Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Balancer says it has received reports of a critical vulnerability affecting multiple V2 pools. Emergency mitigation procedures have been implemented to secure the majority of TVL, but some funds remain at risk. Users are advised to immediately withdraw affected LPs. According to news on August 28, Balancer’s losses have exceeded $2.1 million, and multiple fund pools on Ethereum, Fantom, and Optimism have been affected. Attack method (per SlowMist): Flash Loan Attack. Reported loss: $ 2,100,000.
- chain
- ethereum
- protocol
- Balancer
- bug_class
- flashloan
- date_occurred
- 2023-08-22
- loss_usd
- $2,100,000
- source_id
- sm:balancer::2023-08-22