Balancer, a decentralized finance protocol (DeFi) that runs on the Ethereum blockchain, has recently revealed a critical vulnerability that affects several of their V2 pools.
While emergency measures have been successfully implemented to secure a significant portion of the Total Value Locked (TVL), some of the funds remain at risk.
As a precautionary measure, Balancer Labs advises users to immediately withdraw their affected Liquidity Provider (LP) funds. It is important to note that no money has been lost at this point and the vulnerability has not been exploited.
Balancer discovers critical vulnerability
According to the announcement, Balancer Labs immediately implemented emergency mitigation procedures upon receipt of the critical vulnerability report, successfully protecting more than 80% of affected pools. However, approximately 4% of Balancer’s TVL is still exposed to risk.
Balancer has received a critical vulnerability report affecting several V2 pools.
Emergency mitigation procedures have been put in place to secure a majority of the TVL, but some funds remain at risk.
Users are advised to withdraw affected LPs immediately.https://t.co/PDzX32gqeS pic.twitter.com/F1f649Wz3L
— Balancer (@Balancer) August 22, 2023
To address this, Emergency SubDAO 60 quickly came into effect measures to facilitate proportional exits from all affected pools and introduce a pause for pools that remain within the designated pause window.
While the funds within the restricted pools (referred to as “mitigated”) are believed to be safe, Balancer Labs advises users of liquidity providers to migrate their assets to safe pools or initiate immediate withdrawals.
Pools that could not be fully mitigated are labeled ‘at risk’ LPs currently in these affected pools are urged to leave immediately to ensure the safety of their funds.
In addition, Balancer Labs has placed a personalized page on their user interface (UI) to help users identify whether their connected wallets are associated with affected pools. A streamlined withdrawal process has also been established to guide users through the necessary steps.
Ultimately, Balancer Labs plans to publish a comprehensive post-mortem report detailing the nature of the vulnerability and the steps taken to effectively address it, with the goal of providing users with a clear understanding of the incident and subsequent efforts to address it. mitigate the vulnerability.
Following the vulnerability disclosure, Balancer’s native token, with the ticker symbol BAL, has experienced a 2.6% drop in the past few hours. Currently, the token is trading at a value of USD 3,475.
Featured image from iStock, chart from TradingView.com