Decentralized finance (DeFi) protocol Balancer has issued a warning after identifying a vulnerability on August 22nd, stating that $2.8 million, which accounts for 0.42% of its total value locked (TVL), is still at risk. The vulnerability has not been exploited thus far.
Immediate Action Required for Users
Users who have connected wallets to affected liquidity provider pools (LPs) are advised to take immediate action. Balancer has set up a personal user interface on its website to help users determine if their funds are in jeopardy. Affected users are advised to unstake, withdraw, and unwrap the affected tokens without delay.
List of At-Risk Assets and Mitigation Efforts
The vulnerable assets span across various networks, including Balancer’s mainnet, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zK-EVM. Upon discovering the vulnerability, Balancer’s developers were able to mitigate 80% of the critical risk, and they confirmed that the vulnerability remained unexploited.
Over 98.7% of liquidity initially deemed vulnerable is now SAFE.
As of writing, the vulnerability has not been exploited.
However, 0.42% of total TVL ($2.8 million) remains at risk, with users advised to withdraw ASAP using the UI.https://t.co/PDzX32fSpk pic.twitter.com/0eLGQ7peoR
— Balancer (@Balancer) August 24, 2023
Prior Optimism Deployment
Earlier, Balancer had launched on the Ethereum layer-2 network Optimism, demonstrating its confidence in layer-2 scaling solutions to address high transaction fees and network congestion. This move aligned with the increasing trend of projects adopting layer-2 solutions to enhance the efficiency of their operations.
While the mitigated pools are considered safe, Balancer’s developers strongly recommend migrating to safer pools or withdrawing funds for added security. Pools that were not able to be mitigated are labeled as “at risk,” and users participating in these pools are urged to exit them promptly.
Future Prospects for Balancer
As the DeFi landscape continues to evolve, platforms like Balancer will likely adopt more stringent security measures to ensure the safety of users’ funds and maintain trust in their protocols. The incident underscores the importance of proactive vulnerability detection and prompt action to safeguard the decentralized finance ecosystem.
