Overview
- A preliminary report identifies a flaw in the “upscale” function used in batched swaps, where asymmetric rounding enabled value extraction through EXACT_OUT trades.
- Losses total about $116.6 million across Ethereum, Arbitrum, Base, and Polygon, with large amounts of WETH, osETH, and wstETH taken.
- StakeWise has recovered nearly $19 million in osETH and plans to return funds to users according to pre-hack balances.
- Balancer paused affected pools, disabled new pool creation, and halted rewards, while partners traced funds and froze some assets on networks including Polygon and Sonic, and Berachain executed an emergency hard fork.
- Whitehat teams and automated bots clawed back smaller sums, and Balancer says a final reconciled report on recoveries and totals is forthcoming.