A critical vulnerability has been uncovered in the decentralized finance (DeFi) protocol Balancer, leading to a dramatic 28% drop in its Total Value Locked (TVL). This discovery has raised concerns in the crypto space, as Balancer is a popular platform for liquidity providers and traders. The vulnerability allowed an attacker to exploit smart contract loopholes and drain funds from Balancer pools. The incident highlights the ongoing risks associated with DeFi projects and the need for constant security audits and proactive measures to protect user funds.
A Critical Vulnerability Affects Balancer’s V2 Pools
On August 22, Balancer Labs announced that it had received a critical vulnerability report involving several V2 Pools. The company took immediate action to address the issue, but cautioned that some funds may still be at risk.
“Emergency mitigation procedures have been executed to secure a majority of Total Value Locked (TVL), but some funds remain vulnerable.”
As a precautionary measure, Balancer advised users to withdraw their funds from the affected liquidity pools without delay.
Balancer has received a critical vulnerability report affecting a number of V2 Pools.
Emergency mitigation procedures have been executed to secure a majority of TVL, but some funds remain at risk.
— Balancer (@Balancer) August 22, 2023
Majority of Funds Safe but Boosted Pools Affected
In a subsequent update, Balancer Labs reassured its users that the majority of funds on Balancer are secure. Only a small portion, approximately 1.4% of the total value locked, is at risk. However, the vulnerability specifically impacts boosted pools.
“To mitigate the risks, several pools have been paused and will remain offline until further notice. Users are strongly advised to withdraw their liquidity as soon as possible.”
According to DeFiLlama, Balancer V2 TVL had reached around $750 million prior to the discovery of the vulnerability. As a result of the announcement, the TVL decreased by approximately 28% to $543 million, as liquidity providers withdrew their funds.
Furthermore, Balancer Labs provided additional information on the vulnerability through their forums. They confirmed that no funds had been lost and the vulnerability had not been exploited at the time of the announcement.
“We were able to address over 80% of the affected pools. The remaining funds at risk represent approximately 4% of Balancer TVL.”
The list of affected pools includes the mainnet, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM.
While further details are not currently available, Balancer’s swift detection of the vulnerability and prompt notification to its users will hopefully prevent it from becoming the latest exploited DeFi protocol.
Impact on BAL Token Price
Following the announcement, Balancer’s native token BAL experienced a 4% drop, falling to $3.40. However, it has since recovered to trade at $3.52. Over the past two weeks, BAL has faced significant declines, dropping by 18%.
Moreover, like many other DeFi assets, BAL continues to struggle, with a staggering 95% decrease from its all-time high of $74.45 in May 2021.