Balancer V2 Drained via BatchSwap Rounding Error across Multi-Chain Pools ∞ Security

A futuristic transparent device, resembling an advanced hardware wallet or cryptographic module, displays intricate internal components illuminated with a vibrant blue glow. The top surface features tactile buttons, including one marked with an '8', and a central glowing square, suggesting sophisticated user interaction for secure operations

A transparent, faceted cylindrical component with a blue internal mechanism and a multi-pronged shaft is prominently displayed amidst dark blue and silver metallic structures. This intricate assembly highlights the precision engineering behind core blockchain infrastructure

Briefing

A sophisticated exploit targeted the Balancer V2 Composable Stable Pools, resulting in the unauthorized draining of over $128 million in assets across multiple Layer-1 and Layer-2 networks. The attack leveraged a critical rounding error within the batchSwap function’s upscale logic, allowing the attacker to manipulate internal accounting invariants and siphon assets from the vault. This systemic failure necessitated emergency actions, including pausing affected pools and halting network bridges, to prevent further contagion and limit the total financial exposure. The total loss is estimated to exceed $128 million, making it one of the largest single-vector DeFi breaches of the year.

A blue, patterned, tubular structure, detailed with numerous small, light-colored indentations, forms a large semi-circular shape against a dark background. Black, robust cylindrical components are integrated into the blue structure, with clear, thin tubes traversing the scene, suggesting data flow

Context

Prior to this incident, the prevailing risk factor for complex DeFi protocols like Balancer was the inherent systemic risk of smart contract composability, where a minor flaw in one function can be amplified across multiple integrated pools and chains. Despite multiple audits, the complex nature of the V2 Composable Stable Pools, which utilize intricate logic for multi-token swaps, created an expanded attack surface. The core vulnerability class ∞ precision errors and invariant manipulation ∞ was a known risk in AMM design, but the specific interaction with the batchSwap feature was not adequately mitigated.

A transparent blue, possibly resin, housing reveals internal metallic components, including a precision-machined connector and a fine metallic pin extending into the material. This sophisticated assembly suggests a specialized hardware device designed for high-security operations

Analysis

The attacker executed the exploit by targeting a rounding error in the upscale function of the batchSwap feature, which is responsible for multi-token swaps within the pool. This precision flaw was combined with the protocol’s mechanism for deferred settlements, allowing the adversary to exploit the difference between the pool’s internal accounting and its actual liquidity. By repeatedly manipulating the price calculation invariant within the stable pools, the attacker was able to illegitimately withdraw an inflated amount of assets, including WETH, osETH, and wstETH, from the shared V2 Vault across Ethereum, Base, Arbitrum, and other chains. The rapid, multi-chain execution demonstrated a high level of coordination and forensic preparation.

A sophisticated, transparent blue and metallic device features a central white, textured spherical component precisely engaged by a fine transparent tube. Visible through the clear casing are intricate internal mechanisms, highlighting advanced engineering

Parameters

Total Funds Drained ∞ $128 Million ∞ The estimated total value of assets siphoned from V2 Composable Stable Pools across all affected chains.
Vulnerability Type ∞ Rounding Error/Invariant Manipulation ∞ A flaw in the batchSwap upscale function that distorted the internal price calculation.
Affected Networks ∞ Ethereum, Base, Arbitrum, Polygon, Optimism, Sonic ∞ Demonstrating the systemic risk of a shared codebase across a multi-chain architecture.
Recovered/Frozen Funds ∞ $19 Million (approx) ∞ The amount of stolen funds that security partners were able to recover or freeze, limiting the net loss.

The image displays a detailed view of a sophisticated, futuristic mechanism, predominantly featuring metallic silver components and translucent blue elements with intricate, bubbly textures. A prominent central lens and a smaller secondary lens are visible, alongside other circular structures and a slotted white panel on the left, suggesting advanced data capture and processing capabilities

Outlook

The immediate mitigation for all users is to revoke any token approvals granted to the affected Balancer contracts, minimizing the blast radius of any potential second-order effects. This incident will force a critical re-evaluation of security in complex AMM designs, particularly the risk associated with precision-sensitive logic and multi-chain deployment of shared vaults. Going forward, new security best practices must mandate more rigorous, formal verification of low-level arithmetic functions and the implementation of robust, decentralized pause mechanisms that can be activated instantly across all chains simultaneously to contain systemic exploits.

The Balancer V2 breach confirms that even mature protocols with multiple audits remain critically exposed to subtle arithmetic and access control flaws that are amplified by multi-chain composability.

smart contract security, decentralized exchange, automated market maker, defi vault, liquid staking derivatives, access control, smart contract audit, chain security, on-chain governance, protocol upgrade, emergency pause, forensic analysis, financial primitive, cross-chain bridge, web3 security, code review, threat modeling, systemic risk, financial contagion, protocol failure Signal Acquired from ∞ bankinfosecurity.com