aave V4 became part of the fight
Aave V4 is not a routine upgrade. Aave governance materials describe it as a complete architectural overhaul, built around a hub-and-spoke design and a more modular market structure.
That matters because bigger architecture creates a bigger risk job.
If Aave V4 changes how liquidity, collateral, and risk boundaries are organized, then the team managing protocol risk is not just tweaking caps anymore. It is helping operationalize an entirely new framework.
Chaos' complaint was that this would materially increase technical, operational, and legal exposure. In response, Aave replied that continuity can be preserved through a broader, layered model rather than concentrating more power in one provider.
In other words, this was not just a compensation dispute. It was a disagreement over what risk management should look like at Aave's next stage.
The March oracle incident changed the tone
The March 10, 2026 CAPO oracle incident made that disagreement much harder to treat as abstract governance friction.
According to Aave's post-mortem, a CAPO parameter update pushed the wstETH oracle about 2.85% below the valid market rate, triggering roughly $26.6 million in liquidations across Aave V3 Core and Prime. The DAO later moved to reimburse affected users, with the governance proposal estimating about 512.19 ETH in refunds and 357.56 ETH in net DAO cost after recoveries. A related governance proposal later showed a slightly updated figure.
The protocol did not suffer bad debt, but that is not the point. The point is that a risk system designed to protect the protocol ended up liquidating users by mistake. Once that happens, every open question about accountability gets more serious.
Why the contributor exits matter
Chaos is leaving at a sensitive moment.
On March 3, 2026, ACI said it would not seek renewal and would wind down over four months. Coverage around that exit also pointed to BGD Labs planning to leave by April. Chaos itself cited contributor departures as part of the reason its own burden had increased.
That does not automatically mean Aave is in trouble. But it does mean Aave is being asked to prove that its governance model can handle turnover during a major transition.
What happens now
As of April 9, 2026, the immediate focus is continuity.
Chaos has proposed a 30-day offboarding plan and said it will support a structured handoff during that period. The proposal also says certain risk oracles for supply caps, borrow caps, interest rates, and PT price oracles will be turned off during the transition, with LlamaRisk taking over parameter management manually.
LlamaRisk has already said it is ready to absorb the departing responsibilities and argued that this is exactly why Aave should rely less on external black-box dependency over time.
That is the real next chapter. Aave now has to show that losing a major risk provider does not weaken execution at the exact moment it is trying to evolve its architecture.
Why this matters
Aave is too important for this to be dismissed as a governance spat. When a protocol of this size loses a key risk manager during a major architectural shift, the market starts asking a bigger question: is the system resilient, or just dependent on a few critical operators?
If the transition goes smoothly, this will look like a difficult but manageable reset. If it does not, the split will be remembered as the moment Aave's governance model came under real pressure.
Bottom line
Calling this a breakup makes it sound dramatic. Calling it a governance test is more accurate.
Chaos Labs left over a real disagreement about economics, architecture, and control. Aave now has to prove that its multi-provider model can keep working without one of its most prominent risk partners. The headlines are already here. The harder part is what happens over the next 30 days.
