Vulnerability disclosure

Overview

The Balancer Labs team was recently notified of a potential issue with Stable Pools and Managed Pools thanks to a benevolent hacker who properly disclosed the vulnerability through Balancer’s bug bounty program.

We would like to emphasize that user funds are not at risk, insofar as the exploit could only be executed by pool owners or Balancer Governance itself which is composed of known participants in the Balancer ecosystem. In particular, Balancer Governance on Ethereum Mainnet (the network that holds the vast majority of funds) is represented by a 6-of-11 multisig owned by reputable members of the Web3 community.

Nevertheless, Balancer Labs is taking immediate measures to reduce any chances of an exploit. Read on to understand the situation and what is being done to mitigate it.

Context

Some pool parameters on Balancer can be dynamically set by the owner of the pool. The most known of such parameters is the pool’s swap fee, but there are others depending on the pool type (eg. amplification factor in stable pools; token weights in managed pools; targets in linear pools,etc.).

A pool’s owner is set when the pool is created, and it cannot be modified afterwards. As a consequence, parameters of pools owned by the null address are immutable.

Pools owned by the delegate owner are a special case: Balancer Governance can grant permissions over setting the parameters of those pools.

Affected Contracts

The vulnerability is present in contracts deployed by the following factories:

Vulnerability Brief

The exploit requires privileged access to modifying parameters of the pool, which by itself reduces the likelihood of the vulnerability being exploited. Nevertheless, so as to not increase the chances of exposing user funds to risk, Balancer Labs will only provide additional information about the vulnerability once new pools are deployed (ETA 1-2 weeks) and liquidity can be migrated.

Vulnerable Pools and Mitigation

The scope of this analysis is restricted to pools that can be interacted with via the Balancer app on Ethereum Mainnet, Polygon and Arbitrum. Balancer Protocol is permissionless and anyone can deploy vulnerable pools on top of it. Balancer Labs understands that we have a responsibility to our end users, which have been exposed to the subset of stable pools and managed pools that were allowlisted on the official UI.

Mainnet

Funds in stable pools are safe, insofar as an exploit would have to be initiated by Balancer Governance which on mainnet is a 6-of-11 multisig composed by reputable members of the Web3 community. All allowlisted stable pools on Ethereum Mainnet are either owned by the null address or the delegate owner address. All permissions over the relevant parameters that were previously granted to third parties have already been renounced.

The iROBOT managed pool is owned by a Gnosis Safe controlled by Moloch DAO with a two-day voting period and one-day grace period, meaning any attempt of exploiting the vulnerability would be preceded with 3 days notice. The team has been contacted and made aware of the vulnerability, and is willing to propose that the DAO renounce ownership of the Gnosis Safe, effectively making the pool immutable.

The WSB-MACRO and WSB-DEFI managed pools have little liquidity, making an exploit far less likely to happen. Moreover, they are owned by a Gnosis Safe controlled by the Techemy Capital team. The team has been contacted and made aware of the vulnerability, and would be willing to renounce ownership of the Gnosis Safe, effectively making the pool immutable.

Polygon

Most stable pools on Polygon are owned by the Balancer Governance multisig. Balancer Labs has proposed that the number of signers required to execute a transaction from that multisig be increased from the current 3-of-7 to 5-of-7 in order to further reduce the chances of it being compromised.

The WMATIC/stMATIC pool is owned by a Gnosis Safe controlled by Shard Labs and the Qi/vQi pool is owned by a Gnosis Safe controlled by Gotchi Vault. Both teams have been contacted and have been made aware of the vulnerability.

The following stable pools have little liquidity, making an exploit less likely to happen. Balancer Labs has delisted these pools from the app so as to prevent more liquidity from being added to them. Existing liquidity providers who would like to withdraw should reach out on #support in Discord.

Arbitrum

The VST stable pool is owned by the delegate owner address. No permissions have been granted over the relevant parameters of this pool.

All other stable pools on Arbitrum are either immutable or owned by a multisig controlled by Ballers, reputable and vetted members of the Balancer community.

Fixing the issue

Balancer Labs has already engineered a fix for the vulnerability. New versions of the affected stable pools will be deployed within the next couple of weeks and liquidity providers will be advised to migrate their funds at that time. The reason why we decided not to deploy an immediate fix is because a new version of stable pools was already in the works and we believe the risks are low enough that by combining both releases we can spare the community from having to migrate liquidity twice.

We will provide timely updates on this thread and on Twitter and Discord if there are any important new pieces of information to be shared, including payment of bounty.

8 Likes

can you confirm that the 3pool (Balancer) will have to be migrated manually?

we are considering to wait to deposit into this pool, if indeed a new version will be deployed in the next week or so.

Hello @gosuto, thanks for your message!

Any migration will always have to be done manually by the liquidity provider, no one has the power or custody of the LP funds.

A new version of the boosted pool will be deployed in the next few weeks as there are other improvements we are working on and will take the opportunity to launch. Once this new pool is launched we expect LPs from both the current Boosted Pool and also from StaBAL3 (the pool you linked) to migrate to this new pool.

As I mentioned in my post above, the vulnerability can only be exploited by the Balancer multisig which is comprised of trusted members of the DeFi community, but feel free to make your own decision about whether to provide liquidity now or not.

Best,
Fernando

1 Like