- Balancer will return $8 million to affected liquidity providers following the V2 exploit.
- Whitehat teams and internal responders recovered a portion of the $28 million that was retrieved.
- Repayments will be distributed pro rata in the same tokens via a 180-day claims process.
The decentralized finance protocol Balancer has published a plan to reimburse liquidity providers (LPs) after a major exploit drained over $128 million from its V2 pools.
The compensation proposal follows an extensive recovery effort led by whitehat hackers and internal teams aimed at restoring funds and rebuilding trust within the platform’s user community.
The plan has been submitted to the Balancer DAO for community feedback and will require formal approval through a governance vote before distributions begin.
The Balancer exploit
The Balancer exploit, which occurred in early November, targeted a rounding function bug in Balancer’s Composable Stable Pools (CSPv5).
Attackers combined that vulnerability with batch swaps to manipulate token-price calculations and drain multiple pools across Ethereum, Polygon, Base and Arbitrum.
Despite 11 prior security audits performed by four different blockchain security firms, the vulnerability went undetected.
The breach sent shockwaves through the DeFi sector, reducing Balancer’s total value from $775 million to $258 million and causing the native BAL token to lose roughly 30% of its value.
Portions of the protocol were immediately paused after the attack to prevent further losses, while whitehat actors and internal recovery teams worked to retrieve funds.
Here’s everything you need to know about the Balancer Hack:
1. The attack targeted Balancer’s V2 vaults and liquidity pools, exploiting a vulnerability in smart contract interactions. Preliminary analysis from on-chain investigators points to a maliciously deployed contract that… pic.twitter.com/udAM4hB0OD
— Adi (@AdiFlips) November 3, 2025
Recovery efforts and whitehat contributions
Approximately $28 million of the stolen funds were recovered in total.
Whitehat hackers were instrumental in the recovery, claiming about $3.9 million, while internal Balancer teams—coordinating with security firm Certora—recovered an additional $4.1 million from vulnerable metastable pools that had not yet been exploited.
Among the whitehat contributors, an anonymous actor referred to as “Anon #1” recovered $2.68 million on Polygon, including tokens such as WPOL, MaticX, TruMATIC and stMatic, according to the disclosed reimbursement proposal.
Some rescuers on Arbitrum declined to identify themselves and waived their bounty claims, underscoring the voluntary and community-oriented nature of the response.
The remaining $19.7 million in osETH and osGNO tokens was recovered via StakeWise, an Ethereum liquid staking protocol, and will be returned to users through StakeWise’s own governance mechanisms.
The $8 million repayment plan
Balancer’s reimbursement plan focuses on the $8 million recovered directly by whitehats and internal teams.
The framework adopts a non-socialized approach, meaning funds will be returned only to liquidity providers in the specific affected pools.
Repayments will be distributed pro rata based on each user’s Balancer Pool Token holdings at a snapshot block taken prior to the exploit.
Payments will be made in kind, allowing users to receive the exact tokens that were stolen and avoiding mismatches or unintended losses due to price fluctuations.
Whitehat contributors are eligible for a 10% bounty of the recovered funds, capped at $1 million per operation.
To receive their reward, whitehat participants must complete identity verification, KYC, and sanctions screening under Balancer’s SEAL Safe Harbour Agreement.
Notably, internal recovery operations, including work involving Certora, are excluded from these bounties because of existing service agreements.
If the distribution plan is approved, affected liquidity providers will have a 180-day window to file claims and must digitally accept updated Balancer terms of use.
Those updated terms require claimants to release Balancer Labs, the DAO, the Foundation and related parties from legal liability related to the exploit.
Unclaimed funds after the 180-day period will be marked as inactive and can only be redistributed through a governance vote.