‘Critical vulnerability’ reported in Balancer v2 pools

The vulnerability has been mitigated in around 80% of the affected v2 pools

article-image

Tang Yan Song/Shutterstock modified by Blockworks

share

Liquidity protocol Balancer has discovered and disclosed a “critical vulnerability” affecting more than 100 of its v2 pools across eight blockchains.

Balancer said the issue has been mitigated in around 80% of the impacted pools. The remaining 20% of affected pools represent roughly 4% of Balancer’s total value locked (TVL).

The Balancer team posted a list of affected pools on its GitHub page and its emergency subDAO has been activated, enabling users to exit from affected pools. 

“We believe funds in the mitigated pools (labeled ‘mitigated’) are safe, but nevertheless strongly recommend timely migration to safe pools, or withdrawal,” Jeff Bennett, a software engineer at Balancer Labs, wrote in a post. 

Bennett urged all liquidity providers to exit their positions in affected pools immediately. 

“Pools that could not be mitigated are labeled ‘at risk.’ If you are [a liquidity provider] in any of these pools, please exit immediately,” he wrote.

The situation had an immediate market impact. The price of Balancer’s native token BAL dipped by over 4% on the news of the vulnerabilities. BAL’s price has since recovered, trading at $3.47 at the time of writing. 

Blockworks Research analyst Spencer Hughes noted that the Balancer vulnerability shows that smart contract audits cannot guarantee total safety, and that it is important to note that they never claimed to be.

“With ~$830M TVL, a Balancer exploit would have left one of the most prominent DEXs for dead,” Hughes said. “Emergency SubDAOs are definitely very important for all DeFi protocols, and it is great that they were able to act before anything malicious could occur.”


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

AERODROME TEMPLATE.png

Research

Aerodrome is a "MetaDEX" that combines elements of various DEX primitives such as Uniswap V2 and V3, Curve, Convex, and Votium. Since its launch on Base, it has become the largest protocol by TVL with more than $495B in value locked, doubling Uniswap's Base deployment.

article-image

The former Valkyrie CEO chats with Blockworks about what she has her eye on as Cypherpunk Holdings’ new leader

article-image

Thursday’s CPI report shows prices are coming down more quickly than analysts had anticipated, renewing hope that central bankers will cut rates in the fall

article-image

If we tokenize all assets in a speculative rush, the risk of creating illiquid markets and trapped value will manifest on a large scale

article-image

Plus, Trump is headed to the heart of Bitcoinlandia with a speaking appearance at the Bitcoin 2024 conference

article-image

Meanwhile, stocks rally after Jerome Powell finishes his Capitol Hill tour

article-image

Plus, Blinks have reshaped many people’s understanding of what blockchains are capable of