Breakage analysis per dependency

Balancer (v2 + v3)'s assessment for RD-F-052 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Breakage analysis partially documented through exploit post-mortems and architecture docs. Key failure modes: (1) Aave rate failure → swap/join/exit freeze on affected Boosted Pool; (2) wstETH rate failure → wstETH pool pricing disruption; (3) ERC-4626 vault exploit → Linear Pool misvaluation; (4) v3 hook oracle failure → swap reverts for that pool. The August 2023 ($2.1M) and November 2025 ($128M) exploits provide empirical breakage evidence for the rate-math path. No single formal breakage-analysis document exists, but major dependencies are covered in audit reports and post-mortems.

Detail #

Template: yellow = partial analysis (major deps covered). All critical dependencies (Aave, Lido, Chainlink) have been identified. The pool-isolation architecture limits contagion. A formal written breakage-analysis with mitigations-per-dependency has not been found in protocol documentation.

Sources #

Docs
Rate Providers | Balancer v3v3 rate provider docs — rate refresh architectureretrieved 2026-05-05
URL
Balancer hack analysis | Trail of BitsTrail of Bits Nov 2025 hack analysis — breakage pattern for v2 ComposableStablePoolretrieved 2026-05-05

Methodology #

Produce a short per-dependency text describing which protocol functions halt or degrade and impact severity if each declared dependency fails.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-052 score yellow collected_at 2026-05-05 12:41:36