Balancer Hack Response

On November 3rd, Notional V3 was impacted by a smart contract hack of Balancer V2. This incident led to significant losses for Notional users and ultimately a full wind-down of Notional V3.

This blog post will detail the decisions and calculations made from the time of the hack until the final distribution of all user assets.

The hack

Notional’s monitoring systems detected an anomaly at 2:52 AM Eastern Time. Upon inspection, it was discovered that the collateral value in several leveraged vaults had declined to zero. 

The hack impacted three vaults on Arbitrum (rETH/WETH, wstETH/WETH, and rsETH/WETH) and two vaults on Mainnet (ezETH/WETH, rsETH/WETH). 

Upon discovery of the issue, the Notional team disabled all Balancer vaults to guard against the possibility of any further losses and fully paused the protocol on Mainnet and Arbitrum.

After evaluating the extent of the damage, it was determined that it would not be possible to return Notional V3 to a functioning state in production. The team then decided that the best course of action would be to wind down Notional V3 and fully distribute all user funds.

The Impact

• Leveraged vault positions: users who held positions in any of the impacted vaults were completely wiped out. The collateral in the vaults went to zero and made all these positions immediately insolvent.
• Bad debt: all debt held by the vaults became bad debt. The sum total of the bad debt was 632.8 ETH on Mainnet and 80.2 ETH on Arbitrum.
• ETH lenders: ETH lenders on Mainnet took a 56.019% haircut on their ETH asset value. ETH lenders on Arbitrum took a 19.244% haircut on their ETH asset value.

Calculating the ETH lender haircut

• All account values were snapped as of the block at which the protocol was paused. These account values were then used to calculate the proportional claim on the ETH available to distribute.
• Notional’s ETH reserve values were written down to zero (~$100,000 on Mainnet, ~$18,000 on Arbitrum) as the first line of defense.
• Notional’s non-ETH reserves were used to compensate hack victims. All non-ETH reserves (~$205,000 on Mainnet, ~$161,450 on Arbitrum) were traded for ETH and added to the sum distributed to ETH lenders.

Haircut calculation details (Mainnet)

• Total ETH deposit value pre-hack: 941.934
• Total ETH held on contract: 347.701
• Total ETH purchased with reserves: 66.571
• Total ETH distributed to users: 414.272

Haircut calculation details (Arbitrum)

• Total ETH deposit value pre-hack: 115.74
• Total ETH held on contract: 41.599
• Total ETH purchased with reserves: 51.867
• Total ETH distributed to users: 93.466

Remediation execution details

• Step 1: close all open leveraged vault positions. All vault positions were closed and user principal and profits as of contract pausing were transferred directly to them 
  • Mainnet: 
    • https://etherscan.io/tx/0x67adddc2d16ca24e354f2ef3aab229ac67b0c2eb3b4a574b6acead56656e00e8 
  • Arbitrum:
    • https://arbiscan.io/tx/0xcb97da32df1f60f2d094221303abbdaf34abda67a84660692bfc31aaea2e8841
    • https://arbiscan.io/tx/0xe11bc2217953d74243db6ea9032d11b51ac1c1d8e848a88017be43fe6caaa796
• Step 2: migrate borrowers to Aave. All cross-currency borrowers (ex USDC vs. ETH) were migrated to Aave. Each borrower received their own gnosis safe holding their Aave borrow position.
  • Mainnet safe addresses by borrower:
    • https://docs.google.com/spreadsheets/d/1SN_S5FFzORQJskVbaqWNCw8ar3X0HhmJWD8nj9K7j1E/edit?gid=0#gid=0
  • Arbitrum safe addresses by borrower:
    • https://docs.google.com/spreadsheets/d/1qgDT1ckhG1bmiy-NJUt-zw_AK92q_cHoy2Iu_ycDwZU/edit?gid=0#gid=0
  • Mainnet borrower migration transactions:
    • https://etherscan.io/tx/0x97ca7a56785246c709fc3d737cce3d60214a10a08e206dee13d7ce91273bd910
    • https://etherscan.io/tx/0xfa693260a189a1d003ef2586a6a6db8158122cddf987aa731c21f20d285b857d 
  • Arbitrum borrower migration transactions:
    • https://arbiscan.io/tx/0x7a17ceac9632261976acbcca0033760b7865e0143e8f090b26c0749bd0814cce
    • https://arbiscan.io/tx/0x1ccb22ab7f2ad8cedac4f451336f8e91303632542543c59f6f4031b30f613c43
• Step 3: execute full user distributions. Fund distributions included a small top-up ETH amount sent to borrowers that had been migrated to Aave and a full distribution to all other users. The top-up amount was sent because the exact ETH haircut figure was not known until after purchasing ETH with reserve funds which had to occur after first migrating the borrowers to Aave.
  • Mainnet:
    • https://etherscan.io/tx/0x9ff2e72592047f60299a3baf0b27a68f4b9baf16542214b5a0af5f7d3ba46c3c
    • https://etherscan.io/tx/0x786e296ca0f6807478e5579139accdc12bcc71f12c84ed6aa50220f15a621983
  • Arbitrum:
    • https://arbiscan.io/tx/0x4ca1cc50bbf19280d4f9f170fb9ddb6372b285f84422be7d7c1f47af40f381b7
    • https://arbiscan.io/tx/0x243e1b4956ebce4cc29e32073f6e172973b2a94d2ad6db35adfb97eded8e4fab
    • https://arbiscan.io/tx/0x6921760af171a7dd230cde5b51997b43567301755289501bd6e65d478ba454c3
    • https://arbiscan.io/tx/0xa7cb5e54e1bce91591baf3283258e75d192d65bbc4362bbe8c8a1d47dcb4da6c
    • https://arbiscan.io/tx/0x7f0919eff4c8c772cc869b613093c58f7979b0db62bb39e09c6c03a299cd5adf
    • https://arbiscan.io/tx/0xa60c327e3c0f81fa4a6ec20bf7f0069804ce67651a09126dd6ef27ac8cc610c2
    • https://arbiscan.io/tx/0x19cc70250abc7d8ae9eb2c8f1ed166d6621cfe30d992ec31a4ce0fd7f1632285
    • https://arbiscan.io/tx/0x4daf55a107616ac72ae015a3c8d37cebedb96ba41765c3392d616b7dd06a9f1d

Future asset recovery

No future asset recovery is certain, but it is possible. Balancer is working diligently with the authorities and pursuing every possible avenue to recover funds for affected users like Notional V3.

In the event that any funds are recovered in the future and made available to Notional, those funds will be distributed proportionally to Notional users. Stay tuned for any news regarding asset recovery.

Notional’s future

The Balancer hack was a major incident for the protocol’s development and a significant financial hit. The team is currently determining a path forward and will share details soon.