The post DeFi Turns Toward Transparency Amid Market Turmoil appeared com. Balancer suffered one of the largest decentralized finance (DeFi) exploits on Monday, with more than $116 million in staked Ether and liquidity pool tokens drained from Balancer v2 contracts and several forks. The decentralized exchange (DEX) and automated market maker (AMM) investigated what appeared to be faulty access control in its smart contracts, which allowed the attackers to withdraw funds directly from liquidity pools. The exploit began with a $70 million loss, which ballooned to $116 million, primarily affecting liquid staking assets such as Lido’s wstETH and StakeWise’s osETH. In a bid to recover losses, Balancer offered a 20% white hat bounty to the attackers. The team warned that it’s working with law enforcement and blockchain forensics to identify the culprit. On Tuesday, Balancer came under scrutiny as community members pointed out the extensive audits it had undergone, only to still be hacked in the end. “Balancer went through 10+ audits,” said Suhail Kakar, a developer relations lead at the TAC blockchain. The hack also showed signs of months-long planning by a skilled attacker. Conor Grogan, director at Coinbase, said the hacker appeared to be experienced and had funds potentially linked to previous exploits. On Thursday, Balancer released a preliminary post-mortem report after the $116 million hack. The protocol said it was hit by a sophisticated code exploit that targeted its v2 Stable Pools and Composable Stable v5 pools. The event triggered stablecoin depeggings and liquidity freezes across the ecosystem due to associated assets. DeFi analysts said the protocol’s collapse had a ripple effect throughout DeFi, with millions.
