On March 24, 2026, Balancer co-founder Fernando Martinelli posted to the Balancer governance forum under the title “On the Future of Balancer: Shutting Down Balancer Labs, Supporting the Path Forward.” The announcement confirmed that Balancer Labs — the corporate entity that incubated, funded, and developed the Balancer decentralized exchange since its 2020 launch — will be wound down.
Martinelli’s framing was direct: “BLabs, as a corporate entity, has become a liability rather than an asset to the protocol’s future and is just not sustainable as is without any sources of revenue.”
The liability he was referring to is the $110 million V2 exploit on November 3, 2025 — the third known security breach linked to Balancer, which involved assets including osETH, WETH, and wstETH. The exploit did not just drain funds. It attached ongoing legal exposure to the corporate entity in a way that made continued operation untenable.
Five Years of Protocol History, Ended in Months
Balancer launched in 2020 as one of the defining infrastructure protocols of DeFi’s first wave. At its peak in late 2021, the protocol held nearly $3.5 billion in total value locked, placing it alongside Aave, Uniswap, and Curve as foundational infrastructure for decentralized trading.
The decline was long before the November exploit. Balancer’s TVL had already dropped to about $800 million by October 2025, then fell by another $500 million in the two weeks after the hack. The protocol’s total value locked has now plummeted 95% from its 2021 high to approximately $157 million. BAL, the protocol’s governance token, was trading at $0.72 as of the announcement — down roughly 88% from its all-time high.
The economic model compounded the security damage. CEO Marcus Hardt explained that spending on liquidity incentives vastly exceeded revenues, steadily eroding value for BAL token holders and making it nearly impossible to reach sustainable profitability. Martinelli described the existing incentive structure as a “circular bribe economy that costs more than it generates” — with the veBAL governance model captured by meta-governance protocols and bribe markets that made voting unrepresentative of actual contributors.
The November 2025 exploit did not cause this structural deterioration. It accelerated it beyond the point of recovery for the corporate entity.
What “Legal Exposure” Actually Means
The shutdown announcement is notable for its candor about why corporate dissolution is the chosen response. Martinelli did not frame the shutdown as a strategic pivot or a tactical restructuring. He framed it as legal triage.
“The Nov 3, 2025, v2 exploit created real and ongoing legal exposure. Maintaining a corporate entity that carries the liability of past security incidents, while the protocol itself needs to move forward unburdened, is not responsible stewardship,” Martinelli wrote.
The logic is precise: a corporate entity is a legal person. It can be sued. It can be held liable for damages arising from the products and services it operates. When a DeFi protocol experiences a $110 million exploit, users who lost funds have legal recourse against the corporate entity associated with that protocol — recourse they do not have against a DAO, a smart contract, or a decentralized foundation without a clear legal domicile.
By dissolving Balancer Labs, forming a new Balancer OpCo with essential staff pending governance vote, and transferring protocol operations and 100% of fee revenue to the DAO treasury, the restructuring attempts to separate the protocol’s future operations from the legal history of the entity that built it. Whether that separation holds under legal scrutiny is a question courts, not governance forums, will ultimately answer.
This is not unique to Balancer. The pattern of corporate dissolution following major exploits has emerged as a strategic response across the industry precisely because the legal liability of a DeFi exploit can exceed the company’s ability to continue operations. The exploit did not just damage the protocol. It made the company a target.
The Protocol Continues. The Question Is Whether That Matters.
Martinelli’s announcement is explicit that the Balancer protocol itself is not shutting down. The restructuring plan is detailed: BAL emissions would be cut to zero, ending what Martinelli described as a “circular bribe economy that costs more than it generates.” The veBAL governance model would be wound down. Protocol fees would be restructured so the DAO treasury captures 100% of revenue instead of the current 17.5%. The v3 protocol share would drop to 25% to attract organic liquidity. A BAL buyback would offer holders exit liquidity.
The product scope narrows to five areas: reCLAMM pools, liquidity bootstrapping pools, stablecoin and liquid staking token pools, weighted pools, and non-EVM chain expansion. Everything else is cut.
Despite these setbacks, Martinelli highlighted that the protocol generated more than $1 million in fees over the most recent three-month period. However, he conceded that this revenue is insufficient to support the previous corporate structure, even if it could sustain a leaner operational model.
The OpCo model is a bet that a skeleton crew operating under DAO governance, with zero token emissions and 100% fee flow to the treasury, can sustain a protocol that once required a full corporate entity to operate. That bet may be correct. What the thesis cannot change is the reason Balancer Labs is shutting down: a $110 million exploit that its corporate structure could not survive.
The Immutability Argument, at Its Endpoint
The Balancer shutdown is the clearest illustration this series has produced of what security incidents ultimately cost — not just in drained funds, but in institutional survival.
The November 2025 exploit was the third time Balancer’s protocol was breached. Each breach generated legal exposure. Each breach eroded TVL. The November 2025 exploit marked the third known breach linked to Balancer and involved assets such as osETH, WETH, and wstETH. The cumulative weight of three exploits across the life of a single corporate entity produced an outcome that $110 million in user losses, standing alone, does not fully explain: a company that decided its own continued existence was a liability to the project it built.
The specific technical mechanism of the November 2025 exploit has not been definitively characterized across all sources — the exact vulnerability class remains disputed between secondary sources. What is not disputed is the structural condition that made repeated breaches possible: Balancer’s protocol is upgradeable, governance-controlled, and continuously modified through proposal processes. Each modification introduces new surface area. Three exploits in five years is not bad luck. It is the expected output of a protocol whose security properties change with every governance vote.
This is the argument that runs through every article in this series, now visible at its logical endpoint. The Moonwell oracle misconfiguration cost $1.78 million. The Solv reentrancy cost $2.7 million. The Venus oracle manipulation cost $2.15 million. The USR minting flaw cost $25 million. The dTRINITY deposit inflation cost $257,000. Balancer’s cumulative exploit history, culminating in $110 million, cost a company.
The pattern is consistent. Protocols that can be modified will be exploited through the conditions their modifications introduce. The legal and institutional consequences of those exploits compound over time. A company that is legally exposed by its protocol’s security history cannot easily separate itself from that history — until it dissolves.
A protocol with no upgrade mechanism generates no post-deployment attack surface. It also generates no post-deployment legal exposure from conditions introduced by upgrades — because no upgrades occur. The security audit at deployment is the final audit. The code that runs in year one is the code that runs in year five.
That permanence is not a feature 0xKeep added after the fact. It is the design decision that prevents the Balancer outcome from being a possible outcome.
Fact-check note: Most major coverage — CoinDesk, TradingView, Blockonomi — reports the November 2025 exploit at $110 million. Two secondary sources report $128 million. This article uses the $110 million figure as the consensus across primary sources. The technical mechanism of the November 2025 exploit has not been independently verified for this article; readers should consult Balancer’s own post-mortem documentation for authoritative technical detail.
0xKeep operates on an immutable, zero-admin-key architecture. No wallet — including those controlled by the 0xKeep team — can pause, modify, or interact with deployed contracts. Time is the only admin.
Deploy on Base, Arbitrum, or Optimism at 0x-keep.xyz Follow protocol updates: @0xKeep_official