Following the $116 million hack, Balancer seeks consensus on how to distribute the recovered capital.

The Balancer community is debating a proposal to distribute $8 million recovered after the November attack, prioritizing pro-rata payments to direct victims.

In early November, the Balancer v2 protocol suffered a critical vulnerability that resulted in the theft of approximately $116 million across various blockchain networks. Weeks after the incident, attention has shifted from the technical urgency to the administrative management of the consequences. 

Currently, the community is debating a specific roadmap for distributing the $8 million that was recovered through security operations and third-party intervention.

The proposal, submitted to the project's DAO, sets a precedent for how protocols handle insufficient funds after an attack, but the recovered amount represents only a fraction of the total stolen. This has forced the solution's architects to design a scheme that prioritizes mathematical clarity over full restitution. The plan suggests that reimbursements be directed exclusively to liquidity providers who suffered direct losses, discarding the idea of ​​socializing the losses across the entire protocol user base.

This is how Balancer is dealing with refunding funds after the hack

The central discussion within the Balancer community revolves around how the available capital will be distributed following the network incident. The proposed methodology indicates that payments will be made proportionally, based on the Balancer Pool token (BPT) holdings recorded in the snapshot blocks—that is, exact captures of the network state just before the attack. 

According to proposalDoing so will help ensure that the allocation accurately reflects who owned which assets at that key moment, preserving the integrity of on-chain data.

On the other hand, a key element of this proposal is that the refund will be made "in kind." This means that users will be reimbursed with the same assets that made up the affected pools, whenever possible. The aim is to avoid the value distortions that could arise from massively converting these assets to stablecoins or other volatile tokens. However, financial realities impose clear limitations, as only around 7% of the total compromised in the attack was recovered, not counting funds under external management such as those of StakeWise. Therefore, users will receive compensation proportional to this limited recovery.

Furthermore, the strategy of not distributing losses across the entire community serves a protective purpose. By compensating only with the funds recovered from the attackers, the protocol safeguards both the other participants and the DAO's treasury, preventing potential systemic insolvency. 

While this decision may seem harsh to those who directly lost funds, it aims to maintain the platform's long-term viability and operational stability. Furthermore, it is clearly stated that no liquidity will be drawn from secure pools to cover the losses of those affected, thus keeping the funds of unaffected users intact.

Claims and Rewards: A New Standard in Asset Recovery

Beyond the arithmetic distribution, Balancer's proposal stands out for its rigorous implementation of the agreement. BIP-726, known as el «SEAL Safe Harbor Agreement». This internal regulatory framework has been key to enabling the recovery of funds. The agreement stipulates clear incentives for those who help rescue capital, establishing a 10% reward on the amounts saved, with a maximum cap of one million dollars per transaction.

This system professionalizes the role of the "white hat hacker"Balancer's developers emphasized that, to access the reward, these participants must undergo Know Your Customer (KYC) and international sanctions verification processes, moving away from the absolute anonymity that typically characterizes the sector. In other words, it's an attempt to align the security incentives of the DeFi protocol with traditional financial compliance regulations.

For end users, the claims process will also include formal requirements. A 180-day window will be enabled to request funds through a digital mechanism that will require the signing of liability waivers. 

By accepting the refund, liquidity providers must release the protocol from future legal claims, thus closing the legal liability loop for the incident. Finally, if there are any unclaimed funds after six months, their fate will be decided in a new governance vote, preventing them from remaining unused indefinitely.