⚖️ Balancer Hack TL;DR:

🧮 Most tokens on Ethereum use 18 decimals, but some don’t.

✖️ Balancer upscales token amounts (to 18-dec) and downscales them back.

🔧 Upscaling always rounded DOWN, but downscaling could round UP or DOWN.

😬 The more scaling steps involved, the greater the chance tiny amounts are lost in edge cases.

🎛️ An attacker tuned swaps to hit those rounding edges.

♾ Each hit gave a tiny profit, so he repeated it hundreds of times in a loop.

BlockSec

⚖️ Balancer Hack TL;DR:

🧮 Most tokens on Ethereum use 18 decimals, but some don’t.

✖️ Balancer upscales token amounts (to 18-dec) and downscales them back.

🔧 Upscaling always rounded DOWN, but downscaling could round UP or DOWN.

😬 The more scaling steps involved, the greater the chance tiny amounts are lost in edge cases.

🎛️ An attacker tuned swaps to hit those rounding edges.

♾ Each hit gave a tiny profit, so he repeated it hundreds of times in a loop.

https://x.com/BlockSecTeam/status/1986057732810518640

🛠🔥🧙‍♂️ I work for Ethereum at 🏰 https://BuidlGuidl.com