Anderson
On November 3, 2025, the prominent DeFi protocol Balancer V2 suffered a severe cyberattack, resulting in estimated losses of approximately $128 million, according to Verichain. This event not only impacted numerous liquidity pools across major networks—including Ethereum, Base, Avalanche, Gnosis, Berachain, Polygon, Sonic, Arbitrum, and Optimism—but also propagated to other protocols based on the Balancer V2 fork. Notably, projects like Beets, BEX, and PHUX sustained damages, with BEX, the largest DEX on Berachain, reportedly losing about $13 million. Berachain was even forced to temporarily halt its chain operations to prevent the attacker from fully draining assets. As we analyze at Cyberk, such incidents highlight the critical need for rigorous security practices in the DeFi space.
Crucially, the Balancer development team had previously identified this specific rounding error but underestimated its impact, failing to patch it in time, which led to its critical exploitation. Following the main attack, numerous copycats and MEV bots rapidly replicated the exploit method to drain remaining pools, causing the total damage to escalate quickly.
The root cause of the Balancer V2 incident was a precision loss bug within the smart contract logic that governed integer arithmetic calculations, particularly affecting pools containing assets that did not maintain a 1:1 ratio.
The primary vulnerability resided in Balancer’s implementation of the Composable Stable Pool—a pool type designed for stable or correlated asset swaps (e.g., wstETH, ETH, osETH). Balancer introduced a scaling factor to manage related assets (e.g., 1 wstETH = 1.05 ETH). The issue occurred during the calculation of the scaled amount:
(scaled_amount = (raw_amount * scaling_factor) / 1e18)
When the raw token amount (raw_amount) was extremely small (e.g., 8 wei), the integer division in this formula could cause a precision loss of up to 12.5% (1/8).
The function executed a rounding down operation after multiplication by the scaling factor. This rounding down created an arbitrage opportunity for the attacker, enabling them to swap out a small amount of output token while providing less input token than necessary to the pool.
According to Verichain sources, this specific rounding-down behavior favoring the attacker was noted in the codebase comments, but the development team neglected to implement a fix because they underestimated the impact of the rounding error.
Despite Balancer's awareness of the vulnerability, they were unable to halt some vulnerable pools because these pools had exceeded the designated "window of deployment" allowing state and parameter changes. This limitation was due to Balancer’s commitment to maintaining strict decentralization.
Remaining pools were quickly paused or drained. The initial attacker had left their compute contract code on-chain, allowing easy replication by copycat attackers who only needed to fork the code and change the pool address. This led to a surge of follow-up exploits within hours of the main attack.
While the Balancer internal balance feature itself was not the vulnerability, it was a crucial contributing factor that enabled the attacker to amplify the precision loss error significantly.
Balancer’s mechanism allows users to flash-mint LP tokens (BPT) within a batchSwap, use them within the same transaction, and only settle the balance at the end. This meant the attacker could temporarily utilize the pool's balance without needing explicit token flashloans.
By leveraging these flash-minted BPTs, the attacker executed continuous swaps (BPT → token1 và BPT → token2) to manipulate the pool state, driving the raw balances of the tokens within the pool to become extremely small (around 40,000 wei).
Making the raw token balances extremely small was the prerequisite condition for triggering maximum precision loss during the subsequent Precision-Loss Loop. After manipulation, the attacker repeatedly swapped between two tokens, optimizing for a small variable to create the maximum precision loss advantage on every iteration.
This is the most critical takeaway, as it represents the root cause. The _upscale function in Balancer rounded down after multiplying by the scaling factor, which consistently provided an advantage to the attacker on every swap. Smart Contract Development teams must ensure that financial mathematical functions are designed to always round up or utilize rounding methods that favor the pool or the protocol.
Concurrently, they must rigorously test edge cases where the raw token amount (raw_amount) is extremely small (e.g., 8 wei). In integer arithmetic, these minute values can lead to substantial, exploitable precision loss.
The Balancer incident underscores the peril of neglecting known flaws. The rounding-down issue was documented in Balancer's codebase comments. However, the development team bypassed fixing the bug because they underestimated the impact of this "minor" rounding error. The lesson is clear: any documented flaw, particularly within financial computation logic, must be prioritized for remediation, regardless of its perceived insignificance.
DeFi protocols employing complex formulae require scrutiny beyond standard practices. Developers must conduct frequent security audits and thoroughly stress-test complex formulae and logic. Even a highly reputable protocol like Balancer, having undergone multiple audits, was susceptible to exploitation via a trivial rounding error.
Features designed to optimize performance or usability can inadvertently introduce powerful attack vectors. The Internal Balances Mechanism, for instance, allowed the attacker to flash-mint BPTs temporarily and manipulate the pool state with minimal friction.
When implementing advanced features like internal accounting mechanisms, developers must ensure they cannot be leveraged to set up exploit-triggering conditions (e.g., driving token balances to extremely low states, around 40,000 wei).
Balancer V2 serves as a stark warning to the entire DeFi industry, underscoring that frequent security audits and meticulous scrutiny of complex logic and formulae are paramount, and that developers must never underestimate the impact of rounding errors or dismiss documented flaws. For teams looking to secure their protocols against similar vulnerabilities, Cyberk provides expert auditing and development services to ensure robust and secure DeFi infrastructure.