👑 Power Dynamics: Whale vs Retail
Discover how token distribution shapes governance outcomes
Understand how voting power is calculated
Your Progress
0 / 5 completed🎯 Power Dynamics: Governance Attacks and Control
Token-weighted voting creates a market for governance control. Want to control a DAO? Buy enough tokens. This enables governance attacks: accumulate voting power, pass extractive proposal, exit. The attack cost depends on three factors: token price, liquidity (how many tokens available to buy), and majority threshold (51%? 66%?). Small DAOs with low token prices are vulnerable. Large DAOs with high prices and distributed ownership are expensive to attack but still possible.
🎮 Interactive: Governance Attack Cost Calculator
Calculate the cost to buy 51% control of a DAO. Adjust token price and liquidity. See how these factors affect attack feasibility.
🏴☠️ Real Governance Attacks
Attacker took flash loan, bought majority of governance tokens, passed proposal to send treasury to themselves, executed in same block, repaid loan. Profit: $80M after loan fees.
Attacker accumulated 26% of tokens quietly over weeks, passed proposal to grant themselves admin control, community couldn't stop it. DAO abandoned.
Proposal passed to send $20M UNI to "education fund". Recipients immediately sold $10M, crashing price. Community furious but can't reverse on-chain votes.
🛡️ Defense Mechanisms
Proposals wait 2-14 days before execution. Community has time to react, exit, or coordinate counter-measures. Standard protection.
Need 4-15% of all tokens to vote for proposal to pass. Makes attacks need broader support, can't just buy 51% and vote alone.
Trusted addresses can veto malicious proposals during timelock. Centralized but effective safety valve. Used by Compound, Aave.
Must lock tokens for months/years to get voting power. Curve's veCRV model. Prevents flash loan attacks, aligns long-term incentives.
💡 Key Insight
Token-weighted voting turns governance into a market. This has consequences: control is buyable, attacks are economically rational if treasury value > attack cost, and defense requires constant vigilance. The Beanstalk attack proves that even "decentralized" systems can be captured in minutes if governance isn't protected. Modern DAOs layer defenses (timelocks, quorums, guardians) but these add friction and centralization. The fundamental tension remains: make governance fast and responsive (vulnerable to attacks) OR make it slow and protected (sacrifices agility). Most choose slow/safe, accepting governance gridlock as the cost of security. Next, we'll explore alternatives to simple token weighting that try to balance power more equitably.