Balancer DAO has opened formal discussions on an $8 million recovery plan for users impacted by the protocol’s latest major exploit, an attack that drained more than $110 million from its v2 vaults and cut its total value locked by nearly two-thirds.
DAO Proposes Reimbursement in Original Tokens
The draft proposal, introduced by core contributor Xeonus, outlines the distribution of the roughly $8 million in assets recovered by whitehat responders and internal teams in the hours following the Nov. 3 attack. The plan follows Balancer’s established Safe Harbor Agreement, which sets rules for ethical fund recovery and caps whitehat bounties at $1 million per incident.
Under the proposal, liquidity providers would receive reimbursements in the same tokens they originally deposited, distributed pro rata according to snapshot balances taken at the moment of the exploit. The recovered funds span several networks — including Ethereum, Polygon, Base and Arbitrum — and comprise assets such as WETH, rETH, WPOL and MaticX.
A claim mechanism is now being developed. If approved by governance, LPs will need to accept updated terms of use before redeeming their balances.
Whitehat Funds and External Recoveries Handled Separately
While the DAO will distribute $8 million directly, an additional $19.7 million in osETH and osGNO was rescued by StakeWise and will be managed outside the DAO’s reimbursement process. Another $4.1 million recovered in coordination with auditing firm Certora will not qualify for bounties due to preexisting service agreements.
Several whitehats declined to undergo the KYC and sanctions screening mandated by the Safe Harbor framework, forfeiting any claim to rewards. Despite this, Balancer confirmed that the secured funds would still be routed to users.
A Third Major Security Incident and Sharp Market Impact
The exploit was traced to a flaw in Balancer’s smart contract access controls, enabling the attacker to drain funds across multiple pools. This marks Balancer’s third major security event, further straining confidence in a protocol that once served as a core liquidity layer for Ethereum-based DeFi.
The aftermath was swift. Total value locked plunged from roughly $775 million to $258 million, according to DeFiLlama, while the BAL governance token shed around 30% of its value. Pool activity across networks has since contracted sharply as LPs wait for clarity on reimbursements and security reforms.
Outlook
Balancer’s recovery plan remains in draft form, but early community feedback indicates support for reimbursing LPs on a token-matched, pool-specific basis. The DAO now faces the challenge of restoring confidence after its third major exploit in as many years — a task that will likely depend not just on repayment mechanics, but on structural upgrades to its permission controls and smart contract security.
Leave a comment