Balancer has released a Vulnerability Disclosure Report: Bulk Exchange Trade Rounding Logic Error Exploited

By: theblockbeats.news|2025/11/06 00:45:52

BlockBeats News, November 6th, according to official sources, Balancer has released a preliminary report on the exploit incident. The report indicates that Balancer V2's Composable Stable Pool was attacked on November 4th across multiple chains (including Ethereum, BSC, Avalanche, Polygon, Arbitrum, etc.). The exploit originated from a rounding error in the EXACT_OUT transaction logic during batchSwap, allowing the attacker to manipulate the pool balances and withdraw assets. This incident only affected Balancer V2's Composable Stable Pool, with Balancer V3 and other pool types remaining unaffected.

The Balancer team swiftly collaborated with security partners and white-hat teams to take action. Through measures such as automatic pause via Hypernative, asset freezing, and white-hat interventions under the SEAL framework, they successfully contained the attack and recovered some assets. StakeWise has recovered approximately 73.5% of the stolen osETH, while teams like BitFinding and Base MEV bot assisted in the recovery of some funds.

Currently, Balancer is working with security partners such as SEAL and zeroShadow to conduct cross-chain tracking and fund recovery. The final assessment of losses and recovery data will be disclosed in a comprehensive technical retrospective report. Users are reminded to only trust information confirmed through official Balancer channels, as V3 and non-stable pool operations remain secure.

-- Price

This incident reveals a fundamental weakness in Delta's stablecoin - the coupling point between the minting logic and off-chain signatures/oracles is the most vulnerable attack surface of the system. Any capital efficiency design of "1 dollar minted for 1 dollar" must be predicated on extremely rigo...

Crypto Market Sees Large Liquidations: $272 Million in Long Positions Affected

Key Takeaways In the last 24 hours, $272 million worth of contracts were liquidated across the entire crypto…

Whale Increases BTC Shorts and Bets on Crude Oil: A Strategic Crypto Move

Key Takeaways A prominent whale, known as “UnRektCapital,” has strategically escalated its short position in Bitcoin while simultaneously…

Hackers in Brazil Use Fake Google Play Store to Steal Cryptocurrency

Key Takeaways Hackers in Brazil are exploiting fake Google Play Store pages to spread Android malware. Infected devices…

Exchanging 200,000 for nearly 100 million, DeFi stablecoins face another attack

DeFi project teams cannot assume that the modules they control are necessarily secure.

The underlying business agreement of the trillion-dollar Agent economy: Understanding ERC-8183, it's not just about payments, but the future

This article systematically analyzes the technical principles and commercial value of the ERC-8183 protocol from the dimensions of technical architecture, core mechanisms, application scenarios, and ecological collaboration.

When Wall Street's ETH begins to "yield": Looking at the asset properties of Ethereum from BlackRock's ETHB

ETH is undergoing a paradigm shift from a "volatile asset" to a "yield-generating cash flow asset."

The Power of Agency: The Agentic Wallet and the Next Decade of Wallets

In 1984, Apple killed the command line with a mouse. In 2026, Agent is killing the mouse.

Understanding x402 and MPP in One Article: Two Routes for Agent Payments

x402 makes payments within the agreement, while MPP makes system-level payments.

Particle Founder: The entrepreneurial insights I have gained the most from in the past year

Stop lean startup, stop lightning entrepreneurship, and think carefully about what your product aspirations are.

Huang Renxun's latest podcast transcript: The future of Nvidia, the development of embodied intelligence and agents, the explosion of inference demand, and the public relations crisis of artificial intelligence

The competition in the future is not just about whose model is larger or whose computing power is stronger, but also about who understands the industry better, who can embed AI more deeply into real processes, and who can organize these capabilities into a runnable and scalable system.

OKX Ventures Research Report: AI Agent Economic Infrastructure Research Report (Part 1)

The existing infrastructure is hostile to the Agent economy. Agents can think and act independently at the "capability level," but at the "economic level," they are still locked into infrastructure designed for humans.

The migration of settlement rights: B18 and the institutional starting point of on-chain banks

In the traditional system, banks decide the settlement; in the on-chain system, code begins to take over this responsibility.

From Tencent and Circle: Looking at the Simple and Difficult Questions of Investment

The AI narrative continues to ferment, but the recent performance of related stocks varies, with some in the midst of summer and others as if in winter.

The second half of stablecoins no longer belongs to the crypto circle

What Coinbase doesn't want, Mastercard is eager to buy.

Cursor "Shell" Kimi Controversy Reversed: From Copyright Infringement Allegations to Authorized Collaboration, China's Open Source Model Once Again Becomes a Global AI Foundation

Cursor was accused of being based on Kimi K2.5, which sparked controversy, and was later confirmed to be compliant through Fireworks AI due diligence.

The Real Reason Tokens Don't Sell: 90% of Crypto Projects Overlook Investor Relations

Provide an Investor Relations Best Practices Guide for Crypto Projects.