Written by: 1inch

Translated by: AididiaoJP, Foresight News

Obtaining a quote is merely the first step in verifying a transaction.

This was a stark lesson brought to us by the Aave and CoW Swap incident on March 12, when a user sent $50,432,688 for a swap trade, ultimately recovering only $36,000.

However, this incident also raises another thought-provoking point.

The security of DeFi and self-custody are not mutually exclusive. Beneficial friction—that which does not strip away user control, but encourages careful consideration—is one of the key elements enabling the large-scale application of permissionless finance.

Price impact does not equal slippage

These two concepts are often confused, and such confusion can lead to serious consequences.

Slippage refers to the difference between the quote you receive and the actual execution price of the transaction. It occurs due to market volatility: during the time from when you request a quote to when the transaction is executed, market conditions may change. Slippage can catch you off guard.

Price impact, on the other hand, is not the same; it stems from the size of your own order. When you buy a large amount of an asset with weak liquidity, you sequentially consume the available supply at various price levels, pushing the price against your favor during the transaction, and the quote itself already reflects this impact.

According to information from CowSwap and Aave, during the incident on March 12, the quote displayed a 99.9% price impact before the user confirmed the transaction, and the interface presented a warning. The swap button remained gray and unavailable until the user checked the confirmation box, acknowledging the potential for a 100% loss of value.

The market was not unfavorable to the user. The real reason is that the order size was too large, and the existing liquidity could not absorb it at a price close to market value, and the quote clearly reflected this.

Necessary checks before executing large swaps

When the swap interface returns a quote, it only indicates that a trading path has been found; it does not mean that the transaction is economically reasonable.

Before confirming any large swaps, be sure to:

• Compare the expected amount of assets obtained with the current market price of that asset.
• Take price impact warnings seriously. 99.9% is far from a rounding error.
• For large transactions, consider splitting the orders or using over-the-counter trading, which may yield significantly better execution results.

1inch's routing mechanism

On the 1inch platform, swap transactions are routed through the Pathfinder algorithm. This algorithm scans over 300 liquidity sources to find the best viable path. Pathfinder can split orders, route across multiple pools and chains, and optimize execution quality.

However, it cannot create nonexistent liquidity out of thin air.

If you query a swap transaction on 1inch and do not receive a quote, it indicates that Pathfinder could not find a viable trading path. This "no quote" result is valuable information; it shows that current market conditions do not support a specific transaction of that scale.

If there is a price impact, we will provide you with a clear warning. When you see this warning, take it very seriously.

Implications for DeFi user experience

The cornerstone of DeFi is permissionlessness, and this should be maintained. No one should need to seek permission to manage their own assets.

However, we must balance this principle in ways that are user-friendly.

People enter the DeFi space for various motivations. Early adopters were mainly driven by the idea of decentralization. But as the space has grown, the range of user needs it must meet has also expanded. If we are to genuinely believe in the future of DeFi, we should gladly accept that users join out of a pursuit for practical advantages rather than ideological alignment.

The question lies in how to achieve balance: how to provide a safer user experience without deviating from the core principles of DeFi.

In response to this incident, Aave launched the Aave Shield feature (note that this is distinct from the 1inch Shield feature in the long-term security system of 1inch). This feature by default blocks swap transactions with a price impact exceeding 25%, but advanced users can override this limit in settings.

This is a proper example: setting practical "friction" before users confirm high-risk actions, while not stripping away anyone's right to proceed.

The goal of DeFi user experience is not to prevent users from making choices, but to ensure that these choices are made with full information and the real opportunity to reconsider. The essence of self-custody is that users are in control. And this control is most valuable when users have a clear understanding of the confirmation content.

The widespread application of DeFi will not be achieved by increasing restrictions but will be realized by making it easier for users to understand their actions before execution. This is a user experience issue and a direction for the entire industry to work towards.