Balancer, a prominent decentralized finance (DeFi) platform, has released a post-mortem analysis detailing the recent exploit that resulted in over $129 million being drained from its Composable Stable Pool (CSPs) across multiple blockchain networks. The report reveals that the vulnerability stemmed from a rounding flaw in the protocol’s swap logic, which allowed attackers to manipulate token calculations and siphon liquidity without triggering standard protections. CSPs, specifically designed for stable pricing and efficient liquidity, were the sole target of this exploit, with other pool types unaffected by the flaw. Despite not impacting the v2 protocol’s core design, developers are actively working to recover the stolen funds, offering a 20% bounty reward to the individual or group behind the hack. Collaboration between Balancer and leading blockchain security researchers is underway as part of the investigation process. The incident has significantly impacted the crypto market, with BAL token dropping over 10%, BERA token experiencing a 7% decline, trading volumes surging by nearly 90%, and Ethereum (ETH) witnessing a 4% drop in just 24 hours. However, a significant recovery occurred when StakeWise, another DeFi protocol, managed to recover $19.3 million of the stolen funds. This marked a positive step towards restoring financial stability for its users and the wider crypto ecosystem. The investigation continues to uncover how the attacker converted stolen tokens into Ethereum. The incident highlights the importance of secure coding practices in the rapidly evolving DeFi landscape.