โ ๏ธ Governance Attacks: Hostile Takeovers
Learn how attackers exploit voting systems for profit
Upgrade blockchain protocol through voting
Your Progress
0 / 5 completedGovernance Attacks
Attack Vectors
On-chain governance systems face unique security challenges. Attackers can exploit voting mechanisms, economic incentives, and protocol rules to pass malicious proposals or extract value.
๐ฎ Governance Attack Simulator
Choose an attack and defend your protocol:
Attack Configuration
Select Protocol Defenses:
Real-World Attacks
Beanstalk Governance Attack (2022)
Attacker used $1B flash loan to acquire 79% voting power, passed malicious proposal to drain $182M in 13 seconds. No timelock delay allowed instant execution.
Tornado Cash Governance Takeover (2023)
Attacker accumulated 1.2M TORN tokens (25% supply) over months, proposed giving themselves 10,000 TORN, self-approved with majority voting power.
Curve Wars - Bribery Markets
Protocols bribe veCRV holders via Votium/Hidden Hand to vote for their gauge weight. Not malicious, but shows how voting can be bought legally.
Defense Mechanisms
Mandatory 1-7 day delay between approval and execution. Gives stakeholders exit opportunity if they disagree with changes. Most critical defense mechanism.
Record voting power at proposal creation, not during vote. Prevents flash loan attacks and last-minute token accumulation to manipulate votes.
Require 30-60% participation threshold. Makes attacks expensiveโattacker needs massive capital to reach quorum alone. Tradeoff: legitimate proposals may fail.
Security multisig or guardian council can cancel malicious proposals. Centralization tradeoff for security. Used by Optimism, Compound as last resort.
โ ๏ธ The Security Trilemma
Governance systems cannot simultaneously maximize:
- โขSpeed: Fast decisions vs defense time windows
- โขDecentralization: Open participation vs concentrated attack resistance
- โขSecurity: Attack prevention vs governance flexibility