First and foremost, my greatest sympathies to the @Balancer team as well as everyone affected by this exploit. It's always a rough day when there's a significant DeFi hack like this, let alone from an OG protocol. More than the dollar cost of the stolen funds, this genuinely hurts all of crypto and DeFi's image as a whole and sets our industry back several months. Fact of the matter is that Solidity is just too insecure a language for it to truly be the one that hosts the future of finance. Solidity has just too large of a surface area that makes it prone to hacks, with devs relying on manual checks for everything from access controls to precise math, and it is exactly why asset-first languages like Move were invented to begin with. After doing a bit of digging, this was how Balancer was hacked: Attackers exploited rounding errors in stable pool swaps to distort the pool's invariant, a key math constant that represents balanced liquidity. They started with flash-loaned swaps of BPT (Balancer Pool Tokens) for an underlying asset like cbETH, pushing balances to exact rounding boundaries (e.g., scaled to 9). Then, they swapped between assets like wstETH to cbETH with crafted amounts (e.g., ~8.918 rounded down to 8 due to fixed-point scaling), underestimating reserve changes and artificially deflating the invariant (D). This tanked the BPT price (D / totalSupply), letting attackers reverse-swap to mint excess BPT cheaply, burn it to withdraw underlying assets at "normal" rates, and pocket the difference, essentially stealing from liquidity providers. Profits accumulated in the Vault's internal balances and were cashed out via manageUserBalance with WITHDRAW_INTERNAL, no direct auth bypass needed since the math flaw subsidized the theft. It's a precision loss in Solidity's manual fixed-point libraries that cascades into massive drains. The way Move would have bypassed this hack altogether is by baking in safety at the core: Assets are treated as resources with linear types that enforce strict conservation (no unintended dupes, drops, or losses), and math uses exact u64/u128 integers with built-in overflow aborts, no floats, no exploitable rounding slips in complex calculations. In a Move-based DEX, swap functions would atomically check and update invariants via the VM, aborting on any imbalance, such as: public entry fun swap(pool: &mut LiquidityPool, in: Coin, out_amt: u64): Coin { assert!(coin::value(&in) >= calculate_required_in(pool, out_amt), E_INSUFFICIENT_INPUT); coin::merge(&mut pool.coin_x_reserve, in); let out = coin::extract(&mut pool.coin_y_reserve, out_amt); assert!(check_invariant(pool), E_INVARIANT_VIOLATION); out } Plus, atomic transactions kill reentrancy risks. This is why Move ecosystems have far fewer exploits compared to the EVM. It's time for DeFi builders to embrace languages like Move that prioritize security from the ground up, so we can finally build a resilient financial future without preventable setbacks like this.