BTC $- · ETH $- · SOL $- · BNB $- · XRP $- · DOGE $- · TON $- · ADA $- · AVAX $- · LINK $- · SUI $- · TRX $- · gas - gwei degen 85/100

~/defi/dao $ cat governance-ataki-zahvat-golosov.md

defi DAO and Governance ·June 29, 2026 ru · en · zh · es · pt · de · fr · ja · ko · tr

DAO Takeover: How Voting Attacks Work and What We Learned from the Beanstalk Case

the crptch team · analytics desk · 2 reading time

A governance attack is a heist by the book: the attacker secures a majority of votes and legally votes the treasury to themselves. No bugs-just pure economics.

Case Study: Beanstalk (2022)

The attacker took out a flash loan, used it to buy a majority of the governance tokens, and in the same transaction passed an “emergency” proposal to drain the treasury (~$180 million in losses, ~$76 million in gains), then repaid the loan. The whole “democratic” process took 13 seconds. The protocol had no time lock on emergency proposals-and that was the entire vulnerability.

The Math Behind the Attack

An attack is profitable when the cost of a majority of votes is less than the available treasury. Dangerous configurations: a cheap token + a large treasury; a token available for borrowing in lending pools (votes can be rented); low turnout (a majority based on voters, not on the total supply); no time lock between voting and execution.

Standard safeguards

  • Time lock: days between adoption and execution-time to notice and evacuate.
  • Past vote snapshots: flash loans are useless if vote weight is fixed before the proposal.
  • Quorums and veto councils: an emergency brake against blatant plundering (at the cost of decentralization-an honest compromise).

Things to check before buying a governance token: treasury/market cap, whether there’s a time lock, and whether the token can be borrowed. If the treasury can be bought for less than its contents, someone will eventually do it.

$ grep --tags: #governance атака#beanstalk взлом#риски dao токенов

✓ track record