Skip to main content
Security

Balancer V2 Composable Pools Drained via BatchSwap Rounding Flaw

A critical rounding error in the `batchSwap` upscale logic allowed adversaries to exploit deferred settlement mechanisms, resulting in over $128M in multi-chain asset loss.
November 17, 20253 min

A series of white, conical interface modules emerge from a light grey, grid-patterned wall, each surrounded by a dense, circular arrangement of dark blue, angular computational blocks. Delicate white wires connect these blue blocks to the central white module and the wall, depicting an intricate technological assembly
A high-resolution, abstract rendering showcases a central, metallic lens-like mechanism surrounded by swirling, translucent blue liquid and structured conduits. This intricate core is enveloped by a thick, frothy layer of white bubbles, creating a dynamic visual contrast

Briefing

The Balancer V2 protocol suffered a catastrophic multi-chain exploit, resulting in the draining of over $128 million from its Composable Stable Pools. This incident represents a severe failure in core smart contract logic, immediately compromising the solvency of affected pools and eroding user trust across multiple Layer 1 and Layer 2 networks. Forensic analysis confirms the root cause was a subtle yet critical rounding error within the batchSwap upscale function, which was weaponized to illegitimately siphon assets from the vault.

A striking, clear, interwoven structure, reminiscent of a complex lattice, takes center stage against a soft, blurred blue and grey background. This transparent form appears to flow and connect, hinting at underlying digital processes and data streams

Context

The prevailing security posture for complex DeFi primitives, particularly those involving multi-token swaps and boosted liquidity, has always carried elevated risk due to the sheer complexity of the invariant logic. Previous incidents have repeatedly highlighted the danger of precision errors and flawed access controls in pool management functions. The failure to fully mitigate this known class of vulnerability ∞ specifically, issues related to deferred settlement accounting and precision during upscaling ∞ created the attack surface that the adversary ultimately leveraged.

The image showcases a detailed close-up of a precision-engineered mechanical component, featuring a central metallic shaft surrounded by multiple concentric rings and blue structural elements. The intricate design highlights advanced manufacturing and material science, with brushed metal textures and dark inner mechanisms

Analysis

The attack was executed by exploiting a rounding error within the batchSwap feature, which is responsible for multi-token swaps and managing the pool’s internal accounting. The attacker used this flaw to manipulate the protocol’s deferred settlement mechanism. By executing a sequence of specific swaps, the attacker was able to push the pool’s internal liquidity accounting below a safe, auditable threshold, effectively bypassing the intended access controls and allowing them to withdraw assets far in excess of their actual contribution. This chain of cause and effect demonstrates a direct compromise of the smart contract’s financial invariant.

The image displays an abstract composition of metallic, cylindrical objects interspersed with voluminous clouds of white and blue smoke. A glowing, textured sphere resembling the moon is centrally positioned among the metallic forms

Parameters

  • Total Funds Drained ∞ $128 Million ∞ The final estimated value of assets siphoned from the Composable Stable Pools across all affected blockchains.
  • Vulnerability Type ∞ Rounding Error ∞ A critical precision flaw in the batchSwap upscale function that enabled the exploit.
  • Affected Chains ∞ Six Blockchains ∞ The exploit impacted pools on Ethereum, Base, Polygon, Arbitrum, Optimism, and Sonic.
  • Affected Assets ∞ osETH, WETH, wstETH ∞ Major liquid-staked Ethereum derivatives and wrapped Ether were the primary targets.

An abstract, dark, multi-layered object with intricate, organic-like cutouts is depicted, covered and surrounded by a multitude of small, glowing blue and white particles. These particles appear to flow dynamically across its surface and through its internal structures, creating a sense of movement and digital interaction

Outlook

Immediate mitigation for all users involves revoking token approvals for Balancer V2 contracts, especially those connected to Composable Stable Pools, to prevent further unauthorized access. This incident will trigger a mandatory, industry-wide re-audit of all complex swap logic, particularly focusing on floating-point arithmetic and precision handling in multi-asset vaults. The contagion risk is moderate, as similar AMM protocols utilizing complex internal accounting for boosted or composable liquidity must now prioritize formal verification of their swap and settlement functions to establish a new, higher standard for smart contract security.

The foreground features a cluster of irregularly faceted, translucent blue and clear crystal-like structures, interconnected by numerous dark strands. Smooth, white, urn-shaped objects with intricate internal mechanisms are positioned around this core, also linked by thin rods

Verdict

The Balancer V2 exploit is a definitive, high-severity case study proving that subtle precision flaws in core DeFi logic remain the single greatest systemic risk to multi-billion dollar liquidity protocols.

DeFi exploit, smart contract vulnerability, decentralized exchange, multi-chain attack, composable stable pools, access control flaw, liquidity pool drain, rounding error, batch swap logic, on-chain forensics, asset siphoning, protocol solvency, critical vulnerability, risk mitigation, security posture, pool invariant, generalized swap Signal Acquired from ∞ bankinfosecurity.com

Micro Crypto News Feeds

composable stable pools

Definition ∞ Composable stable pools are liquidity pools in decentralized finance that consist of stablecoins and allow for flexible integration with other protocols.

security posture

Definition ∞ A security posture describes the overall state of an organization's cybersecurity defenses and its readiness to counter threats.

rounding error

Definition ∞ A rounding error is a discrepancy that arises when representing a number with a finite number of digits during calculations.

stable pools

Definition ∞ Stable pools are specialized liquidity pools within decentralized finance (DeFi) protocols designed for trading stablecoins or other assets that are pegged to the same value, such as different versions of wrapped Bitcoin.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

smart contract

Definition ∞ A Smart Contract is a self-executing contract with the terms of the agreement directly written into code.

liquidity

Definition ∞ Liquidity refers to the degree to which an asset can be quickly converted into cash or another asset without significantly affecting its market price.

Tags:

Tags: