Security

Balancer V2 Stable Pools Drained via Compounded Precision Rounding Flaw

Precision loss in Balancer's core invariant math was weaponized via atomic batch swaps, compromising pool integrity and draining $128M.
December 5, 20253 min

A close-up view highlights a complex, metallic structure rendered in vibrant blue and reflective silver. The form exhibits intricate details, sharp geometric segments, and smooth, interconnected contours, suggesting advanced decentralized finance DeFi infrastructure
A close-up view presents two sophisticated, white and metallic mechanical connectors, with one end displaying a vibrant blue illuminated core, positioned as if about to interlock. The background features blurred, similarly designed components, suggesting a larger, interconnected system

Briefing

The Balancer V2 protocol suffered a catastrophic economic exploit on November 3, 2025, resulting in the loss of over $120 million across multiple EVM chains. The primary consequence was the systemic failure of the Composable Stable Pools, which allowed an attacker to systematically drain liquidity provider assets. This sophisticated attack was rooted in a subtle rounding inconsistency within the pool’s core invariant calculation logic, which was compounded through repeated, atomic batchSwap operations. The total quantified loss is estimated at $128.64 million, making it one of the largest DeFi breaches of the year.

The image displays intricate blue structures densely covered in sharp white crystalline formations, with a transparent cylindrical element partially visible. The blue forms, resembling a spiraled or layered texture, are encrusted with countless individual white crystals, creating a frosty appearance

Context

The prevailing risk in complex DeFi protocols remains the interaction between high-precision math and the integer-only environment of the Ethereum Virtual Machine (EVM). This incident is a direct consequence of a known class of vulnerability where tiny, wei-level rounding discrepancies in pool invariant calculations can be weaponized. The protocol’s architecture, which treats Balancer Pool Tokens (BPT) as a tradable asset within the pool, amplified the attack surface by allowing the attacker to manipulate liquidity to a critical low-balance state.

A highly stylized, metallic central mechanism, resembling an engine or a complex actuator, is positioned diagonally. Four dark blue, rectangular components extend symmetrically from its core, creating a dynamic cross-like configuration

Analysis

The attacker’s method hinged on manipulating the pool into a low-liquidity state, which magnified the impact of a precision loss bug in the _upscale function. This specific flaw created an asymmetry in rounding direction during the invariant (D) calculation, causing a systematic undervaluation of the Balancer Pool Token (BPT). By executing a sequence of carefully calibrated micro-swaps within a single, atomic batchSwap transaction, the attacker repeatedly exploited this mathematical bias. This compounded the rounding errors, quietly reducing the pool invariant and allowing the attacker to withdraw more underlying assets than they deposited.

The image displays a detailed close-up of a complex mechanical system, featuring transparent blue conduits and metallic components. Numerous small bubbles are visible within the translucent sections, indicating dynamic internal activity

Parameters

  • Total Funds Lost → $128.64 Million (The total value drained from the Composable Stable Pools across all affected networks).
  • Attack Vector → Rounding Inconsistency (A logic flaw in the pool’s invariant math that caused systematic precision loss).
  • Affected Chains → Ethereum, Arbitrum, Base, Polygon (The primary EVM networks targeted by the multi-chain exploit).
  • Funds Recovered → $45.7 Million (Assets protected or recovered through coordinated whitehat and emergency actions).

A detailed overhead perspective showcases a high-tech apparatus featuring a central circular basin vigorously churning with light blue, foamy bubbles. This core is integrated into a sophisticated framework of dark blue and metallic silver components, accented by vibrant blue glowing elements and smaller bubble clusters in the background

Outlook

Immediate mitigation for users involves withdrawing from all remaining Balancer V2 Composable Stable Pools that were not paused. This incident establishes a new security baseline, mandating that future audits must focus intensely on the cumulative effects of precision loss in batched and chained operations, moving beyond single-swap correctness. Contagion risk is high for all protocols forking Balancer V2 or relying on similar stable pool invariant math, requiring immediate code review and emergency pausing.

A close-up reveals a sophisticated, multi-component mechanism, prominently featuring translucent blue and clear elements. A clear, curved channel is filled with countless small bubbles, indicating dynamic internal processes, while metallic accents underscore the intricate engineering

Verdict

The Balancer V2 exploit serves as a definitive case study that a single, subtle mathematical rounding error, when weaponized by advanced batching logic, can translate into a nine-figure systemic failure.

Smart contract vulnerability, precision loss exploit, invariant manipulation, automated market maker, composable stable pool, batch swap attack, multi-chain incident, DeFi economic exploit, rounding error, low liquidity state, whitehat recovery, on-chain forensics, liquidity provider risk, EVM integer math, asset undervaluation, token price distortion, code audit failure, systemic DeFi risk, protocol invariant flaw, multi-chain drain Signal Acquired from → openzeppelin.com

Micro Crypto News Feeds

composable stable pools

Definition ∞ Composable stable pools are liquidity pools in decentralized finance that consist of stablecoins and allow for flexible integration with other protocols.

pool invariant

Definition ∞ Pool Invariant denotes a mathematical relationship or constant maintained within a decentralized exchange (DEX) liquidity pool, particularly in automated market makers.

precision loss

Definition ∞ Precision loss describes the reduction in accuracy of numerical values, often occurring during data processing or storage.

stable pools

Definition ∞ Stable pools are specialized liquidity pools within decentralized finance (DeFi) protocols designed for trading stablecoins or other assets that are pegged to the same value, such as different versions of wrapped Bitcoin.

multi-chain

Definition ∞ A multi-chain system refers to an architecture that supports multiple independent blockchain networks.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

stable pool

Definition ∞ A stable pool is a type of liquidity pool in decentralized finance specifically designed to facilitate exchanges between stablecoins or other pegged assets with minimal price volatility.

systemic failure

Definition ∞ Systemic Failure describes a widespread collapse or severe disruption across an entire financial system or market, rather than an isolated incident.

Tags:

Tags: