I've seen over and over and over again that protocol longevity and adoption does not preclude serious, critical vulnerabilities; half a dozen ultra-fatal examples on famous protocols come to memory.
This is why we always, always, need to keep the disclosure channels open, continue cultivating interest in older, matured codebases, and continue adding new layers of protection and resilience to our attack surface. If we don't, this is the ultimate result.
Remember, attackers have infinite time. In the long run, we can never afford to bet against them. We must be constantly vigilant, and continually invest into our security, past and future.
This incident is no one's fault but the hacker, but it is a call-to-action for us all to raise the caution and security investment bar another notch up. We must all answer the call.
For me and Immunefi, that takes the form of the Immunefi Magnus Platform; we long realized that bug bounties alone would never be enough to secure the industry, so we decided to make it as easy as possible to discover, deploy, and run the entire stack of the very best security layers all at once.
This way every protocol and every web3 company would get the very best security money can buy on day 1, with the only barrier being their willingness to adopt.
This incident shows that we must accelerate the Immunefi Magnus vision even faster if we want to save crypto from the terrifying future hacks to come.
Today, around 7:48 AM UTC, an exploit affected Balancer V2 Composable Stable Pools.
Our team is working with leading security researchers to understand the issue and will share additional findings and a full post-mortem as soon as possible.
Because these pools have been live onchain for several years, many were outside the pause window. Any pools that could be paused have been paused and are now in recovery mode.
All other Balancer pools are unaffected. This issue is isolated to V2 Composable Stable Pools and does not impact Balancer V3 or other Balancer pools.
Balancer is committed to operational security, has undergone extensive auditing by top firms, and had bug bounties running for a long time to incentivize independent auditors. We are working closely with our security and legal teams to ensure user safety and are conducting a swift & thorough investigation. We’re grateful to our partners and the broader DeFi community for their support.
Security notice: Fraudulent messages claiming to be from the Balancer Security Team are circulating. These are not from us. Do not interact with unsolicited communications or click unknown links.
Official updates will be posted only via:
- This official Balancer account on X (Twitter)
- Our official Discord server
Be careful with communications from other sources, they can be fraudulent.
We will provide a comprehensive update with more details as our investigation progresses.
The Balancer Team.
1,81 тыс.
16
Содержание этой страницы предоставляется третьими сторонами. OKX не является автором цитируемых статей и не имеет на них авторских прав, если не указано иное. Материалы предоставляются исключительно в информационных целях и не отражают мнения OKX. Материалы не являются инвестиционным советом и призывом к покупке или продаже цифровых активов. Раздел использует ИИ для создания обзоров и кратких содержаний предоставленных материалов. Обратите внимание, что информация, сгенерированная ИИ, может быть неточной и непоследовательной. Для получения полной информации изучите соответствующую оригинальную статью. OKX не несет ответственности за материалы, содержащиеся на сторонних сайтах. Цифровые активы, в том числе стейблкоины и NFT, подвержены высокому риску, а их стоимость может сильно колебаться. Перед торговлей и покупкой цифровых активов оцените ваше финансовое состояние и принимайте только взвешенные решения.