In the early hours of November 3, 2025, Check Point Research’s blockchain threat monitoring systems flagged a suspicious pattern on the Ethereum mainnet.
The alert stemmed from Balancer V2’s Vault contract, which soon revealed one of the most devastating DeFi vulnerabilities to date.
Before defenders could intervene, attackers had siphoned $128.64 million from Balancer ComposableStablePool contracts, systematically targeting pools across six different blockchain networks—all in less than half an hour.
At the heart of the breach was a subtle yet critical vulnerability hidden deep within Balancer’s arithmetic logic. The Balancer V2 protocol centralizes all pool tokens in a “Vault,” isolated from the smart contract logic that governs swaps and other liquidity actions.
While this optimizes gas usage and cross-pool functionality, it also means a single vulnerability in core pool math could ripple out to impact every Stabilized Pool—a scenario realized with horrifying efficiency.
The primary vulnerability lies in the upscale Array function, which, during swaps and balance scaling, introduces significant precision errors when handling values near the smallest boundaries (around 8–9 wei).
As Solidity’s integer division always rounds down, repeated operations at this ultra-low granularity can accumulate up to 10% relative error with every calculation.
When such “micro-swaps” are orchestrated in rapid-fire atomic batches, the compounded error derails the invariant calculations that underlie Balancer Pool Token (BPT) pricing.
Rather than acting manually, the attacker deployed an exploit contract designed for automation. The constructor of this contract executed over 65 batched swap operations within moments of deployment.
Each micro-swap nudged pool balances closer to precision loss thresholds before trapping pool math in a cycle of ever-growing miscalculation.
The crux of the exploit: artificially push BPT prices downward, then scoop up BPT at artificially low values, immediately redeeming them for full underlying asset value in a series of precise arbitrage cycles.
The heist unfolded through a sharply engineered three-stage pattern in each batchSwap:
- Boundary Adjustment: Shifting large BPT sums in and out to force a pool token to the high-risk rounding threshold.
- Trigger Phase: Exploiting the rounding error with small swaps, cascading the precision losses through the pool’s pricing rules.
- Extraction: Buying undervalued BPT and instantly redeeming for underlying tokens, pocketing the price difference as profit.
Internally, Balancer’s “Internal Balance” accounting feature became an unwitting accomplice. Instead of withdrawing tokens to an external address immediately, the exploit contract first accumulated stolen funds within its Vault balance during the constructor phase.
Later, these were externally withdrawn via a custom function, funneling the assets to the attacker’s final recipient address.
Blockchain analysis linked the operation to the following contract and addresses:
- Exploit Deployer: 0x506D1f9EFe24f0d47853aDca907EB8d89AE03207.
- Attacker Contract: 0x54B53503c0e2173Df29f8da735fBd45Ee8aBa30d.
- Final Recipient: 0xAa760D53541d8390074c61DEFeaba314675b8e3f.
The full scale of the operation was revealed across two main stages: an initial constructor call engineered the theft with 65 swap cycles, draining pools and accruing stolen tokens in internal balances.
A follow-up withdrawal function then moved thousands of WETH, osETH, and wstETH from the Vault to the attacker-controlled external wallet.
Lessons From a $128 Million Miscalculation
This incident starkly illustrates the threat of mathematical edge cases in DeFi protocols.
Although such rounding and precision loss bugs often seem negligible in routine use, they can be amplified into catastrophic exploits when paired with adversarial transaction engineering and on-chain automation.
For DeFi developers and auditors, the Balancer attack makes clear that security can’t rest solely on tests that focus on atomic correctness.
The challenge—and future of secure protocol design—demands adversarial modeling that anticipates how nuanced vulnerability might scale under sustained, automated attack. Only then can the industry hope to prevent mild arithmetic imperfections from escalating into million-dollar crises.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.