Share article

Balancer just put a price cap on mercy, and it is 10%.

Balancer DAO has approved a governance proposal that limits any recovery bounty tied to last year's roughly $128 million exploit to a maximum of 10% of recovered funds. [1] The decision rolls back an earlier stance from Balancer's security team, which had floated a 20% one time offer to the attacker in an attempt to accelerate returns. [2]

The move signals a harder negotiating line from the community: come back with the funds (or high quality information that helps retrieve them), but do not expect a massive payday for the privilege.

Ethereum Co-Founder Vitalik Buterin Suggests Decentralized Governance Blueprint for Russia

Enjoy articles without ads?

Register for free and get unlimited access to all articles.

What the DAO actually voted for

The newly approved proposal caps the payout for a recovery bounty at 10%, covering either:

  • Return of funds by the attacker, or
  • Information leading to recovery, depending on how the final bounty terms are applied in practice

While "bounty" headlines often read like a simple refund deal, these programs usually try to cover multiple paths to recovery. Sometimes the attacker returns assets directly, sometimes funds are frozen downstream, and sometimes a third party provides intel that helps identify wallets, intermediaries, or offramps.

This cap is the key point: even if negotiations get messy, the DAO is limiting how much upside the attacker (or any claimant) can extract from the situation.

Aave Labs' 'Aave Will Win' Proposal Would Route 100% Product Revenue to the DAO in New Value Accrual Framework

Why the 20% offer got clipped

Balancer's security team had previously posted a 20% one time offer to the exploiter. [3] That kind of number is not unheard of in DeFi, but it is also politically toxic. Token holders and LPs are rarely thrilled to watch a large slice of stolen funds be legitimized as a "reward," especially when the exploit inflicted real losses and reputational damage.

Capping at 10% does a few things:

  1. Reduces moral hazard: Big bounties can feel like a soft incentive structure for repeat attacks. Nobody wants to normalize "hack, then negotiate."
  2. Creates a clean negotiating anchor: Governance is saying, "This is the ceiling." It limits the attacker's ability to drag talks into a bidding war.
  3. Aligns closer to industry norms: Plenty of recovery offers cluster in the mid single digits to low double digits. Ten percent reads like a standard settlement band rather than a panic premium.

Of course, there is a tradeoff. If the attacker is purely profit motivated and believes they can launder or OTC the assets with a higher expected value, a lower bounty can reduce the chance of a voluntary return. That is the uncomfortable math the DAO just accepted.

The context: a $128M hole and a long tail of recovery work

The exploit in question, referenced by the DAO and community discussions, totaled about $128 million and occurred in November. [1] Even when the initial incident is contained, the aftermath can stretch for months: tracing flows, coordinating with exchanges, working with chain analytics, and trying to prevent secondary losses as compromised liquidity and copycat attacks appear.

Balancer's decision arrives well after the initial shock phase, which matters. Early offers are often made under maximum uncertainty, when teams do not know if the attacker will keep moving funds, whether additional vulnerabilities exist, or if more pools are exposed. Later governance actions tend to reflect colder risk assessment and the community's willingness to set precedent.

Think of it as going from "please just stop the bleeding" to "we need rules so this does not become the new normal."

Chainalysis Report: Suspected Human-Trafficking Crypto Flows Topped Hundreds of Millions in 2025

What a 10% cap means in dollars

Ten percent of $128 million is up to $12.8 million.

That number is still enormous. It is also a meaningful signal to any attacker weighing options:

  • If they return most or all funds, they could still walk away with a multi million dollar bounty.
  • If they do not, they face higher operational risk, including tainted funds, frozen exit routes, and the possibility of being identified over time.

The DAO is basically saying: there is still a lane for you to take the "whitehat" exit, but you are not getting a fifth of the entire haul for it.

Governance optics: community control vs security team urgency

One underappreciated angle here is decision authority.

Security teams often move fast because exploit response is an incident, not a committee meeting. A quick 20% offer can be framed as an emergency lever to reduce harm. DAOs, meanwhile, think about second order effects: precedent, fairness, and whether a generous deal encourages future degens to try their luck.

Balancer's vote shows that the community wants the final word on big picture settlement terms, even if security teams initially take a more flexible posture during the crisis window.

That is not just governance theater. It impacts future incidents. Attackers watch how protocols respond, and so do users deciding where to park liquidity.

The bigger DeFi takeaway: bounties are negotiation, not justice

Recovery bounties sit in a gray zone. They are not the same as bug bounties for responsible disclosure. They are post exploit settlements, often offered when funds have already left the building.

Calling it a "bounty" helps, but the reality is closer to hostage negotiation with onchain receipts.

Capping the offer at 10% is Balancer trying to balance two competing goals:

  • Maximize recovered funds for users and LPs
  • Avoid paying so much that the protocol looks like it rewards the exploit

It will not satisfy everyone. Some victims will say any payout to an exploiter is unacceptable. Others will argue that getting 90% back is better than getting 0% back and watching funds get washed for years.

Both arguments are rational, which is why DAOs keep having these votes.

BlackRock-Linked Investment Sends Uniswap (UNI) Up 30% as DeFi Rally Heats Up

What to watch next

Watch the onchain flows and the messaging cadence.

If meaningful funds start moving back toward known Balancer controlled addresses, or if credible intermediaries begin signaling cooperation, the 10% cap may prove sufficient to close a deal and prevent more laundering.

If no returns materialize and funds keep fragmenting across chains and services, expect Balancer stakeholders to lean harder on tracing, exchange coordination, and any legal or compliance pressure available, rather than sweetening the bounty. The DAO just set a ceiling, and breaking it would be an admission that the attacker has the upper hand.

If 10% holds, watch for a settlement. If it breaks, expect a messy precedent and a lot of angry governance threads.

Tags

#DeFi#Balancer#Balancer DAO#Crypto exploit#Hack bounty#governance vote#Fund recovery#protocol security#$128M hack