Security

Balancer V2 Stable Pools Drained via Compounded Precision Rounding Flaw

Precision loss in Balancer's core invariant math was weaponized via atomic batch swaps, compromising pool integrity and draining $128M.
December 5, 20253 min

A futuristic white modular structure occupies the central foreground, its core emitting a vibrant blue luminescence as it actively disperses numerous smaller blue and white cubic particles outwards. Surrounding elements, blurred and abstract, imply a vast interconnected system
A futuristic rendering displays a complex mechanical assembly featuring polished metallic shafts and intricate cylindrical structures. These components are partially enveloped by a vibrant, translucent blue fluid-like substance, suggesting dynamic interaction and energy transfer

Briefing

The Balancer V2 protocol suffered a catastrophic economic exploit on November 3, 2025, resulting in the loss of over $120 million across multiple EVM chains. The primary consequence was the systemic failure of the Composable Stable Pools, which allowed an attacker to systematically drain liquidity provider assets. This sophisticated attack was rooted in a subtle rounding inconsistency within the pool’s core invariant calculation logic, which was compounded through repeated, atomic batchSwap operations. The total quantified loss is estimated at $128.64 million, making it one of the largest DeFi breaches of the year.

A close-up view reveals a complex blue and white mechanical or digital assembly, prominently featuring a glowing, spherical blue core surrounded by concentric white rings and detailed metallic components. The surrounding structure consists of dark blue panels with etched silver circuitry patterns, suggesting an advanced technological device

Context

The prevailing risk in complex DeFi protocols remains the interaction between high-precision math and the integer-only environment of the Ethereum Virtual Machine (EVM). This incident is a direct consequence of a known class of vulnerability where tiny, wei-level rounding discrepancies in pool invariant calculations can be weaponized. The protocol’s architecture, which treats Balancer Pool Tokens (BPT) as a tradable asset within the pool, amplified the attack surface by allowing the attacker to manipulate liquidity to a critical low-balance state.

A close-up view presents a central metallic component, resembling a power cell or data processing unit, surrounded by an intricate, flowing blue liquid. Four metallic arms extend from this core, acting as conduits for the dynamic liquid, set against a smooth, gradient grey background

Analysis

The attacker’s method hinged on manipulating the pool into a low-liquidity state, which magnified the impact of a precision loss bug in the _upscale function. This specific flaw created an asymmetry in rounding direction during the invariant (D) calculation, causing a systematic undervaluation of the Balancer Pool Token (BPT). By executing a sequence of carefully calibrated micro-swaps within a single, atomic batchSwap transaction, the attacker repeatedly exploited this mathematical bias. This compounded the rounding errors, quietly reducing the pool invariant and allowing the attacker to withdraw more underlying assets than they deposited.

A detailed 3D render showcases a futuristic blue transparent X-shaped processing chamber, actively filled with illuminated white granular particles, flanked by metallic cylindrical components. The intricate structure highlights a complex operational core, possibly a decentralized processing unit

Parameters

  • Total Funds Lost → $128.64 Million (The total value drained from the Composable Stable Pools across all affected networks).
  • Attack Vector → Rounding Inconsistency (A logic flaw in the pool’s invariant math that caused systematic precision loss).
  • Affected Chains → Ethereum, Arbitrum, Base, Polygon (The primary EVM networks targeted by the multi-chain exploit).
  • Funds Recovered → $45.7 Million (Assets protected or recovered through coordinated whitehat and emergency actions).

A close-up view reveals two abstract, smooth, intertwined forms against a soft grey background. One form is opaque white, while the other is translucent, deep blue, reflecting light and creating dynamic visual depth

Outlook

Immediate mitigation for users involves withdrawing from all remaining Balancer V2 Composable Stable Pools that were not paused. This incident establishes a new security baseline, mandating that future audits must focus intensely on the cumulative effects of precision loss in batched and chained operations, moving beyond single-swap correctness. Contagion risk is high for all protocols forking Balancer V2 or relying on similar stable pool invariant math, requiring immediate code review and emergency pausing.

A modern, rectangular device with a silver metallic chassis and a clear, blue-tinted top cover is presented against a plain white background. Visible through the transparent top, a complex internal mechanism featuring a polished circular platter, gears, and an articulating arm suggests a precision data processing or storage unit

Verdict

The Balancer V2 exploit serves as a definitive case study that a single, subtle mathematical rounding error, when weaponized by advanced batching logic, can translate into a nine-figure systemic failure.

Smart contract vulnerability, precision loss exploit, invariant manipulation, automated market maker, composable stable pool, batch swap attack, multi-chain incident, DeFi economic exploit, rounding error, low liquidity state, whitehat recovery, on-chain forensics, liquidity provider risk, EVM integer math, asset undervaluation, token price distortion, code audit failure, systemic DeFi risk, protocol invariant flaw, multi-chain drain Signal Acquired from → openzeppelin.com

Micro Crypto News Feeds

composable stable pools

Definition ∞ Composable stable pools are liquidity pools in decentralized finance that consist of stablecoins and allow for flexible integration with other protocols.

pool invariant

Definition ∞ Pool Invariant denotes a mathematical relationship or constant maintained within a decentralized exchange (DEX) liquidity pool, particularly in automated market makers.

precision loss

Definition ∞ Precision loss describes the reduction in accuracy of numerical values, often occurring during data processing or storage.

stable pools

Definition ∞ Stable pools are specialized liquidity pools within decentralized finance (DeFi) protocols designed for trading stablecoins or other assets that are pegged to the same value, such as different versions of wrapped Bitcoin.

multi-chain

Definition ∞ A multi-chain system refers to an architecture that supports multiple independent blockchain networks.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

stable pool

Definition ∞ A stable pool is a type of liquidity pool in decentralized finance specifically designed to facilitate exchanges between stablecoins or other pegged assets with minimal price volatility.

systemic failure

Definition ∞ Systemic Failure describes a widespread collapse or severe disruption across an entire financial system or market, rather than an isolated incident.

Tags:

Tags: