Home/Blockchain/Governance Attack Scenario/Defense Mechanisms

๐Ÿ›ก๏ธ Defense Mechanisms: Timelocks & Quorums

Discover how DAOs protect against governance exploits

Defend against hostile takeovers and manipulation

Your Progress

0 / 5 completed
1
2
3
4
5

๐Ÿ›ก๏ธ Defense Mechanisms & Trade-offs

You can't eliminate governance attacksโ€”only make them harder and more expensive. Every defense has trade-offs. Timelocks block flash loans but slow emergency response. High quorums increase security but kill participation. Quadratic voting reduces whale power but may drive away large holders. The goal: make attack cost exceed treasury value.

๐ŸŽฎ Interactive: Defense Strategy Builder

Select defense mechanisms to see combined effectiveness. Click each defense to toggle it on/off and see how protection levels change.

Security Rating
9.0/10
Flash Loan Protection
100%
Whale Protection
0%
Governance Speed
Slow
Strategy Recommendation

โš ๏ธ PARTIAL: Good flash loan protection, but whales can still accumulate power. Add delegation caps or quadratic voting.

โฐ

Timelock Delay

Mandatory 24-72hr wait between vote passing and execution

Security
9/10
Flash Loans:โœ“ Blocked
Whales:โœ— Not Blocked
โš ๏ธ Trade-off

Slow emergency response. Can't react quickly to market crashes or exploits.

Real Example

Compound: 2-day timelock blocks all flash loan attacks but delayed pause during exploit.

๐ŸŽฏ Recommended Defense Stacks

๐Ÿ’ผ High-Value Treasury ($100M+)
Stack: Timelock (48hr) + Snapshot Voting + High Quorum (40%) + Multi-Phase
Protection: Blocks flash loans completely. Makes whale attacks very expensive (need 40% of supply). Slow but extremely secure. Good for: Protocol upgrades, large treasury transfers.
โšก Fast-Moving Protocol ($10-50M)
Stack: Snapshot Voting + Delegation Caps (10%) + Quadratic Voting
Protection: Blocks flash loans, reduces whale power by 60%, prevents delegate cartels. Fast governance for operational decisions. Good for: Parameter changes, routine operations.
๐ŸŒ Community-First DAO ($1-10M)
Stack: Identity Verification (Gitcoin Passport) + Split Voting + Timelock (24hr)
Protection: Sybil resistance, separates treasury from protocol voting, moderate speed. Balances security with participation. Good for: Community grants, governance experiments.

โŒ Common Defense Mistakes

Just Timelock: Blocks flash loans but not whales. Build Finance had timelock, still got attacked via 20% accumulation.
Just High Quorum: Proposals never pass. Governance paralyzed. Community gives up, lowers quorum to 5%, then gets attacked.
Just Quadratic: Reduces whale power but doesn't block flash loans. Attacker borrows 10M tokens, gets 3162 votes (โˆš10M), still dominates.
No Defenses: "We trust our community" = famous last words. Beanstalk thought low-value token meant safety. Lost $182M.

๐Ÿ’ก Key Insight

Perfect security doesn't exist. You're choosing between trade-offs: security vs speed, decentralization vs efficiency, anonymity vs sybil resistance. The best defense is layered protectionโ€”combine 3-4 mechanisms that block different attack vectors. Timelock + snapshot + delegation caps = blocks flash loans, slows whales, prevents cartels. Single defense = single point of failure. Attackers always find the weak link.

โ† Whale Manipulation