Balancer proposes eight-million repayment for users hit by v2 exploit

The proposal, posted on Balancer’s governance forum on November 27, 2025, is the first formal framework for compensating users after the November 3 attack, which drained user funds from pools on Ethereum and several Layer-2 networks and ranks among the largest DeFi exploits of 2025. Balancer confirms that roughly $8 million has been retrieved through rescue operations, while a separate tranche of about $19.7 million in osETH and osGNO tied to StakeWise is being handled under a distinct process.

Under the plan, whitehat responders who helped secure funds during and after the exploit are set to receive bounties equal to 10% of the assets they recovered. Those rewards will be paid in the same tokens that were returned, in line with Balancer’s Safe Harbour Agreement, which defines how the protocol treats good-faith rescue actions during security incidents.

Before any bounty is released, whitehats must pass identity verification, know-your-customer checks and sanctions screening. Balancer notes that these checks have already been completed, but the individuals’ identities remain confidential. Assets recovered through an existing service arrangement with smart contract auditor Certora will not attract bounties; those tokens are earmarked to go back directly into the affected pools.

For liquidity providers, reimbursements are structured on a pro rata, non-socialized basis. Payouts will be calculated from snapshot blocks taken immediately before exploit transactions, using each LP’s Balancer Pool Token (BPT) balance as the reference. Funds recovered from a particular pool will only be distributed to LPs from that pool, and users will receive the same assets that were rescued rather than a basket or stablecoin substitute.

Balancer also plans to deploy a dedicated claim interface. Affected users will be required to connect wallets, review the protocol’s terms and explicitly accept them before claiming reimbursement. According to the draft, any tokens left unclaimed after the designated claim window will be subject to a later governance decision, which could reallocate remaining balances.

The proposal is now in community review on Balancer’s forum, where delegates and LPs can scrutinize the distribution logic, whitehat rewards and legal language around claims. Once discussion is complete, the protocol is expected to proceed to a formal vote to authorize contract deployments and transfers required for the payout process.

The reimbursement plan follows an exploit, in which an attacker used a precision-loss vulnerability in Balancer’s v2 invariant to manipulate token balances and trigger a series of arbitrage loops. That sequence drained more than $129 million in total value across Balancer pools on Ethereum mainnet and multiple scaling networks within minutes.

The impact extended beyond Balancer itself. On November 4, DeFi platform Stream Finance suspended deposits and withdrawals after disclosing that an external fund manager’s Balancer positions had suffered a loss of about $93 million during the incident.