Balancer Pool Exploited, Over $500,000 of Funds Lost
$500,000 was stolen from Balancer by taking advantage of a vulnerability.
- A hacker used a $23.4 million flash loan to drain a Balancer pool of close to $535,000.
- One token in the pool was deflationary and burnt 1% of the total amount in each transaction, but Balancer didn't account for these burns, giving the hacker a vector to exploit.
- Balancer is taking necessary steps to mitigate future incidents, such as a third audit and blacklisting deflationary tokens.
Share this article
A hacker found a loophole in a Balancer pool via a deflationary token, resulting in the pool being drained of $535,000. Balancer’s co-founder took responsibility for ignoring a previous bug report regarding this same attack vector.
Breaking Down the Balancer Exploit
At roughly 6:00 PM UTC, a meta-transaction to drain a Balancer pool of liquidity was executed on the Ethereum blockchain. The transaction was incredibly complex, recording a $54 fee and 315 token transfers within it.
The Balancer pool that succumbed to this exploit had an equal weight pool between SNX, LINK, WBTC, WETH, and STA.
For the uninitiated, STA, or Statera, is a deflationary token designed to “attract liquidity.” Every time STA is transferred, 1% of the total transaction amount is destroyed.
The hacker began by borrowing 104,331 WETH ($23.3 million) using a dYdX flash loan.
They then proceeded to exchange WETH for STA and vice versa back and forth 24 times. This exploiter understood that Balancer only recorded the token transfer – it didn’t account for the burnt STA.
As a result, the STA side of the pool grew smaller and smaller.
After sufficiently diminishing the amount of STA in the pool, the hacker could throw the entire pool’s dynamics off balance. They proceeded to swap 0.000000000000000001 STA (18 digits after the decimal) for WETH countless times to drain the WETH portion of the pool, mimicking this same action with WBTC, SNX, and LINK.
After they repaid the flash loan, the hacker wasn’t finished.
They held a significant amount of Balancer pool tokens, similar to Uniswap and Curve LP shares. Using Uniswap, these pool tokens were exchanged for more STA and swapped for 109 WETH.
Implications and Hacker Tenacity
The hacker’s address, from which they executed the main transaction, currently has $320,000 of SNX, LINK, and WBTC combined.
DeFi hackers are becoming more sophisticated, using the Tornado Cash mixer to fund the address.
In a prepared statement, Balancer claims they were unaware this kind of attack was possible but were warned of the consequences non-standard ERC-20 tokens could have on the pool.
This runs contrary to the claims of Twitter user “Hex Capital” who claims to have submitted this exact scenario to Balancer’s bug bounty program in May 2020.
Mike McDonald, co-founder and CTO of Balancer, replied to the comment, saying, “the submitted report was about trading a pool and slowly decreasing the pools balance vs. internal balance which we were aware of and why warnings existed. Today worked because of flash lending. That is my fault, and I apologize for not taking more time to review other consequences of what could happen.”
The report mentions swapping to get an asset close to 0. I didn’t take into account flash lending and figured a 1% transfer fee would be impossible to get anywhere close to that level on normal swaps (that get more expensive each trade). Again I’ll take full responsibility here
— Mike McDonald (@mikeraymcdonald) June 29, 2020
Balancer didn’t include STA in it’s latest whitelist for tokens that are eligible to liquidity mine BAL.
Further, Balancer will bar all deflationary tokens from its whitelist and add more documentation regarding how liquidity pools can be exploited.