Security

Balancer V2 Stable Pools Drained via Compounded Precision Rounding Flaw

Precision loss in Balancer's core invariant math was weaponized via atomic batch swaps, compromising pool integrity and draining $128M.
December 5, 20253 min

A futuristic white sphere, resembling a planetary body with a prominent ring, stands against a deep blue gradient background. The sphere is partially segmented, revealing a vibrant blue, intricate internal structure composed of numerous radiating crystalline-like elements
A white, modular device, resembling an advanced hardware wallet or a decentralized oracle mechanism, is partially submerged in a bubbly blue liquid, actively emitting glowing blue light and water splashes from its central processing unit. This visually represents the dynamic operations of a high-performance blockchain node

Briefing

The Balancer V2 protocol suffered a catastrophic economic exploit on November 3, 2025, resulting in the loss of over $120 million across multiple EVM chains. The primary consequence was the systemic failure of the Composable Stable Pools, which allowed an attacker to systematically drain liquidity provider assets. This sophisticated attack was rooted in a subtle rounding inconsistency within the pool’s core invariant calculation logic, which was compounded through repeated, atomic batchSwap operations. The total quantified loss is estimated at $128.64 million, making it one of the largest DeFi breaches of the year.

A spherical object, predominantly translucent blue, is textured with scattered white granular particles and intricate silver-lined patterns. A distinct diagonal silver channel bisects the object, revealing deeper blue tones within its structure

Context

The prevailing risk in complex DeFi protocols remains the interaction between high-precision math and the integer-only environment of the Ethereum Virtual Machine (EVM). This incident is a direct consequence of a known class of vulnerability where tiny, wei-level rounding discrepancies in pool invariant calculations can be weaponized. The protocol’s architecture, which treats Balancer Pool Tokens (BPT) as a tradable asset within the pool, amplified the attack surface by allowing the attacker to manipulate liquidity to a critical low-balance state.

A futuristic white capsule-like device, split into two segments, rests amidst dynamic blue liquid. Bright blue glowing particles emanate from the central opening of the device, dispersing into the surrounding translucent medium

Analysis

The attacker’s method hinged on manipulating the pool into a low-liquidity state, which magnified the impact of a precision loss bug in the _upscale function. This specific flaw created an asymmetry in rounding direction during the invariant (D) calculation, causing a systematic undervaluation of the Balancer Pool Token (BPT). By executing a sequence of carefully calibrated micro-swaps within a single, atomic batchSwap transaction, the attacker repeatedly exploited this mathematical bias. This compounded the rounding errors, quietly reducing the pool invariant and allowing the attacker to withdraw more underlying assets than they deposited.

A close-up view reveals a complex blue and white mechanical or digital assembly, prominently featuring a glowing, spherical blue core surrounded by concentric white rings and detailed metallic components. The surrounding structure consists of dark blue panels with etched silver circuitry patterns, suggesting an advanced technological device

Parameters

  • Total Funds Lost → $128.64 Million (The total value drained from the Composable Stable Pools across all affected networks).
  • Attack Vector → Rounding Inconsistency (A logic flaw in the pool’s invariant math that caused systematic precision loss).
  • Affected Chains → Ethereum, Arbitrum, Base, Polygon (The primary EVM networks targeted by the multi-chain exploit).
  • Funds Recovered → $45.7 Million (Assets protected or recovered through coordinated whitehat and emergency actions).

A polished white, cylindrical form with silver bands is centrally positioned, emerging from a vibrant cluster of dark blue and luminous cyan crystalline fragments. This visual metaphor explores the core tenets of cryptocurrency and blockchain technology

Outlook

Immediate mitigation for users involves withdrawing from all remaining Balancer V2 Composable Stable Pools that were not paused. This incident establishes a new security baseline, mandating that future audits must focus intensely on the cumulative effects of precision loss in batched and chained operations, moving beyond single-swap correctness. Contagion risk is high for all protocols forking Balancer V2 or relying on similar stable pool invariant math, requiring immediate code review and emergency pausing.

A detailed, close-up view shows a light blue, textured surface forming a deep, circular indentation. A spherical object resembling a full moon floats centrally above this void, symbolizing a digital asset experiencing significant price action or 'mooning' within the DeFi landscape

Verdict

The Balancer V2 exploit serves as a definitive case study that a single, subtle mathematical rounding error, when weaponized by advanced batching logic, can translate into a nine-figure systemic failure.

Smart contract vulnerability, precision loss exploit, invariant manipulation, automated market maker, composable stable pool, batch swap attack, multi-chain incident, DeFi economic exploit, rounding error, low liquidity state, whitehat recovery, on-chain forensics, liquidity provider risk, EVM integer math, asset undervaluation, token price distortion, code audit failure, systemic DeFi risk, protocol invariant flaw, multi-chain drain Signal Acquired from → openzeppelin.com

Micro Crypto News Feeds

composable stable pools

Definition ∞ Composable stable pools are liquidity pools in decentralized finance that consist of stablecoins and allow for flexible integration with other protocols.

pool invariant

Definition ∞ Pool Invariant denotes a mathematical relationship or constant maintained within a decentralized exchange (DEX) liquidity pool, particularly in automated market makers.

precision loss

Definition ∞ Precision loss describes the reduction in accuracy of numerical values, often occurring during data processing or storage.

stable pools

Definition ∞ Stable pools are specialized liquidity pools within decentralized finance (DeFi) protocols designed for trading stablecoins or other assets that are pegged to the same value, such as different versions of wrapped Bitcoin.

multi-chain

Definition ∞ A multi-chain system refers to an architecture that supports multiple independent blockchain networks.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

stable pool

Definition ∞ A stable pool is a type of liquidity pool in decentralized finance specifically designed to facilitate exchanges between stablecoins or other pegged assets with minimal price volatility.

systemic failure

Definition ∞ Systemic Failure describes a widespread collapse or severe disruption across an entire financial system or market, rather than an isolated incident.

Tags:

Tags: