Is Balancer V2 Safe?
Risk Grade: C- (51/100)
Balancer V2 is rated as elevated risk — multiple novel mechanisms and notable interaction risks.
High risk — legacy DEX with catastrophic exploit history ($128M in 2025), immutable contracts across multiple chains, and incomplete migration to V3 leaving residual exposure
Balancer V2 is the legacy version of the Balancer decentralized exchange, still running across multiple blockchains with $74M in deposits. It allows flexible pool designs with custom asset ratios. However, V2 suffered a devastating $128M exploit in November 2025 from a math error in its stable pool code, causing over half its TVL to flee. V2 is being phased out in favor of V3, but legacy pools remain live and carry elevated risk.
TVL
$37M
Mechanisms
7
Interactions
5
Value Grade
D-
Key Risks for Balancer V2 Users
Balancer V2 was exploited for $128M in November 2025 — the largest DEX hack at its scale. The same codebase still runs on multiple chains. While the specific bug was in composable stable pools, the V2 code is aging and may harbor additional undiscovered issues
V2 contracts cannot be upgraded. If another vulnerability is found, the only option is to migrate liquidity — which takes time and coordination across multiple chains. Your funds may be at risk during that window
V2 is being replaced by V3, which means development attention and security resources are shifting away. Remaining V2 pools may not receive the same security scrutiny going forward
Top Risk Factors
- •$128M exploit in November 2025 via rounding error in composable stable pool invariant — the largest DEX exploit at that scale in DeFi history
- •Legacy V2 contracts remain deployed across multiple chains with known vulnerability classes; migration to V3 is incomplete
- •58% TVL collapse post-exploit ($775M to $258M) signals deep erosion of protocol trust and institutional confidence
How Balancer V2 Compares to Peers
Balancer V2 ranks #107 of 111 DEX protocols (bottom quartile — among the riskiest). At a risk score of 51/100, it's 17 points riskier than the sector average of 34/100.
Adjacent peers: WOOFi (C, 50/100) is ranked just safer, and PulseX V2 (C-, 51/100) is ranked just riskier.
See the full DEX sector leaderboard or the Balancer V2 vs PulseX V2 comparison.
Common Questions about Balancer V2
Plain-English answers based on Balancer V2's scores across Hindenrank's 8 risk dimensions. The highest-scoring (riskiest) dimension is Track Record (15/15).
Has Balancer V2 ever been hacked or exploited?
Balancer V2 has a documented incident history that materially raised its risk grade — the track record dimension scored 15/15, near the high end of the scale. Past exploits, governance failures, or contract issues are baked into this rating. Anyone considering deposits should review the incident details before allocating capital.
How much money is at stake in Balancer V2?
Balancer V2 currently holds roughly $37M in user deposits. Smaller TVL means individual depositors carry a larger share of any loss event, and it can be harder to exit a position quickly during stress.
What's the worst-case scenario for Balancer V2?
Hindenrank has identified specific collapse scenarios for Balancer V2. The most prominent: "Second V2 Exploit Across Multiple Chains". The trigger condition is A second critical vulnerability is discovered in V2 contracts (e.g., in weighted pools or vault logic), and exploited across multiple chains before liquidity can be migrated. Reading through the full scenario list on the protocol page is the single best way to understand the actual failure modes — generic "smart contract risk" is rarely the thing that takes a protocol down.
Is Balancer V2 regulated or insured?
Balancer V2 has low regulatory exposure on Hindenrank's framework (2/10). The protocol is structured in a way that minimizes counterparty and jurisdiction concentration, though regulatory risk in crypto can change rapidly. No DeFi protocol carries FDIC-style insurance — even with low regulatory risk, depositors are not protected in the way bank customers are.
What are the biggest red flags for Balancer V2?
Hindenrank's retail-focused risk audit flagged: Balancer V2 was exploited for $128M in November 2025 — the largest DEX hack at its scale. The same codebase still runs on multiple chains. While the specific bug was in composable stable pools, the V2 code is aging and may harbor additional undiscovered issues V2 contracts cannot be upgraded. If another vulnerability is found, the only option is to migrate liquidity — which takes time and coordination across multiple chains. Your funds may be at risk during that window V2 is being replaced by V3, which means development attention and security resources are shifting away. Remaining V2 pools may not receive the same security scrutiny going forward On the technical side, 2 critical-severity interaction risks have been identified.
Should beginners deposit into Balancer V2?
Balancer V2's C- grade puts it in the elevated-risk band. This is not a beginner-friendly protocol. Anyone depositing here should treat the position as speculative and avoid concentrating significant savings in it.
How does Balancer V2 compare to safer DEX alternatives?
Balancer V2 is one protocol in Hindenrank's DEX coverage. The safest DEX protocols on the leaderboard tend to share three traits: a long incident-free track record, conservative mechanism design, and high-quality public documentation. Compare Balancer V2 against the full DEX ranking before committing capital.
For the full 8-dimension score breakdown, the radar chart, and dependency graph, see the Balancer V2 risk report.
Read the Full Balancer V2 Risk Report
This protocol has 3 collapse scenarios. 2 critical and 1 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Get risk alerts before it's too late
Weekly grade changes, downgrade alerts, and new protocol risk findings. Free.