The decentralized finance ecosystem suffered one of its most devastating blows of 2025 on November 5, when Balancer Protocol lost over $128 million to a sophisticated exploit targeting its V2 Composable Stable Pools. What makes this attack particularly alarming is that it exploited not a broken feature, but a subtle mathematical quirk in how the protocol handled decimal precision — a flaw that survived multiple professional security audits since the code’s deployment in 2021.
The Exploit Mechanics
At the heart of this exploit was a rounding inconsistency in Balancer’s Vault Swap function, specifically during batched swap operations known as EXACT_OUT. Most tokens on Ethereum use 18 decimal places, but some tokens — notably stablecoins like USDC and USDT — use only 6 decimals. To perform accurate calculations across tokens with different decimal precision, Balancer’s code needed to upscale and downscale token amounts.
The critical flaw was asymmetric: upscaling always rounded down, but downscaling could round either up or down depending on the specific values involved. In isolation, these rounding discrepancies were negligible — fractions of a cent per transaction. However, the attacker recognized that by executing repeated batch swaps across multiple pool pairs, these microscopic imbalances could accumulate into significant value distortions. The effect was eerily similar to the infamous scheme portrayed in the film Office Space, where fractions of a penny are siphoned from millions of transactions.
Former CISA Director Chris Krebs drew exactly this comparison during a CNBC interview, also noting that the sophistication of the exploit code raised the possibility of AI-assisted development — a chilling prospect for the security community.
Affected Systems
The attack specifically targeted V2 Composable Stable Pools, which are designed to handle stablecoin-to-stablecoin trading with minimal slippage. These pools were particularly vulnerable because stablecoins’ lower decimal precision required more frequent scaling operations, creating more opportunities for rounding discrepancies to accumulate.
Crucially, Balancer’s newer V3 protocol was not affected, as it had been redesigned with different mathematical handling. However, the V2 pools still held substantial liquidity — over $128 million worth at the time of the exploit. The protocol’s native governance token, BAL, had a market capitalization of approximately $65 million before the incident, underscoring the scale of losses relative to the project’s overall value.
The attack’s reach extended beyond Ethereum. Balancer deployments on Polygon and Sonic were also impacted, though those networks took the extraordinary step of effectively freezing or censoring the hacker’s assets to prevent further movement — a decision that ignited fierce debate about the tension between decentralized principles and practical harm mitigation.
The Mitigation Strategy
Balancer’s immediate response involved disabling the affected V2 pools and urging liquidity providers to withdraw funds from any remaining exposed pools. The team published a preliminary analysis within hours of the attack, providing transparency about the vulnerability’s root cause.
Security researchers from GoPlus Security published their own analysis confirming the precision rounding error as the primary attack vector. Researcher Aditya Bajaj offered a complementary perspective, suggesting that weak authorization and callback handling within the V2 architecture may have also contributed by enabling the attacker to manipulate functions and alter balances between pools without proper authorization.
In an unusual twist, an unknown party attempted to exploit the chaos further by impersonating Balancer and contacting the hacker with a fake white-hat bounty offer of 20% of the stolen assets. The message was crafted to appear legitimate but was in fact a phishing attempt designed to extract wallet credentials or seed phrases from anyone who interacted with it.
Lessons Learned
The Balancer hack carries several critical lessons for the DeFi ecosystem. First, even well-audited code can harbor subtle vulnerabilities that emerge only under specific conditions. The V2 code had been live since 2021 and had undergone audits from multiple respected firms, yet the rounding asymmetry went undetected for four years.
Second, the attack demonstrates the compounding risk of decimal precision handling in cross-token DeFi operations. As protocols integrate with an increasing variety of tokens — each with their own decimal conventions — the surface area for rounding-based attacks grows proportionally.
Third, the response from Polygon and Sonic highlights an unresolved tension in DeFi: the philosophical commitment to immutability versus the practical need to stop active exploitation. The decision to freeze assets was celebrated by affected users but criticized by decentralization purists who see it as antithetical to crypto’s core principles.
Finally, the potential involvement of AI in crafting the exploit code signals a new frontier in offensive security. If AI systems can identify and exploit subtle mathematical vulnerabilities in audited smart contracts, the defensive side must evolve accordingly — potentially using AI-powered auditing tools to catch the same class of bugs before attackers do.
User Action Required
If you had funds in Balancer V2 Composable Stable Pools, check whether your specific pool was affected. Balancer has published a list of compromised pool addresses on their official channels. For users with funds in V3 pools or other V2 pool types, no immediate action is required, though monitoring official Balancer communications is recommended. All DeFi users should remain vigilant against phishing attempts that leverage high-profile exploits — verify any communication through multiple official channels before taking action.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research before making decisions about cryptocurrency investments or DeFi participation.
survived multiple professional audits since 2021 and nobody caught the rounding asymmetry. the bug was in plain sight the whole time
audit_bounty_ multiple audits since 2021 and the asymmetry was in plain sight. auditors test for logic bugs not floating point edge cases. we need specialized decimal math audits
multiple audits since 2021 and the rounding asymmetry was in the swap function the whole time. auditors test for broken logic, not subtle math edge cases
the Office Space comparison is perfect. fractions of a cent across millions of transactions. except this was $128M not a rounding error on a paycheck
the Office Space comparison is spot on. except these fractions added up to $128M across a single exploit transaction chain
Tomoko F. the Office Space reference is too perfect. except Initech got caught because of a fire, this attacker walked away with 128M and nobody noticed for hours
The technical breakdown of how the rounding logic failed is fascinating but depressing. It really shows how composability in DeFi can be a double-edged sword when edge cases in decimal handling aren’t perfectly aligned. We need better standard libraries for these operations to prevent massive losses like this.
Man, another day another exploit. Rounding errors sound so basic until you realize they can drain an entire pool if the math isn’t 100% airtight. I’m definitely checking the audit reports more closely before I ape into any more liquidity pools. This is why we can’t have nice things lol.