• © Goverland Inc. 2026
  • v1.0.8
  • Privacy Policy
  • Terms of Use
BalancerBalancerby0x7019Be4E4eB74cA5F61224FeAf687d2b43998516Xeonus

[BIP-794] Enable Composable Stable Pool Pause functionality to Hypernative

Voting ended about 1 year agoSucceeded

PR with Payload

https://github.com/BalancerMaxis/multisig-ops/pull/1732

HYPERNATIVE – Balancer V2 Protocol

Version: 1.0

Updated: 20 January 2025

Summary

We propose to be given the authority to pause composable stable pools for Balancer v2, by installing a safe module to the Emergency SubDAO multi-sig to allow for quick threat mitigation and securing of funds in case of a security incident with Balancer.

Motivation

Given that composable stable pools on Balancer hold a significant amount of TVL, it is crucial to improve security measures. One of these measures is the possibility to pause a specific pool type. Upon pausing, it is not possible to trade in a pool but proportional withdrawals are still possible. By installing a safe module managed by Hypernative’s real-time monitoring platform will enhance the resiliency and security of the protocol and augment the team’s security operations while minimizing the risk of hacks and exploits, loss of funds and prevent catastrophic loss to create long-term sustainable growth.

Specification

The Balancer Emergency subDAO Safe on each network will install a safe Module to enable Hypernative to pause pools. A Module is a smart contract that executes a predefined set of instructions on behalf of the Safe address, pre-approved by the Safe signers, and capable of executing these instructions automatically. In this case, the instruction is to call the pause method for each Balancer pool. The module is attached via the Safe's enableModule function.

The Safe Module is triggered by hacks or exploits detected in Balancer's contracts by the Hypernative system. Hypernative scans blockchains in real-time and detects hacks & exploits using its machine learning model, from the moment of a deployed malicious smart contract targeting Balancer’s contracts to executing malicious transactions.

The list of pools is automatically updated whenever the PoolRegistered event is emitted on-chain, though the Balancer team can override this list if necessary.

Enabling the Safe Module: https://sepolia.etherscan.io/tx/0xc932ffe9dae0559654a9f01d8e403af396aceca10127ddf6b77d5d835ee18221

Currently deployed Balancer pools: https://dune.com/queries/4080393

Only CSPv6 pools are pausable, currently deployed on:

  • Ethereum
  • Base
  • Optimism
  • Polygon
  • Gnosis
  • Arbitrum
  • Avalanche
  • zkEVM

Corresponding modules will be configured on the above chains

Payload:

Function: execTransaction(address to, uint256 value, bytes data, uint8 operation, uint256 safeTxGas, uint256 baseGas, uint256 gasPrice, address gasToken, address refundReceiver, bytes signatures) ***

MethodID: 0x6a761202

Risk Assessment and Testing

Before coming forward with this proposal, a rigorous internal test has been conducted.

Key Components of the Test:

  1. Test Environment: The test was conducted on the Sepolia testnet to simulate a scenario where Balancer core contracts are compromised, requiring an emergency response to pause vaults.
  2. Watchlist Creation: Hypernative created a watchlist to monitor for hacks and exploits targeting Balancer’s core contracts and associated vaults. This watchlist is dynamic, automatically updating with each new vault created.
  3. Vault Monitoring: Hypernative’s system automatically adds new vaults to the watchlist by monitoring transactions where new pools are added.
  4. Emergency Pausing Mechanism: A function to pause all vaults is integrated into the system. For the demonstration, the Sepolia contract used was 0x4c2e985ccd0125afbd92d76b6738ec0afa01011b, and this functionality is connected to Balancer’s multisig, enabling centralized oversight and triggering during emergencies.
  5. Scenario Simulation:
  • Multiple vaults were deployed on the Sepolia testnet to simulate the operational environment.
  • An event was triggered, simulating a hack or exploit targeting Balancer core contracts.
  • Hypernative’s automated system detected the threat and initiated the pausing mechanism.
  1. Outcome:
  • All vaults on the watchlist were successfully paused in a timely manner, without requiring manual intervention.
  • Transaction Hash for the successful pausing: 0xf9a2d8d30cf87c2df2e2b46f679873959db118200f6662a07423ac2ef4c8ec3e
  1. Hypernative’s Role:
  • Hypernative acted as a Keeper, with no privileges on the contracts beyond the ability to pause them.
  • Hypernative Keeper Address: 0x3f2e8a2bf3237c3cb36d75e3ab8590c55e2d6f33

Technical Specification:

Balancer v2 emergency response - pausing CSPv6

Balancer wallets:

https://github.com/BalancerMaxis/bal_addresses/blob/969af472065081106ef0bac42094e2df5dee2552/extras/multisigs.json#L8

Deployed modules:

Ethereum: https://etherscan.io/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Arbitrum: https://arbiscan.io/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Base: https://basescan.org/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Optimism: https://optimistic.etherscan.io/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Polygon: https://polygonscan.com/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Avalanche: https://snowtrace.io/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Mode: https://explorer-mode-mainnet-0.t.conduit.xyz:443/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Gnosis: https://gnosisscan.io/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code Fraxtal: https://docs.fraxscan.com/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code zkEVM: https://zkevm.polygonscan.com/address/0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56#code

Chain Emergency wallet Module
Ethereum 0xA29F61256e948F3FB707b4b3B138C5cCb9EF9888 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Polygon 0x3c58668054c299bE836a0bBB028Bee3aD4724846 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Arbitrum 0xf404C5a0c02397f0908A3524fc5eb84e68Bbe60D 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Optimism 0xd4c87b33afcE39F1E3F4aF1ce8fFFF7241d9128B 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
zkEVM 0x79b131498355daa2cC740936fcb9A7dF76A86223 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Avalanche 0x308f8d3536261C32c97D2f85ddc357f5cCdF33F0 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Gnosis 0xd6110A7756080a4e3BCF4e7EBBCA8E8aDFBC9962 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Base 0x183C55A0dc7A7Da0f3581997e764D85Fd9E9f63a 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Mode 0x66C4b8Ba38a7B57495b7D0581f25784E629516c2 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56
Fraxtal 0xC66d0Ba27b8309D27cCa70064dfb40b73DB6de9E 0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56

Payloads:

  • On Base: DAO emergency multisig 0x183C55A0dc7A7Da0f3581997e764D85Fd9E9f63a on Base will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Ethereum: DAO emergency multisig 0xA29F61256e948F3FB707b4b3B138C5cCb9EF9888 on Ethereum will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Polygon: DAO emergency multisig 0x3c58668054c299bE836a0bBB028Bee3aD4724846 on Polygon will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Arbitrum: DAO emergency multisig 0xf404C5a0c02397f0908A3524fc5eb84e68Bbe60D on Arbitrum will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Optimism: DAO emergency multisig 0xd4c87b33afcE39F1E3F4aF1ce8fFFF7241d9128B on Optimism will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On zkEVM: DAO emergency multisig 0x79b131498355daa2cC740936fcb9A7dF76A86223 on zkEVM will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Avalanche: DAO emergency multisig 0x308f8d3536261C32c97D2f85ddc357f5cCdF33F0 on Avalanche will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Gnosis: DAO emergency multisig 0xd6110A7756080a4e3BCF4e7EBBCA8E8aDFBC9962 on Gnosis will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Mode: DAO emergency multisig 0x66C4b8Ba38a7B57495b7D0581f25784E629516c2 on Mode will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself
  • On Fraxtal: DAO emergency multisig 0xC66d0Ba27b8309D27cCa70064dfb40b73DB6de9E on Fraxtal will call enableModule(0xbaEa4E4A47a3b88e03C003DE6Baf8F5404DA9d56) on itself

Edit Maxis:

  • Replace specifications with newly deployed module

Off-Chain Vote

Yes, let's do it
2.9M veBAL100%
No, this is not the way
0 veBAL0%
Abstain
0 veBAL0%
Quorum:145%
Download mobile app to vote

Discussion

Balancer[BIP-794] Enable Composable Stable Pool Pause functionality to Hypernative

Timeline

Mar 12, 2025Proposal created
Mar 13, 2025Proposal vote started
Mar 17, 2025Proposal vote ended
Nov 27, 2025Proposal updated