After a successful exploit at the decentralized exchange and automated market maker Balancer, which resulted in over $100 million in digital assets being stolen, many cryptocurrency traders are seeking answers.

In a post on the X platform on Monday, Balancer updated users on the exploit, stating that the incident "is limited to the V2 composable stable pool and does not affect Balancer V3 or other Balancer pools."

The platform added that it "has undergone extensive audits by top firms and has run a long-standing bug bounty program to incentivize independent auditors," raising questions about how the exploit was achieved.

"Balancer has undergone more than 10 audits," said Suhail Kakar, head of blockchain developer relations at TAC, on the X platform. "The treasury was audited three times by different firms and was still hacked, resulting in a loss of $110 million. The fact that this field needs to accept that 'X audited' is almost meaningless is concerning. The code is hard, and DeFi is harder."

According to the Balancer V2 audit checklist provided on GitHub, four different security firms—OpenZeppelin, Trail of Bits, Certora, and ABDK—have conducted 11 audits of the platform's smart contracts, with the most recent being an audit of its stable pool by Trail of Bits in September 2022.

Cointelegraph reached out to OpenZeppelin for comment but had not received a response by the time of publication. A spokesperson for Trail of Bits declined to comment on the exploit, "until the root cause is determined and all Balancer forks are secure."

The exploit reported earlier on Monday resulted in the transfer of over $116 million worth of staked Ether (ETH)—including StakeWise staked ETH (OSETH), Wrapped Ether (WETH), and Lido wstETH (wSTETH)—to a newly created wallet. A research analyst at Nansen told Cointelegraph that the Balancer incident may stem from a smart contract issue, which had "incorrect access checks that allowed attackers to send commands to withdraw funds."

In a blockchain transaction note sent to the attacker on Monday, the Balancer team offered a white hat bounty of up to 20% of the stolen funds, provided that the full amount is returned within 48 hours of notification.

"If you choose not to cooperate, we have engaged independent blockchain forensic experts and are actively cooperating with multiple law enforcement and regulatory partners," Balancer stated.

As of the time of publication, the project had not announced any additional updates regarding the bounty or details of the exploit.

Related: Privacy coins surge 80% as crypto investors shift from public to anonymous trading

Original article: “Balancer Audits Under Scrutiny After $100 Million Exploit”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。