- Trending
- Comments
- Latest
Berachain executed an emergency hard fork and halted its network Monday after a vulnerability in Balancer V2 smart contracts led to an exploit affecting approximately $128 million in assets across Ethereum-compatible chains, with the bulk of losses concentrated in the blockchain’s Ethena/HONEY liquidity pool.
The layer-1 blockchain is now negotiating with a white hat hacker who controls the stolen funds and has agreed to return them once the network resumes operations, according to statements from the Berachain Foundation.
The hacker has reportedly pre-signed transactions to send assets back to Berachain’s official deployer address.
Following the exploit, the Berachain Foundation coordinated with network validators to halt all operations and conduct an emergency hard fork. This move aimed to address vulnerabilities in Balancer V2 contracts that threatened both native and non-native assets. HONEY minting and BEX pool activities were suspended to prevent further damage.
The foundation emphasized that these precautions were necessary to safeguard the integrity of the network and its users. Validators distributed the binary for the hard fork, and updates from core infrastructure partners remain a key step before resuming full operations.
The Balancer-related vulnerability primarily impacted the Ethena/HONEY tripool through complex smart contract transactions. Both native BERA tokens and other assets were affected, requiring a more extensive rollback than a typical hard fork.
The incident has raised concerns about the reliance on forked or imported code in decentralized ecosystems. With total losses estimated at $128 million, the situation underscores the need for robust audits and preventive measures across similar protocols. The chain will remain paused until a permanent solution is implemented.
In a promising development, Berachain is in talks with a MEV bot operator described as a white hat hacker. The individual reportedly agreed to pre-sign transactions to return the stolen funds once the network restarts. Berachain confirmed that the funds should be returned to the official deployer address, with on-chain messages reinforcing the planned procedure.
Such negotiations provide hope for partial recovery and demonstrate collaboration between the blockchain team and security actors in crisis management.
“In accordance with our communications with the whitehat, we’re confirming that funds should be returned to 0xD276D30592bE512a418f2448e23f9E7F372b32A2, the Berachain deployer address,” Berachain Foundation
“The rapid coordination by Berachain mitigated further losses, showing the importance of strong governance and technical oversight in DeFi ecosystems,” Crypto security analyst
The incident highlights the risks inherent in using forked or third-party code in blockchain ecosystems. Analysts suggest that the Balancer-linked vulnerability may trigger widespread audits across decentralized exchanges and liquidity protocols.
PeckShieldAlert reported $12.86 million in immediate losses, emphasizing the value of prompt intervention.
The episode demonstrates how robust governance, rapid response, and collaboration with white hat hackers can significantly limit damage. Developers are urged to enhance security protocols to prevent similar exploits in the future.
