Balancer
About
Balancer is a decentralized automated market maker (AMM) protocol built on Ethereum, focusing on fungible and yield-bearing liquidity. It provides a programmable toolkit for creating custom liquidity pools with various pool types including weighted, stable, and liquidity bootstrapping pools. The v3 architecture emphasizes simplicity, flexibility, and extensibility for developers building custom AMMs.
Where Does Yield Come From?
Yield on Balancer comes from several structured sources.
1. Swap fees – Charged whenever someone trades tokens or adds/removes liquidity in a way that changes the pool’s balance. Fees typically range from 0.001% to 10% for weighted pools, and from 0.0001% to 10% for stable pools. These fees go to the liquidity providers who supply tokens to the pool.
2. Yield fees – A protocol‑level charge on tokens that themselves earn yield (for example, wstETH). The fee is calculated on the extra yield that accrues between interactions with Balancer’s vault. Collected yield fees are shared among:
- Core pool incentive programs,
- The DAO (the protocol’s treasury), and
- Holders of
veBALtokens (who lock BAL for voting rights).
3. Pool creator fees – External developers who build custom pools can earn a share of the swap fees and yield generated by the pools they create.
4. BAL token emissions – The protocol distributes new BAL tokens as rewards to selected pools. Holders of veBAL vote (through a system called gauge voting) to decide which pools receive these incentives.
5. Dynamic swap fees – Pools can use programmable hooks to adjust their trading fees automatically in response to market conditions.
All protocol fees (swap and yield) are managed by governance through a dedicated fee controller. Fees that are collected are first pooled together in the vault before being distributed to the designated recipients.
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Certora06-08-2024 - 19-09-2024 |
| This thorough audit by Certora uncovered several critical vulnerabilities that were all fixed before deployment, significantly improving the security of Balancer V3. The combination of manual review and formal verification provides strong assurance for the vault's core accounting and buffer mechanisms. |
Trail Of Bits11-12-2024 |
| The audit revealed critical buffer-related vulnerabilities that could drain the entire Vault, alongside multiple medium/low-severity issues; while fixes were reviewed, the buffer mechanism's complexity remains a significant risk requiring careful implementation and extensive testing. |
Spearbit27-11-2024 |
| The audit identified one High-risk rounding issue and multiple Low-risk findings, with the majority addressed via fixes. The protocol demonstrates responsible security practices with comprehensive remediation of identified vulnerabilities. |
Cantina17-12-2024 |
| The audit found no critical or high-severity vulnerabilities, with all identified medium and low-risk issues documented for remediation, indicating a generally secure codebase with some edge-case concerns requiring attention. |
Certora12-12-2024 - 24-12-2024 |
| The audit found only low-severity and informational issues, all of which were addressed before deployment, indicating a relatively secure implementation of Balancer V3's Gyroscope pool adaptations with minimal residual risk. |
Cantina25-11-2024 - 29-11-2024 |
| This post-competition review found no critical, high, medium, or low severity vulnerabilities, indicating that Balancer v3's core security posture is robust following earlier audits. |
Certora23-01-2025 - 30-01-2025 |
| The audit found only low‑severity issues, with two already fixed and the others deemed acceptable by the team, indicating the Surge hook implementation is relatively safe but has minor design tradeoffs acknowledged by Balancer. |
Certora03-02-2025 - 07-02-2025 |
| The audit found only minor informational issues that were promptly fixed, indicating the MEV Tax Hook implementation was robust with no security vulnerabilities identified across critical, high, medium, or low severity levels. |
Certora10-02-2025 - 17-02-2025 |
| The audit revealed only minor informational issues with no security vulnerabilities, indicating the Liquidity Bootstrap Pool implementation is robust from a security perspective. |
Certora11-08-2025 - 19-08-2025 |
| This audit identified no critical or high severity vulnerabilities, with all medium and low issues either fixed or acknowledged, indicating the LP Oracle implementation has been reasonably secured following the review. |
Certora04-09-2025 - 08-09-2025 |
| The audit revealed one medium and one low severity issue in nested pool liquidity operations, both promptly fixed, with no critical or high severity findings identified in the limited scope. |
Certora09-09-2025 - 10-09-2025 |
| Certora's manual code review found zero vulnerabilities in the EclpLPOracle contract, confirming its mathematical correctness and safe integer arithmetic for manipulation-resistant TVL oracle functionality. |
Certora01-12-2025 - 26-01-2026 |
| The audit found no critical or high severity vulnerabilities, with only minor medium and low severity issues that were either fixed or deemed economically unexploitable, indicating a robust security posture for Balancer V3's core architecture. |
Legal
Status and notes
No legal entity, registration jurisdiction, or operating company disclosed on official Balancer website, documentation, or GitHub. Website provides links to Terms of use, Privacy policy, Cookies policy, 3rd party services, and Risks pages but these contain only navigation/marketing content.