‘Critical vulnerability’ reported in Balancer v2 pools

The vulnerability has been mitigated in around 80% of the affected v2 pools

August 22, 2023 01:30 pm

Tang Yan Song/Shutterstock modified by Blockworks

Liquidity protocol Balancer has discovered and disclosed a “critical vulnerability” affecting more than 100 of its v2 pools across eight blockchains.

Balancer said the issue has been mitigated in around 80% of the impacted pools. The remaining 20% of affected pools represent roughly 4% of Balancer’s total value locked (TVL).

The Balancer team posted a list of affected pools on its GitHub page and its emergency subDAO has been activated, enabling users to exit from affected pools.

“We believe funds in the mitigated pools (labeled ‘mitigated’) are safe, but nevertheless strongly recommend timely migration to safe pools, or withdrawal,” Jeff Bennett, a software engineer at Balancer Labs, wrote in a post.

Bennett urged all liquidity providers to exit their positions in affected pools immediately.

“Pools that could not be mitigated are labeled ‘at risk.’ If you are [a liquidity provider] in any of these pools, please exit immediately,” he wrote.

The situation had an immediate market impact. The price of Balancer’s native token BAL dipped by over 4% on the news of the vulnerabilities. BAL’s price has since recovered, trading at $3.47 at the time of writing.

Blockworks Research analyst Spencer Hughes noted that the Balancer vulnerability shows that smart contract audits cannot guarantee total safety, and that it is important to note that they never claimed to be.

“With ~$830M TVL, a Balancer exploit would have left one of the most prominent DEXs for dead,” Hughes said. “Emergency SubDAOs are definitely very important for all DeFi protocols, and it is great that they were able to act before anything malicious could occur.”

Get the news in your inbox. Explore Blockworks newsletters:

The Breakdown: Decoding crypto and the markets. Daily.
Empire: Crypto news and analysis to start your day.
Forward Guidance: The intersection of crypto, macro and policy.
0xResearch: Alpha directly in your inbox.
Lightspeed: All things Solana.
The Drop: Apps, games, memes and more.
Supply Shock: Bitcoin, bitcoin, bitcoin.

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy tickets learn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy tickets learn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

🚀 Build What’s Next — Permissionless IV Hackathon Join us June 22–23 in Brooklyn for the Permissionless IV Hackathon — a 36-hour sprint hosted by Cracked Labs and Blockworks where top builders turn ideas into real products. Come to launch, not just […]

learn more

recent research

Research

Kamino V2: A New Growth Lever

Kamino has evolved into a full-stack asset scaling suite with V2: unlocking new markets, improving capital efficiency, and catering to various risk profiles. We believe it is best positioned to become the credit backbone of Solana as the ecosystem matures. Simply put, KMNO remains our highest-conviction bet in the Solana ecosystem. This report lays out our thesis.

by Carlos Gonzalez Campo

news

Breaking headlines across our core coverage categories.