Proposal for Fund Allocation Following Exploit
On Thursday, members of the Balancer protocol community put forth a proposal detailing how to allocate some of the funds retrieved following an exploit that compromised $116 million in November. White hat hackers, alongside internal recoverers and StakeWise, which is known for its Ether liquid staking services, successfully retrieved about $28 million. However, the newly proposed plan specifically addresses the distribution of $8 million that was reclaimed by the white hats and internal teams. StakeWise, on the other hand, will handle its nearly $20 million recovery independently, returning those funds directly to its users.
Non-Socialized Reimbursement Approach
The proposal emphasizes a non-socialized reimbursement approach. This means that funds will be returned only to the respective liquidity pools that experienced losses, with payouts calculated on a pro-rata basis, based on the individual holdings represented by Balancer Pool Tokens (BPT). Additionally, it suggests that compensation be made using the same tokens that were lost. This method is designed to prevent discrepancies caused by varying asset prices at the time of reimbursement.
Complexity of the Hack
Deddy Lavid, the CEO of Cyvers, a blockchain cybersecurity firm, highlighted the hack’s complexity, labeling it as one of the most intricate attacks witnessed in 2025. This incident has provoked a broader conversation regarding the safety of cryptocurrency users, especially as security risks continue to evolve. Although Balancer had its code audited 11 times by four different security firms, the breach raised concerns about the efficacy of these audits in genuinely ensuring the safety of the code.
Details of the Exploit
Following the attack, a post-mortem report was released by Balancer on November 5, which explained that the exploit leveraged a rounding function within the protocol’s Stable Pools that was designed to round down prices during token input. The perpetrator managed to exploit this mechanism, manipulating the calculation to round up instead, and combined it with a batched swap—allowing multiple actions in a single transaction—to siphon off funds from Balancer’s pools.
