Balancer Suffers $116 Million DeFi Exploit Targeting Staked Ether and Liquidity Pools
Balancer, a prominent decentralized exchange (DEX) and automated market maker (AMM), fell victim to one of the largest decentralized finance (DeFi) exploits on Monday. Attackers drained more than $116 million in staked Ether and liquidity pool tokens from Balancer v2 contracts and several associated forks.
Investigation into the breach pointed to faulty access control in the smart contracts, which enabled attackers to withdraw funds directly from liquidity pools. The exploit initially caused a $70 million loss but quickly escalated to $116 million, primarily impacting liquid staking assets such as Lido’s wstETH and StakeWise’s osETH.
In response, Balancer offered a 20% white hat bounty to the attackers to incentivize the return of stolen funds. The team also announced ongoing collaboration with law enforcement and blockchain forensic experts to identify the culprits behind the attack.
Community Reaction and Audit Scrutiny
On Tuesday, the Balancer community raised concerns over the extensive audits the protocol had undergone, questioning how the breach still occurred despite more than ten audits. Suhail Kakar, developer relations lead at TAC blockchain, highlighted this point by stating, “Balancer went through 10+ audits.”
Further analysis suggested the hack was a result of months-long planning by a highly skilled attacker. Conor Grogan, director at Coinbase, noted that the hacker exhibited sophisticated expertise and possibly moved funds linked to previous exploits.
Balancer’s Preliminary Post-Mortem
On Thursday, Balancer released a preliminary post-mortem report detailing the $116 million hack. The protocol confirmed that a sophisticated code exploit targeted its v2 Stable Pools and Composable Stable v5 pools, leading to the significant loss.
Stream Finance’s $93 Million Loss Sends Ripples Across DeFi
In a separate but related development, decentralized protocol Stream Finance disclosed a $93 million loss tied to an external fund manager on Tuesday. This event caused stablecoin depeggings and liquidity freezes throughout the DeFi ecosystem, affecting synthetic assets linked to the protocol.
Researchers from Yields and More reported that over $284 million in loans and stablecoins are connected to Stream Finance’s synthetic assets, including xUSD, xBTC, and xETH. Protocols like TelosC and Elixir were among the most impacted, with Elixir’s $68 million exposure accounting for approximately 65% of its stablecoin reserves.
Following these events, Elixir withdrew support for its synthetic stablecoin deUSD on Friday, successfully processing redemptions for 80% of all holders, which contributed to deUSD losing its dollar peg.
RedStone Launches Credora: A DeFi Risk Ratings Platform
Amidst recent market volatility that wiped out $20 billion in positions in October, the modular oracle network RedStone unveiled Credora — a DeFi-native risk ratings platform. Credora integrates real-time credit and collateral analytics into protocols such as Morpho and Spark.
RedStone aims to provide dynamic risk scoring and default probability data via APIs, marking a shift toward more data-driven transparency in DeFi. This initiative aligns with broader industry efforts where oracles, auditors, and analytics firms collaborate to assess the sustainability of yield and collateral systems.
Notably, alongside RedStone, entities like Chainlink, S&P Global Ratings, and Hacken have emphasized that the future of DeFi will depend on verifiable creditworthiness rather than speculative yields.
Ethereum Protocol Advocacy Alliance (EPAA) Formed to Advocate in Washington
A coalition of leading DeFi protocols—including Aave, Uniswap, Lido, Curve, Spark, Aragon, and The Graph—has formed the Ethereum Protocol Advocacy Alliance (EPAA) to enhance Ethereum’s regulatory representation in Washington.
The alliance seeks to address the “outsized influence” of centralized crypto companies in shaping U.S. regulation by engaging directly with policymakers about decentralized infrastructure’s technical realities. Supported by the Ethereum Foundation, the EPAA plans to produce educational materials, contribute technical expertise, and coordinate messaging on issues impacting non-custodial systems and DeFi governance.
Through this initiative, the coalition aims to ensure that on-chain protocols, not just centralized projects, have a voice in defining crypto’s regulatory future.
Web3 Gaming and DeFi Lead Sector Activity in October
Despite an overall decline in Web3 engagement during October, DeFi remained one of the most active sectors. According to a DappRadar report, DeFi accounted for 18.4% of decentralized application (DApp) activity.
Data showed that DeFi’s total value locked (TVL) fell by 6.3% to $221 billion in October and further dropped 12% in early November to $193 billion. DappRadar attributed these declines to a $20 billion liquidation event in October and the subsequent collapse of Stream Finance.
Nevertheless, protocols like Raydium, Pump.fun, and Jupiter Exchange continued to experience robust user activity.
Weekly DeFi Market Overview
Data from Cointelegraph Markets Pro and TradingView revealed that most of the 100 largest cryptocurrencies by market capitalization ended the week with losses. Among them, Stables Labs’ USDX token plummeted by over 69% — marking the steepest drop in seven days — followed by Paparazzi Token (PAPARAZZI) with a 54% decline.
Thank you for reading this summary of the week’s most impactful DeFi developments. Join us next Friday for more stories, insights, and educational updates on this rapidly evolving space.
https://bitcoinethereumnews.com/tech/defi-turns-toward-transparency-amid-market-turmoil-2/
