Balancer audited 11 times still got hacked! The 116 million vulnerability caused a big dump of 67% in TVL.

After the Balancer v2 vault was attacked due to a major vulnerability, resulting in the loss of over $116 million in funds, the Balancer DAO has begun discussing a plan to allocate approximately $8 million of recovered assets to affected LPs. The proposal includes providing structured rewards for white hat hackers and compensating users based on a Snapshot of user pool assets at the time of the exploit.

Balancer encounters third major security incident

(Source: GitHub)

This exploit is caused by a defect in the smart contract, marking the third major security incident for Balancer. The fact that this is the third major security incident is itself quite ironic, showing that Balancer has systemic issues in its security protections. According to the Balancer platform's GitHub page, Balancer's code has been reviewed 11 times by four different blockchain security companies.

Despite the audit, the platform was still hacked, raising concerns among some cryptocurrency users about the value of audits and whether they truly ensure code security. This case has sounded the alarm for the entire DeFi industry: while smart contract audits are an important aspect of security protection, they are not foolproof. Audit firms may overlook complex vulnerabilities, or attackers may discover new exploitation methods.

On November 5, Balancer released a post-mortem analysis report outlining the root cause of the hack: a complex vulnerability in the rounding function used for EXACT_OUT trades in its stablecoin pool. The rounding function was designed to round down when inputting token prices, but the attacker managed to manipulate the calculation process to round up. The attacker combined this vulnerability with batch trading (a single transaction containing multiple operations) to siphon funds from Balancer's liquidity pool.

The complexity of this attack explains why 11 audits failed to uncover the issue. The logic of the rounding function itself may appear normal when viewed in isolation, but when combined with the batch transaction mechanism, it creates a vulnerability that can be exploited. This complex cross-functional interaction is often the blind spot that auditors find most difficult to detect.

and caused the total locked value to plummet from about 775 million USD to 258 million USD, a decline of 67%. This scale of TVL loss shows that investor confidence in Balancer has been severely impacted. The value of the BAL token has also lost about 30%, reflecting the market's pessimistic expectations for the future of the protocol. According to Deddy Lavid, CEO of blockchain security company Cyvers, the Balancer hack is one of the “most complex” attacks of 2025, highlighting the importance of user security in cryptocurrencies as security threats continue to evolve.

8 Million Dollar Compensation Plan and White Hat Hacker Reward Mechanism

(Source: Balancer)

After the Balancer v2 vault was attacked due to a major vulnerability, resulting in a loss of over $116 million in funds a few weeks ago, the Balancer DAO has begun discussions on a plan to allocate approximately $8 million of the recovered assets to affected LPs. The proposal details how to distribute the approximately $8 million recovered from the $116 million hacker attack on November 1 to the victims. Two members of the Balancer protocol community submitted a proposal on Thursday outlining the allocation plan for part of the funds recovered from the protocol's $116 million vulnerability in November.

In a $116 million theft case, approximately $28 million was recovered by white hat hackers, internal rescuers, and the Ethereum liquidity staking platform StakeWise. However, the proposal only covers the $8 million recovered by white hat hackers and internal rescue teams, while nearly $20 million recovered by StakeWise will be allocated separately to its users. This separate handling strategy reflects the complexity and legal considerations of different recovery paths.

Distribution Structure for Fund Recovery

White Hat Hackers + Internal Rescue: Approximately 8 million USD, allocated to affected LPs as per this proposal.

StakeWise Recovery: $19.7 million of osETH and osGNO, processed separately for distribution to StakeWise users.

Certora Collaborative Recovery: 4.1 million USD, due to a previous agreement not meeting the bounty conditions.

Total Recovered Amount: Approximately 28 million USD (24% of the losses)

Unrecovered Losses: Approximately $88 million (representing 76% of the losses)

The proposal includes providing structured rewards for white hat hackers and compensating users based on the asset Snapshot data from the user pool at the time of the vulnerability exploitation, which is in accordance with the Safe Harbor Agreement. The agreement stipulates a maximum bounty of $1 million for each incident, and white hat hackers must complete comprehensive KYC and sanction screenings. This structured bounty mechanism is designed to incentivize white hat hackers to choose responsible disclosure when discovering vulnerabilities, rather than exploiting them for personal gain.

Several anonymous rescuers on Arbitrum have given up their bounty claims. This act of high moral integrity is praised within the crypto community, showing that not all white-hat hackers are motivated by financial gain; some are purely focused on protecting the security of the ecosystem. The recovered tokens cover networks such as Ethereum, Polygon, Base, and Arbitrum, and liquidity providers will be compensated based on the tokens they originally provided, proportionate to the pool.

Technical Details and Controversies of the Compensation Mechanism

The author suggests that all compensations should be non-socialized, meaning that funds are allocated only to specific liquidity pools that have incurred losses, and are paid proportionally based on each holder's share in the liquidity pool, represented by Balancer Pool Tokens (BPT). This design ensures fairness and avoids a “robbing Peter to pay Paul” style of socialized loss sharing.

The author believes that compensation should also be paid in the form of physical assets, and victims of hacking attacks should receive compensation valued in the tokens they lost, to avoid price mismatches between different digital assets. This detail is extremely important, as compensating all victims with a single token (such as ETH or USDC) may create new inequities due to token price fluctuations. For example, if a certain LP loses stablecoins but receives compensation in volatile assets, this mismatch could lead to the actual compensation value not aligning with the losses.

A claims mechanism is currently under development. If the proposal is approved, users will need to accept the updated terms of use. This process is expected to take several weeks to refine the technical details and legal framework. The claims mechanism requires verification of each victim's identity and the amount of loss, which is no easy task in a decentralized environment.

Additionally, the $19.7 million of osETH and osGNO recovered by StakeWise will be handled separately. This portion of funds is directly related to users of the StakeWise platform, so its allocation logic differs from that of general LPs. The $4.1 million recovered in collaboration with Certora does not meet the bounty conditions due to a prior agreement. This indicates that Certora may be a security partner of Balancer, and its assistance in recovering funds is based on existing collaboration agreements rather than a white hat bounty program.

Systematic Flaws in DeFi Security Audits Exposed

According to the Balancer platform's GitHub page, Balancer's code has been reviewed 11 times by four different blockchain security companies. Despite being audited, the platform was still hacked, raising questions among some cryptocurrency users about the value of audits and whether they truly ensure code security. This case highlights the systemic flaws in current DeFi security audits.

Audit firms typically examine code within limited time and budget constraints, focusing on known vulnerability patterns and common security issues. However, complex cross-functional vulnerabilities like those encountered by Balancer may require in-depth dynamic testing and attack simulations of the entire system to be detected. Additionally, the timeliness of audit reports is also a concern, as code may continue to be updated after the audit, and new changes could introduce new vulnerabilities.

The deeper issue is that the auditing industry itself lacks unified standards and accountability mechanisms. Audit firms often include disclaimers in their reports, stating that the audit does not guarantee the code is completely secure. This lack of responsibility means that even if an audit fails, audit firms rarely face substantive consequences. The case of Balancer may prompt the industry to reassess auditing standards and the allocation of responsibilities.

The post-analysis report released on November 5 revealed the technical details of the attack. The design of the rounding function was intended to round down when inputting token prices, but the attacker managed to manipulate the calculation process to round up. The attacker combined this vulnerability with batch transactions to steal funds from Balancer's liquidity pool. This method of attack is extremely sophisticated, requiring a deep understanding of Balancer's code logic and the ability to identify unexpected behaviors arising from different combinations of functions.