Berachain releases emergency hard fork after Balancer V2 hack
The Berachain Foundation announced the rollout of an emergency network update aimed at fixing a vulnerability in the decentralized exchange BEX. The incident is linked to a large-scale exploit of Balancer V2, which affected pools on several blockchains and led to the halt of the Berachain network.
Previously: Balancer hack: losses exceeded $116 million, team offers 20% reward for return of funds
Hard fork as an emergency measure
On Monday, Berachain validators suspended the network after the Balancer V2 hack triggered a leak of about $128 million from pools across 4 blockchains. Part of the attack affected BEX, a fork of Balancer V2, where about $12 million was stolen, mainly from the Ethena/Honey tripool.
Late in the evening, the foundation announced that the hard fork binary had already been distributed to validators, most of whom had completed the update. The update blocks the movement of stolen tokens and prevents repeated attacks.
“Before the network can start producing blocks again, it is necessary to ensure that all key infrastructure partners — RPC providers and node operators — have updated their services. This is the main factor holding back the restart,” the Berachain Foundation statement said.
What caused the vulnerability
According to analytics company Nansen, the cause of the hack was an error in the Balancer V2 access control system, which allowed the attacker to create fake fees and convert them into real assets through two transactions on the Ethereum network. The entire operation took less than 90 seconds.
Since BEX uses similar code, the attack revealed a similar vulnerability within the Berachain ecosystem. Because the exploit affected assets not related to the native BERA token, the solution required a complex rollback mechanism rather than a simple hard fork.
“Since the incident affected not only native tokens, the recovery process includes both a rollback and a chain reorg, which required a complete network halt,” the foundation noted.
Negotiations with the ‘white hat’ hacker
The foundation also reported that it is in talks with the MEV bot operator whose wallet received the stolen funds. According to project representatives, this participant confirmed that they are a “white hat” — an ethical hacker — and are ready to return the assets as soon as the network is restarted.
After operations are restored, the team promises to publish a report on the security measures taken in BEX, other key applications, and the entire Berachain infrastructure. Further steps for DEX development and user protection measures are also planned to be disclosed.
The community supported the network halt
The decision to suspend the network sparked heated discussion in the industry. Project co-founder Smokey The Bera called the move “controversial but necessary” to protect user deposits.
Well-known analyst ZachXBT also supported the decision, noting that priority should be given to fund security rather than network uptime.
What’s next?
Berachain plans to resume operations after confirmation of updates from all validators and RPC partners. After the restart, the team promises to conduct a security audit and implement additional protection mechanisms to prevent similar incidents.
The hard fork became the first major test for the network, which positions itself as next-generation decentralized finance infrastructure. The team’s response demonstrated readiness to act quickly and in a coordinated manner, which strengthened community trust after the crisis.
Read more: Crypto market liquidations exceeded $1.3 billion after Bitcoin fell below $104,000
