Balancer shares plans to begin reimbursing users after November v2 exploit

Balancer, a decentralized finance protocol, has announced plans to reimburse approximately $8 million to liquidity providers following a v2 exploit. The exploit drained $128 million in user funds from the protocol.

Balancer has initiated a reimbursement program proposal that will oversee the repayment of $8 million to the protocol’s users. The proposal suggests that the protocol’s whitehat actors and internal rescue operations recovered $8 million across multiple networks. 

Balancer recovers $8 million across various chains

The proposal highlighted that the whitehat hackers recovered $2.681 million from Polygon, $963,832 from the Ethereum mainnet, $161,274 from Base, and close to $50,000 from Arbitrum. The proposal noted that the whitehat hackers who helped recover funds from the Arbitrum network waived their bounty by not identifying themselves and refusing to KYC.

StakeWise assisted the protocol in recovering an additional $19.7 million tied to osETH and osGNO. The proposal detailed that these funds will be handled separately and distributed through StakeWise’s own internal mechanisms.

The proposal, dated November 27, highlighted that the white-hat hackers who aided the recovery process will receive 10% of the recovered assets. The bounty will be distributed in the same tokens the bounty hunters recovered. The proposal also indicated that its implementation complements the previously approved white-hat reimbursement policy under its Safe Harbor Agreement, including the breakdown of assets recovered by the network and whitehat contributors, as well as the reimbursement of victims affected.

The protocol’s Safe Harbor Agreement requires that LPs undergo KYC screening, complete identity verification, and sanctions checks before funds are released to their wallets. The proposal also illustrates that whitehat contributors will also need to pass KYC checks and sanctions screening to receive the bounty proceeds.

The proposal also explained that the internal rescue operations involved joint efforts between the protocol’s DAO and Certora team. The alliance targeted metastable pools [CSPv5] (including rETH and other similar pools) that were vulnerable but not yet exploited by attackers.

According to the proposal, the distribution of recovered funds to LPs will follow a structured framework that relies on liquidity pools. The process will involve three distribution frameworks, including a non-socialized approach where rescued funds are distributed to liquidity providers of a specific pool or network. 

The process will also follow a pro-rata by BPT holdings process that will oversee the distribution process in line with each holder’s share of the pool’s BPT at the snapshot block. The payment will be distributed in kind, where LPs will receive the same tokens that were rescued.

The proposal finalized that the protocol will establish a claiming mechanism for distributing funds to LPs. 

Balancer suffers v2 exploit, loses $119 million

On November 3, Cryptopolitan reported that Balancer was hit with multiple exploits across various networks, resulting in a loss of $116 million. The news revealed that the bad actors had exploited wrapped ETH on Ethereum, Arbitrum, Base, and Optimism.

The report noted that the hackers may have exploited a flaw in a smart contract on the DeFi protocol, allowing them to mint unauthorized tokens. Balancer confirmed on its Discord channel that the attackers compromised its v2 pools, gaining access to users’ funds.

The attack occurred after Garden Finance suffered a similar fate, resulting in a loss of more than $10 million on October 30. Attackers drained Garden Finance across multiple chains through its token bridge feature. The attacker quickly converted the stolen assets, such as Garden’s native SEED token, wETH, WBTC, USDC, and USDT, into Ethereum (ETH) before dispersing them. Cryptopolitan reported that the protocol’s team reached out to the malicious hacker, offering a 10% bounty. 

Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.