[Security Agency: Balancer Attacker Exploited BPT Price Calculation Invariance, Likely Leading to Asset Theft] Odaily Planet Daily News – The on-chain tracking platform BlockSec Phalcon, under the security agency BlockSec, posted on Platform X stating, 'Balancer and several of its forked projects were attacked a few hours ago, resulting in losses exceeding $120 million across multiple chains. This was an extremely sophisticated attack. Preliminary analysis indicates that the root cause was the attacker manipulating the invariance of BPT price calculations, thereby distorting the BPT price calculation and enabling the attacker to profit from specific stablecoin pools through a single batch transaction. Taking the attack transaction on Arbitrum as an example, the batch swap operation can be broken down into three stages: 1. The attacker exchanged BPT for underlying assets to precisely adjust the balance of one token (cbETH) to approach the rounding boundary (amount = 9). This created conditions for precision loss in the next step. 2. The attacker then used a pre-constructed amount (= 8) to swap between another underlying token (wstETH) and cbETH. Due to downward rounding during token quantity scaling, the calculated Δx slightly decreased (from 8.918 to 8), causing Δy to be underestimated, which in turn reduced the invariant (D) in Curve's StableSwap model. Since BPT price = D / total supply, the BPT price was artificially suppressed. 3. The attacker then swapped the underlying assets back into BPT, restoring balance while profiting from the drop in BPT price.'