- Balancer will return $8 million to affected liquidity providers following the V2 exploit.
- Whitehat hackers and the internal team recovered part of the $28 million that was stolen.
- Compensation will be distributed pro rata in the same tokens via a 180-day claims process.
The decentralized finance protocol Balancer has launched a plan to compensate liquidity providers (LPs) after a major exploit drained more than $128 million from its V2 pools.
The proposed restitution follows extensive recovery efforts led by whitehat hackers and Balancer’s internal team, aimed at reclaiming funds and restoring trust within the platform’s user community.
The proposal has been submitted to the Balancer DAO for community feedback and will require approval through a formal voting process before any distribution begins.
Balancer exploit
The Balancer exploit, which occurred in early November, targeted a rounding vulnerability in Balancer’s Composable Stable Pools (CSPv5).
The attacker combined this flaw with batch swaps to manipulate token price calculations, draining multiple pools across Ethereum, Polygon, Base, and Arbitrum.
Despite 11 prior security audits conducted by four different blockchain security firms, the vulnerability went unnoticed.
The breach sent shockwaves through the DeFi sector, causing Balancer’s total value locked to drop from $775 million to $258 million and pushing the native BAL token down by about 30%.
Parts of the protocol were paused immediately after the attack to prevent further losses, while whitehat and internal recovery operations sprang into action to secure remaining funds.
Here’s everything you need to know about the Balancer Hack:
1. The attack targeted Balancer’s V2 vaults and liquidity pools, exploiting a vulnerability in smart contract interactions. Preliminary analysis from on-chain investigators points to a maliciously deployed contract that… pic.twitter.com/udAM4hB0OD
— Adi (@AdiFlips) November 3, 2025
Recovery efforts and whitehat contributions
In total, roughly $28 million of the stolen funds were recovered.
Whitehat actors played a crucial role, reclaiming about $3.9 million, while Balancer’s internal team—working with security firm Certora—recovered an additional $4.1 million from vulnerable metastable pools that had not yet been exploited.
Among whitehat contributors, an anonymous actor referred to as “Anon #1” recovered $2.68 million on Polygon, including tokens such as WPOL, MaticX, TruMATIC, and stMatic, according to the compensation proposal.
Several rescuers on Arbitrum declined to identify themselves and forfeited bounty claims, underscoring the voluntary, community-driven nature of these recovery efforts.
The remaining $19.7 million in osETH and osGNO tokens was recovered through StakeWise, a liquid staking protocol for Ethereum, and will be returned to users through StakeWise’s own governance mechanisms.
$8 million compensation plan
Balancer’s compensation plan centers on $8 million that was directly recovered by whitehats and the internal team.
The framework adopts a non-socialized approach, meaning funds will be returned only to liquidity providers in specific affected pools.
Compensation will be distributed pro rata based on each user’s Pool-Balancer Token holdings at a snapshot block taken before the exploit.
Payments will be made in-kind, allowing users to receive the exact tokens that were stolen and avoiding mismatches or unintended losses due to price fluctuations.
Whitehat contributors are eligible for a bounty equal to 10% of the funds they recovered, capped at $1 million per operation.
To claim a bounty, whitehat participants must complete identity verification, KYC, and sanctions screening under Balancer’s SEAL Safe Harbour Agreement.
Notably, internal recovery operations—including work with Certora—are excluded from bounty eligibility due to preexisting service agreements.
If the distribution plan is approved, affected liquidity providers will have a 180-day window to claim their funds, during which they must digitally accept Balancer’s updated terms of use.
Those terms require claimants to release Balancer Labs, the DAO, the Foundation, and affiliated parties from legal liability related to the exploit.
Funds unclaimed after 180 days will be marked inactive and can only be reallocated through a governance vote.