- Balancer will reimburse affected liquidity providers with $8 million after the V2 exploit.
- Whitehat hackers and internal teams recovered part of the $28 million stolen funds.
- Reimbursements will be distributed pro rata in the same tokens and paid out over a 180-day claims period.
Decentralized finance protocol Balancer has published a plan to compensate liquidity providers (LPs) following a major vulnerability that drained more than $128 million from its V2 pools. The proposal, presented to the Balancer community for feedback, outlines how recovered funds will be returned and must be approved through a formal DAO vote before any distribution begins.
The compensation plan follows an extensive recovery effort led by whitehat hackers and Balancer’s internal response teams, aimed at restoring funds and rebuilding trust among the platform’s users.
Balancer vulnerability
The Balancer exploit occurred in early November and targeted a rounding function flaw in Balancer’s Composable Stable Pools (CSPv5). Attackers combined this vulnerability with batched swaps to manipulate token price calculations and drain liquidity across multiple chains, including Ethereum, Polygon, Base and Arbitrum.
Despite eleven security audits from four different blockchain security firms, the vulnerability went undetected. The incident rocked the DeFi sector: Balancer’s total value locked fell from $775 million to $258 million, and its native BAL token lost roughly 30% of its value.
Following the attack, some protocol functions were paused to prevent further losses while whitehat and internal recovery operations worked to salvage funds.
Here’s everything you need to know about the Balancer Hack:
1. The attack targeted Balancer’s V2 vaults and liquidity pools, exploiting a vulnerability in smart contract interactions. Preliminary analysis from on-chain investigators points to a maliciously deployed contract that… pic.twitter.com/udAM4hB0OD
— Adi (@AdiFlips) November 3, 2025
Recovery efforts and whitehat contributions
Approximately $28 million of the stolen funds was recovered in total. Whitehat actors played a significant role, recovering about $3.9 million, while Balancer’s internal team—coordinating with security firm Certora—retrieved another $4.1 million from vulnerable metasable pools that had not yet been exploited.
Among whitehat contributors, an anonymous actor known as “Anon #1” recovered $2.68 million on Polygon, including various tokens such as WPOL, MaticX, TruMATIC and stMATIC, as detailed in the public reimbursement proposal.
Some Arbitrum rescuers declined to disclose their identities and waived bounty claims, highlighting the voluntary, community-driven nature of many recovery efforts.
The remaining $19.7 million in osETH and osGNO tokens were recovered through the Ethereum staking protocol StakeWise and will be returned to users through StakeWise’s governance process.
$8 million reimbursement plan
Balancer’s reimbursement framework focuses on the $8 million recovered directly by whitehats and internal teams. The plan is non-socialized, meaning reimbursements will be distributed only to LPs of the specific pools that were impacted.
Distributions will be allocated pro rata based on each user’s pool token holdings at a pre-exploit snapshot block. Payments will be made in-kind using the exact tokens that were stolen, minimizing mismatches from price volatility and reducing the risk of additional losses for claimants.
Whitehat contributors who returned funds are eligible for a 10% bounty on the amounts they recovered, capped at $1 million per action. To receive a bounty, whitehat participants must complete identity verification, KYC and sanctions screening under Balancer’s Seal of Safety protocol.
Notably, internal recovery operations—such as those involving Certora—are excluded from these bounty rewards due to existing service agreements.
If the distribution proposal is approved, affected liquidity providers will have a 180-day claims window to redeem their reimbursed tokens. During the claims process, claimants must digitally accept updated Balancer terms of use, which include release provisions that waive legal claims against Balancer Labs, the Balancer DAO, the Balancer Foundation and related parties in connection with the exploit.
Funds not claimed within the 180-day period will be considered dormant and may only be reallocated through a subsequent governance vote.