Aevo officials have disclosed a smart contract vulnerability linked to a DeFi incident on December 12, impacting the Ribbon DOV legacy vault with losses pegged at $2.7 million. The breach affected only Ribbon, while the Aevo platform remains fully operational and unaffected elsewhere.
All Ribbon vaults are halted and will be deactivated, with about 32% of vault assets lost. Market participants should proceed with withdrawals via the standard process, which will require a contract upgrade expected to release next week; additional details are forthcoming.
The claims window spans six months until June 12, 2026. Thereafter, the DAO will liquidate any remaining assets and distribute proceeds to users who have previously withdrawn. Potential compensation could reach up to 19% of the lost amount or the remaining balance.