Balancer suffered one of the largest decentralized finance (DeFi) exploits on Monday, with more than $116 million in staked Ether and liquidity pool tokens leaked from the Balancer v2 contract and several forks.
Decentralized exchanges (DEXs) and automated market makers (AMMs) have investigated what appear to be flaws in access controls within smart contracts that allow attackers to withdraw funds directly from liquidity pools.
The exploit started with a loss of $70 million and ballooned to $116 million, primarily affecting liquidity staking assets such as Lido’s wstETH and StakeWise’s osETH.
To recoup their losses, Balancer offered the attackers a 20% white hat bounty. The team warned that it is working with law enforcement and blockchain forensics to identify the culprits.
On Tuesday, Balancer noted that its community members had undergone extensive audits and came under intense scrutiny, but ultimately they were still hacked. “Balancer has undergone more than 10 audits,” said Suhail Kakar, head of developer relations at TAC Blockchain.
The hack also showed evidence of months of planning by a skilled attacker. Coinbase director Connor Grogan said the hackers appeared to be experienced and had funds that may be related to previous exploits.
On Thursday, Balancer released a preliminary after-action report following a $116 million hack. According to the protocol, a sophisticated code exploit targeted the v2 stable pool and the composable stable v5 pool.
read more
DeFi Detective Tracks $284M Loans and Stablecoin Risks Associated with Stream Finance
In a further blow to the DeFi market, decentralized protocol Stream Finance on Tuesday disclosed $93 million in losses related to external fund managers. This event triggered the depegging of stablecoins, with associated assets freezing liquidity across the ecosystem.
DeFi analysts said the protocol’s collapse had a ripple effect across DeFi, exposing millions of people to the protocol’s synthetic assets. According to researchers at Yields and More, Stream Finance has over $284 million in loans and stablecoins linked to xUSD, xBTC, and xETH.
Dozens of interconnected lending markets, including Euler, Solo, Morpho, and Gearbox, were found to have exposure via stablecoin loops and vaults, creating contagion risk across the DeFi yield ecosystem.
Funds like TelosC and Elixir appear to be among the most affected protocols, with Elixir’s $68 million exposure accounting for approximately 65% of stablecoin reserves.
On Friday, Elixir discontinued support for the synthetic stablecoin deUSD. The protocol announced that it had successfully processed the redemption of 80% of all deUSD holders, which resulted in the token losing its dollar peg.
read more
RedStone releases DeFi risk assessment
Modular oracle network RedStone has launched Credora, a DeFi-native risk assessment platform that integrates real-time credit and collateral analysis into protocols such as Morpho and Spark.
RedStone aims to provide dynamic risk scoring and probability of default data through its API. This marks a shift towards data-driven transparency after recent market volatility led to the elimination of $20 billion in positions in October.
The move is in line with a broader industry movement toward a lower-risk DeFi ecosystem, where oracles, audit firms, and analytics firms are coming together to assess yields and the sustainability of collateral systems.
Apart from RedStone, Chainlink, S&P Global Ratings, and Hacken have also suggested that the next wave of DeFi will hinge on verifiable credibility rather than speculative yield.
read more
DeFi players launch alliance to defend Ethereum to policymakers
A coalition of major DeFi protocols has formed the Ethereum Protocol Advocacy Alliance (EPAA) to strengthen Ethereum’s policy representation in Washington. The partnership includes Aave, Uniswap, Lido, Curve, Spark, Aragon, and The Graph.
The protocol aims to balance the “enormous influence” of centralized cryptocurrency companies in shaping U.S. regulation. The coalition plans to engage directly with policymakers about the technical realities of decentralized infrastructure.
EPAA, which also has support from the Ethereum Foundation, plans to produce educational materials, provide technical expertise, and coordinate messaging on issues affecting non-custodial systems and DeFi governance.
The partnership aims to ensure that on-chain protocols, not just centralized projects, have a say in defining the future of crypto regulation.
read more
Web3 Gaming, DeFi leads sector activity in October
Despite an overall decline in Web3 engagement, DeFi remained one of the most active crypto sectors in October. According to a report by DappRadar, DeFi accounts for 18.4% of decentralized application (DApp) activity.
According to the data, DeFi TVL fell by 6.3% to $221 billion, and further declined by 12% to $193 million in early November. DappRadar attributed this to the $20 billion liquidation event in October and the subsequent collapse of Stream Finance.
Despite this, DappRadar reported that protocols such as Raydium, Pump.fun, and Jupiter Exchange remain in active use.
read more
DeFi market overview
Most of the top 100 cryptocurrencies by market capitalization ended the week in the red, according to data from Cointelegraph Markets Pro and TradingView.
The Stables Labs USDX (USDX) token has fallen over 69% over the course of this week, its biggest decline in the past seven days. This was followed by a token called PAPARAZZI, which fell 54% last week.
Thanks for reading our overview of this week’s most influential DeFi developments. Tune in next Friday for more stories, insights, and education on this dynamically evolving universe.