Home > Quick > Body

Balancer Releases Preliminary Report on Vulnerability Attack: Bulk Exchange Transaction Rounding Logic Error Exploited

clock
2025-11-05 20:20:43
Balancer released a preliminary report on the vulnerability attack incident, saying that the composable stability pool of Balancer V2 was attacked on multiple chains (including Ethereum, Base, Avalanche, Polygon, Arbitrum, etc.) on November 4. The vulnerability stems from a rounding logic error for EXACT_OUT transactions in batch exchange (batchSwap), which attackers use to manipulate the balance of the pool and withdraw assets. This incident only affects the composable stability pool of Balancer V2, and Balancer V3 and other pool types are not affected.
The Balancer team worked quickly with security partners and white hat teams to contain the spread of the attack and recover some assets through measures such as Hypernative auto-pause, asset freeze, and white hat intervention under the SEAL framework. Among them, StakeWise has recovered about 73.5% of the stolen osETH, and teams such as BitFinding and Base MEV bot have also assisted in recovering some funds.
At present, Balancer is working with security partners such as SEAL and zeroShadow to conduct cross-chain tracking and fund recovery. The final verified loss and recovery data will be announced in the full technical review report. The official reminds users: V3 and unstable pool operations are still safe only by obtaining confirmation information through Balancer's official channels.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
New Tab Page - Desk3 | Plugin
Stay ahead of the game in the cryptocurrency space.