Balancer suffers a $116 million attack! 11 audit failures trigger a Crisis of Confidence in DeFi.

The decentralized exchange and automated market maker Balancer was attacked, resulting in the theft of $116 million in digital assets and triggering a Crisis of Confidence in DeFi. Since 2021, security companies OpenZeppelin, Trail of Bits, Certora, and ABDK have conducted 11 audits on Balancer's smart contracts, yet funds were still stolen.

Technical Details of the $116 Million Vulnerability Attack

(Source: Lookonchain)

The vulnerability exploitation incident reported earlier on November 3 resulted in the theft of over $116 million worth of staked Ether. According to Etherscan logs, the tokens were transferred to a new wallet through three transactions. Nansen stated in a post on X on Monday that the transfer included 6,850 StakeWise staked ETH (OSETH), 6,590 Wrapped Ether (WETH), and 4,260 Lido wstETH (wSTETH).

According to blockchain data platform Lookonchain, as of 8:52 AM UTC on Monday, the ongoing attack has expanded the stolen funds to over $116.6 million. Nansen research analyst Nicolai Sondergaard told Cointelegraph that the Balancer vulnerability may stem from a smart contract issue, which has a “access check error allowing attackers to send commands to withdraw funds.” He also added, “From my observation, the losses have now exceeded $100 million and have affected Balancer V2 and its various forked versions.”

Access control vulnerabilities are one of the most common yet most deadly security flaws in smart contracts. These vulnerabilities allow unauthorized users to call functions that are supposed to be restricted, thereby executing privileged operations such as withdrawing funds, modifying parameters, or destroying tokens. In the case of Balancer, the attacker evidently exploited an access check error in the V2 composable stable pool, bypassing the normal permission verification mechanism and directly withdrawing the staked assets from the pool.

Balancer updated users about the vulnerability in a post on Monday, stating that the incident “is limited to V2 composable stable pools and will not affect Balancer V3 or other Balancer pools.” This statement aims to reassure users and prevent panic from spreading throughout the protocol. However, the impact of the attack on V2 composable stable pools, being one of Balancer's core products, remains extremely serious.

Why 11 audits could not prevent the attack

The platform also stated that it “has undergone extensive audits by top companies and has long had a bug bounty program to incentivize independent auditors,” which raises questions about how the vulnerability was exploited. “Balancer has gone through more than ten audits,” said Suhail Kakar, head of blockchain developer relations at TAC, “the treasury has been audited by different companies three times, yet it was still hacked, resulting in losses of up to $110 million. This industry needs to understand that 'having been audited by X' is almost meaningless. The code is hard, and DeFi is even harder.”

According to the Balancer V2 audit list provided on GitHub, four different security firms—OpenZeppelin, Trail of Bits, Certora, and ABDK—have conducted 11 audits on the platform's smart contracts, with the most recent being an audit of its stable pool by Trail of Bits in September 2022. This frequency of audits is considered extremely high in DeFi protocols, yet it still cannot prevent the occurrence of attacks.

This case reveals the fundamental limitations of smart contract auditing. First, audits are usually point-in-time assessments that can only identify issues present at the time of the audit, failing to account for subsequent code updates or protocol upgrades. Second, auditors have limited capabilities and time investment; complex smart contracts may contain thousands of lines of code and intricate logical interactions, making it difficult for auditors to uncover all potential vulnerabilities. Third, certain vulnerabilities may only manifest under specific market conditions or interaction scenarios, while audits typically test a limited set of scenarios.

Five Limitations of the DeFi Audit System

Timeliness Issues: Code updates after auditing may introduce new vulnerabilities.

Complexity Challenge: Thousands of lines of code and complex logic are difficult to comprehensively audit.

Insufficient scenario coverage: Unable to test all possible interaction combinations.

Economic Incentive Misalignment: Audit costs are fixed, and there are no additional rewards for identifying vulnerabilities.

Ambiguity of Responsibility: Audit reports usually contain disclaimers, and audit firms rarely take responsibility after issues arise.

Cointelegraph has contacted OpenZeppelin for a comment, but has not received a response as of the time of publication. A spokesperson for Trail of Bits declined to comment on the vulnerability, stating, “until the root cause is identified and all Balancer forks are secured.” This cautious approach is understandable, as premature comments could provoke legal liability disputes.

20% White Hat Bounty Recovery Strategy and Law Enforcement Threat

(Source: Etherscan)

To recover the funds, the team behind Balancer is offering a bounty of up to 20% of the stolen funds, provided that the total amount after the bounty is deducted is returned immediately. This white-hat bounty strategy has seen multiple successful cases in the DeFi space, such as when Poly Network successfully recovered all funds after being hacked for $610 million in 2021 through negotiations. However, whether the 20% bounty rate is sufficient to entice attackers to return the funds depends on the identity and motivation of the attackers.

The Balancer team released a blockchain trading notice on Monday, informing the attackers that if they return all the stolen funds within 48 hours of the notice's release, they will offer a white hat bounty of up to 20% of the stolen funds. The 48-hour time window is aimed at creating a sense of urgency, prompting the attackers to make a quick decision. However, this time constraint may also put pressure on the attackers, forcing them to expedite the transfer of funds, thereby increasing the difficulty of recovery.

Balancer stated: “If you choose not to cooperate, we have hired independent blockchain forensic experts and are actively working with multiple law enforcement and regulatory partners.” Balancer stated in a blockchain transaction description on Monday: “Our partners are highly confident that the access log metadata collected through our infrastructure can identify your identity, and this metadata will show connections from a defined set of IP addresses/ASN and entry timestamps related to on-chain transaction activities.”

This threat strategy is effective in certain cases, but it may also backfire. If the attackers are a professional hacking team, they usually take sufficient anonymity measures, including using VPNs, the Tor network, and mixing services. Although blockchain forensics can trace the flow of funds, determining the true identity of the attackers remains extremely difficult. As of the time of publication, the project has not released any updates regarding bounties or details about exploits.

Balancer Historical Attack Events Reveal Systemic Security Issues

This is not the first time Balancer has been attacked. Two years ago, Balancer's front-end website suffered a Domain Name System (DNS) attack, which the protocol disclosed at the time. Hackers redirected users of the website to a phishing site that was associated with a malicious smart contract aimed at stealing user funds. According to blockchain investigator ZachXBT, approximately $238,000 worth of digital assets were stolen in this phishing attack.

In August 2023, Balancer suffered a vulnerability attack of nearly $1 million, just one week after the protocol disclosed a “critical vulnerability” related to some of its liquidity pools. This ironic pattern of “vulnerability disclosed and immediately attacked” suggests that there may be issues with the vulnerability disclosure process itself. After publicly disclosing a vulnerability, the protocol needs to give users time to migrate funds or upgrade contracts, but this time window also provides attackers with the opportunity to exploit the vulnerability.

In June 2020, Balancer was hacked, resulting in the theft of $500,000 worth of Ether and other tokens. This was a flash loan attack based on the Statera (STA) deflationary token, where 1% of each transaction is automatically burned. The attack exploited a logical flaw in Balancer's handling of deflationary tokens, with the attacker amplifying the impact of this flaw through a flash loan.

After the Balancer vulnerability occurred, the validators behind the Berachain blockchain urgently halted network operations to implement emergency updates or a hard fork. The Berachain Foundation stated in a X post released on Monday that this emergency hard fork aims to address the Balancer vulnerability related to specific assets on the Berachain native DEX. “This trading suspension was carefully planned, and the network will resume operations quickly once all affected funds are recovered.” This chain reaction demonstrates that the Balancer vulnerability not only affects itself but also poses a threat to forked projects using its code.