Aave Labs has submitted an ARFC (Aave Request for Comment) proposing a new Technical Asset Listing Framework designed to bring consistency, transparency, and repeatability to asset listings across Aave V3, V4, and the institutional-focused Horizon market. The proposal, published on May 28, 2026, does not replace existing market-risk or liquidity analyses, but instead works alongside risk-provider methodologies to set baseline technical requirements.
The framework breaks down into eight core evaluation areas: ERC20 compliance, oracle design, access control, exchange rate mechanics, token architecture, bridge risk, audit history, and external dependencies. Each area has specific criteria—for example, a Chainlink price feed must exist on the target chain, and any deviation from standard parameters must be justified. Yield-bearing assets are expected to use a CAPO adapter where required.
A key focus is access control. Privileged roles on token and periphery contracts must be mapped and documented, with a new five-level security classification introduced. Roles controlled by a single private key or a weak multisig fall at the lowest levels, demanding closer scrutiny. Audit requirements are similarly strict: a recent, reputable audit covering the deployed version of any asset is mandatory, and unresolved critical or high-severity findings must be remediated before listing can proceed.
The governance process follows a clear sequence—pre-screening, technical review, risk-provider coordination, and publication—with ongoing monitoring built in. Annual assessments are planned for all actively listed assets, while contract upgrades, new chain deployments, or security incidents trigger immediate reviews. Findings from technical reviews can lead to governance consequences such as lower supply caps, reduced LTV ratios, or deferred onboarding.
The proposal also extends to Horizon, Aave’s RWA-focused market that launched in August 2025 and has attracted over $440 million in deposits. There, tokenized real-world assets bring additional considerations like issuer controls and off-chain dependencies, all of which must be disclosed and assessed. Aave Labs emphasized that the framework is not meant to create friction for assets with strong controls, but to surface technical issues before they become protocol-level risks.
