Balancer, the Ethereum automated market maker and decentralized finance (DeFi) protocol, has issued a warning regarding a vulnerability discovered on August 22, highlighting that $2.8 million, equivalent to 0.42% of its total value locked (TVL), remains exposed to risk.
In an announcement on August 24, Balancer urged users to take immediate action if they have connected wallets to the affected liquidity provider (LP) pools. To assist users in assessing the safety of their funds, the protocol established a personal user interface on its website. This tool helps users identify whether their funds are at risk and recommends a course of action, which typically involves unstaking, withdrawing, and unwrapping the affected tokens.
The vulnerability spans across assets on various platforms, including Balancer’s deployments on Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM.
Initially, when the vulnerability was uncovered, Balancer reported that 4% of its $669 million TVL was impacted. However, developers swiftly mitigated 80% of the critical issue on the same day. In an update on August 23, the protocol reassured the community that the vulnerability had not been exploited. Nonetheless, $5.6 million worth of funds remained susceptible. Developers stressed the importance of migration to secure pools or immediate withdrawal for users in pools that could not be mitigated, designating them as ‘at risk.’
Notably, back in June, Balancer had expanded its operations to the Ethereum layer-2 network, Optimism. Balancer Labs CEO, Fernando Martinelli, expressed his belief in the effectiveness of layer-2 scaling solutions to reduce transaction fees and network congestion. At that time, a total of 38 projects were actively building on the Optimism network.