Security

Balancer V2 Stable Pools Drained via Compounded Precision Rounding Flaw

Precision loss in Balancer's core invariant math was weaponized via atomic batch swaps, compromising pool integrity and draining $128M.
December 5, 20253 min

White and dark gray modular structures converge, emitting intense blue light and scattering crystalline fragments, creating a dynamic visual representation of digital processes. This dynamic visualization depicts intricate operations within a decentralized network, emphasizing the flow and transformation of data
A highly detailed, metallic blue and silver abstract symbol, shaped like an "X" or plus sign, dominates the frame, encased in a translucent, fluid-like material. Its complex internal circuitry and glowing elements are sharply rendered against a soft, out-of-focus background of cool grey tones

Briefing

The Balancer V2 protocol suffered a catastrophic economic exploit on November 3, 2025, resulting in the loss of over $120 million across multiple EVM chains. The primary consequence was the systemic failure of the Composable Stable Pools, which allowed an attacker to systematically drain liquidity provider assets. This sophisticated attack was rooted in a subtle rounding inconsistency within the pool’s core invariant calculation logic, which was compounded through repeated, atomic batchSwap operations. The total quantified loss is estimated at $128.64 million, making it one of the largest DeFi breaches of the year.

A detailed, close-up view shows a light blue, textured surface forming a deep, circular indentation. A spherical object resembling a full moon floats centrally above this void, symbolizing a digital asset experiencing significant price action or 'mooning' within the DeFi landscape

Context

The prevailing risk in complex DeFi protocols remains the interaction between high-precision math and the integer-only environment of the Ethereum Virtual Machine (EVM). This incident is a direct consequence of a known class of vulnerability where tiny, wei-level rounding discrepancies in pool invariant calculations can be weaponized. The protocol’s architecture, which treats Balancer Pool Tokens (BPT) as a tradable asset within the pool, amplified the attack surface by allowing the attacker to manipulate liquidity to a critical low-balance state.

A transparent, luminous blue X-shaped component is prominently displayed, showcasing intricate internal pathways and circuitry. It is situated within a larger, blurred industrial or technological system rendered in shades of blue and gray

Analysis

The attacker’s method hinged on manipulating the pool into a low-liquidity state, which magnified the impact of a precision loss bug in the _upscale function. This specific flaw created an asymmetry in rounding direction during the invariant (D) calculation, causing a systematic undervaluation of the Balancer Pool Token (BPT). By executing a sequence of carefully calibrated micro-swaps within a single, atomic batchSwap transaction, the attacker repeatedly exploited this mathematical bias. This compounded the rounding errors, quietly reducing the pool invariant and allowing the attacker to withdraw more underlying assets than they deposited.

A close-up view reveals complex, intertwined metallic structures, predominantly in vibrant blue and silver tones. These highly detailed components feature intricate panels, visible bolts, and subtle wiring, creating a sense of advanced engineering and precision

Parameters

  • Total Funds Lost → $128.64 Million (The total value drained from the Composable Stable Pools across all affected networks).
  • Attack Vector → Rounding Inconsistency (A logic flaw in the pool’s invariant math that caused systematic precision loss).
  • Affected Chains → Ethereum, Arbitrum, Base, Polygon (The primary EVM networks targeted by the multi-chain exploit).
  • Funds Recovered → $45.7 Million (Assets protected or recovered through coordinated whitehat and emergency actions).

Polished blue and metallic mechanical components integrate with a translucent, organic-like network structure, featuring a glowing blue conduit. This intricate visual symbolizes advanced blockchain architecture and the underlying distributed ledger technology DLT powering modern web3 infrastructure

Outlook

Immediate mitigation for users involves withdrawing from all remaining Balancer V2 Composable Stable Pools that were not paused. This incident establishes a new security baseline, mandating that future audits must focus intensely on the cumulative effects of precision loss in batched and chained operations, moving beyond single-swap correctness. Contagion risk is high for all protocols forking Balancer V2 or relying on similar stable pool invariant math, requiring immediate code review and emergency pausing.

A vivid blue, reflective X-shaped crystalline structure is enveloped by an intricate, porous light-grey matrix. The surface of the grey structure exhibits a granular, bubbly texture where it meets the blue core

Verdict

The Balancer V2 exploit serves as a definitive case study that a single, subtle mathematical rounding error, when weaponized by advanced batching logic, can translate into a nine-figure systemic failure.

Smart contract vulnerability, precision loss exploit, invariant manipulation, automated market maker, composable stable pool, batch swap attack, multi-chain incident, DeFi economic exploit, rounding error, low liquidity state, whitehat recovery, on-chain forensics, liquidity provider risk, EVM integer math, asset undervaluation, token price distortion, code audit failure, systemic DeFi risk, protocol invariant flaw, multi-chain drain Signal Acquired from → openzeppelin.com

Micro Crypto News Feeds

composable stable pools

Definition ∞ Composable stable pools are liquidity pools in decentralized finance that consist of stablecoins and allow for flexible integration with other protocols.

pool invariant

Definition ∞ Pool Invariant denotes a mathematical relationship or constant maintained within a decentralized exchange (DEX) liquidity pool, particularly in automated market makers.

precision loss

Definition ∞ Precision loss describes the reduction in accuracy of numerical values, often occurring during data processing or storage.

stable pools

Definition ∞ Stable pools are specialized liquidity pools within decentralized finance (DeFi) protocols designed for trading stablecoins or other assets that are pegged to the same value, such as different versions of wrapped Bitcoin.

multi-chain

Definition ∞ A multi-chain system refers to an architecture that supports multiple independent blockchain networks.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

stable pool

Definition ∞ A stable pool is a type of liquidity pool in decentralized finance specifically designed to facilitate exchanges between stablecoins or other pegged assets with minimal price volatility.

systemic failure

Definition ∞ Systemic Failure describes a widespread collapse or severe disruption across an entire financial system or market, rather than an isolated incident.

Tags:

Tags: