From Balancer to Berachain, the chain was pressed to pause
DeFi, security and centralization
DeFi, security and centralization
By ChandlerZ, Foresight News
DeFi, again, has been caught in a storm eye。
Several projects based on the Balancer V2 architecture were subjected to a well-designed attack on 3 November, with cumulative losses exceeding $120 million. The incident, which affected not only the ETA network, but also several chains such as Arbitrum, Sonic, Berachain, became another industry-wide safety accident following the Euler Finance and Curve Finance incidents。
BlockSec's preliminary analysis indicates that it is a “high-complex price-rigging attack”, the core of which is that the attackers use rounding errors in the BPT (Balancer Pool Token) price calculation logic, using rounding errors in the Invariant, to create a distorted price, and thus to arbitrate in a batch exchange。
Taking the example of the attack transaction on Arbitrum, the attack was divided into three phases:
- The attackers first converted BPT base assets, fine-tuned the cbETH balance to the border (approximately 9) to create conditions for subsequent manufacture of precision losses
- Subsequently, a small decrease in the Δx calculated by exchange between a specific quantity (=8) of another base asset, wstETH and cbETH, resulted in an underestimation of the Δx resulting in the stable pool constant D being smaller, thus reducing the theoretical BPT price
- FINALLY, THE ATTACKERS CONVERTED THEIR BASE ASSETS BACK TO BPT IN REVERSE, MAKING ARBITRAGE PROFIT FROM THE DEPRESSED PRICES。
In short, it was a precision strike based on a mathematical and code boundary。
Balancer officially confirmed that V2 could be Stable Pools was attacked by a leak. The team has now conducted investigations in cooperation with top security researchers and has undertaken to share a full after-action analysis as soon as possible, and all potentially suspended impact pools have been frozen and put into recovery mode. The impact of this loophole is limited to V2 possible Stable Pools and does not affect Balancer V3 or other pool types。
After the breakout of the Balancer V2 gap, the Fork Balancer project suffered a severe shock. According to DeFiLlama data, as at 4 November, only some $49.34 million remained in the total lockout of the related projects, a drop of 22.8 per cent on a single day. Of these, BEX, the original Berachain DEX, had a decline of 26.4 per cent to $40.27 million, still accounting for 81.6 per cent of the entire ecology, but the outflow continued as a result of the chain shutdown and the freeze on liquidity. Another victim, Beets DEX, performed worse, with a 24-hour TVL crash of 75.85 per cent and a cumulative decline of almost 79 per cent over the past seven days。
In addition to the above-mentioned agreement, other DEX-based structures based on the Balancer structure also experienced panic divestments. PHUX fell 26.8 per cent, Jellyverse 15.5 per cent, Gaming DEX fell 89.3 per cent and liquidity was almost emptied. Even small and medium-sized projects that were not directly affected, such as KLEX Finance, Valle Liquid, Sobal, etc., generally recorded 5 per cent to 20 per cent of financial outflows。
The chain's starting to show, Berachain
This hole, which originated in Balancer V2, quickly triggered a greater chain reaction。
Berachain, an emerging public chain based on Cosmos SDK, was attacked by hackers within hours because BEX also adopted Balancer V2's contractual structure. The foundation quickly announced the "Clock Stop" when it discovered the anomaly。
It was reported that liquidity pool assets such as USDe Tripool at BEX were under threat, affecting approximately $12 million in size. The attackers used the same logical loophole as Balancer to steal money from each other through multiple smart contracts. Since some assets are non-original, the team must use hard-drive roll-back sections to complete recovery and tracking。
At the same time, a number of agreements on the ecology of Berachain, including Ethena, Relay, HONEY and others, are simultaneously taking defensive measures:
- Prohibition of USDE cross-chain transfer
- Suspension of deposits related to the lending market
- STOP THE CASTING AND REDEEMING OF HONEY
- Inform the Centralized Exchange of suspicious addresses on the blacklist。
The Berachain Foundation wrote that this suspension of the Berachain network was planned and that the network would return to normal operation in the near future. Balancer's loophole mainly affected Ethena/Honey's three pools, caused by relatively complex smart contract transactions. Since this loophole affects non-native assets (not only BERA), the roll-back/rolling process is more than a simple hard fork, and the network will be suspended to complete a comprehensive solution until a final solution is determined。
On 4 November, the Berachain Foundation indicated that hard-drive binary documents had now been distributed and that some validation nodes had been upgraded. Before re-linking and re-generating blocks, it wished to ensure that the core infrastructure partners needed to operate on the chain (e.g. clearing the prophecy machine) had updated their RPCs, which would be the main obstacle to restoring the chain. Upon completion of the RPC request for core services, the team will coordinate with the Translink Bridge, CEX partners, custodians, etc. to restore services。
At the same time, a Berachain MEV robot operator contacted the Foundation after the chain had been suspended and called it a "white hat" to extract funds and send messages on the chain. It expressed its willingness to sign a series of transactions in advance for the transfer of funds once the block chain had been online。
Security priority or centralization
"We know it's controversial, but protection is the only option when about $12 million of user assets are under threat. "The Berachain co-founder, Smokey The Bera, said in the face of community challenges to "centreization"。
In his statement, he admitted that Berachain had not yet been de-centralized at the level of the Taifeng and that the coordination mechanisms between the certifying officers were more like the Crisis Command than the automated consensus network. The fact is that the nodes of the chain are synchronised within less than one hour of a loophole, demonstrating the efficiency of centralized decision-making and exposing the degree of centralization of the governance hierarchy。
The community reaction was divided。
Proponents believe that this reflects the team’s sense of responsibility for the safety of its users and that it is “decentification of realism”, while opponents accuse it of violating the principle of “Code is Law” and of blatant betrayal of the irreversibility of the chain。
The chain detective ZachXBT, in his commentary, said, "This is a difficult but right decision in a situation where user funds are at risk. I don't know
But there are also radical developers who speak out: "What difference does the block chain make with the traditional financial system if it can be pushed off at any time?" I don't know
THE SHADOW OF THE DAO INCIDENT
THIS WAVE REMINDED A LOT OF PEOPLE IN THE INDUSTRY OF THE 2016 BLACKOUT OF THE ETHER HOUSE DAO. AT THAT TIME, AFTER RECOVERING THE STOLEN $50 MILLION, IT WAS DECIDED TO ROLL BACK THE TRANSACTION THROUGH A HARD-DIVIDED FORK, WHICH LED TO THE DIVISION OF COMMUNITIES INTO THE ETH AND ETC CLASSICS。
Over the past nine years, similar choices have re-emerged。
By contrast, this time the protagonist is a public chain in its early stages of development, which is not sufficiently centralized or supported by global consensus。
The human intervention of Berachain, while preventing a wider range of losses, once again triggered philosophical torture of the "real autonomy of the block chain"。
In a sense, it's also a mirror of DeFi ecology: safety, efficiency, decentrization -- the balance between the three has never really been achieved。
When hackers are able to destroy tens of millions of dollars in seconds, “ideals” often have to make way for “realism”。
Balancer official stated that the team was working with top security researchers to plan the release of a complete after-action analysis and alert users to fraudulent information from the security team。
In Berachain, it is expected that the block production and trading functions will be gradually restored after the completion of the hard cross。
However, restoring trust is more difficult than repairing loopholes. For an emerging public chain, the pause chain is short-term fire-fighting but may leave long-term scars in the community. Users would question the authenticity of their decentrization and developers would be concerned about the existence of non-removable safeguards。
DeFi's world is perhaps redefinition of decentrization, not absolute indulgence, but consensus to find the smallest compromise in crisis。