TL;DR
- Balancer released a preliminary report following an exploit that affected Composable Stable Pools across multiple networks, with an estimated $128 million impact while final figures remain under verification.
- A coordinated response with security partners and whitehat teams helped pause vulnerable pools, freeze funds and recover a portion of assets.
- Balancer v3 and all other v2 pool types remain safe, ensuring users can continue operating without risk outside the affected pool category.
Balancer issued its initial findings after the recent exploit that targeted specific Composable Stable Pools across several chains, including Ethereum, Base, Arbitrum and Avalanche. The vulnerability did not extend to Balancer v3 or other v2 pool types, enabling most platform operations to continue as usual and preserving user confidence. The prompt reaction of Balancer contributors and DeFi security partners demonstrated a more mature and resilient industry compared to past large-scale incidents.
The exploit originated from an issue in swap logic rounding during batch swaps, which attackers used to manipulate liquidity levels and extract value. This structural weakness enabled liquidity to drop to abnormally low levels and facilitated withdrawals after internal balance adjustments. Although the attack affected multiple networks, early coordination limited the spread and prevented further drain across forks such as BEX and Beets.
Swift Response Actions And Network Coordination
From the moment the exploit was detected, emergency automation paused vulnerable pools within minutes, reducing potential losses significantly. Recovery Mode ensured that affected Composable Stable v6 pools allowed proportional withdrawals, giving liquidity providers a structured exit path. Partners including Sonic Labs, Gnosis and Monerium applied freezes or restrictions to limit cross-chain activity. Whitehat teams, such as BitFinding, helped recover funds, supported by the SEAL Safe Harbor framework, which encourages responsible intervention.
Notable recoveries included millions in StakeWise asset clawbacks and assistance from validators like Berachain to contain impact. Security researchers, auditors and exchanges collaborated on tracking flows and preventing fund obfuscation, sharing only verified guidance with users. Analysts highlighted that such cooperative efforts show a stronger security culture and reinforce the value of decentralized coordination across independent actors.
Outlook And Continued Recovery Progress
The investigation remains active, and Balancer will publish a full post-mortem once all data is verified across partners. Unaffected pools remain fully functional and safe for regular activity. Users in paused Composable Stable v6 pools can continue to rely on Recovery Mode, while those in impacted v5 pools should wait for official instructions before interacting with contracts. Balancer aims to strengthen safeguards and share technical insights that reinforce DeFi security standards as recovery efforts advance.
