Governance attack
An exploit that uses voting power (acquired or borrowed) to pass a proposal that drains a protocol.
Notable examples: Beanstalk (Apr 2022, $182M, flash-loan-funded vote), Compound proposal 117 (2024 near-miss). Mitigations: timelocks, quorum requirements, emergency-pause guardians, no-flash-loan voting. StableLens scores governance-attack surface based on token concentration, timelock duration, and emergency-action gating.
Related terms
- Governance tokenA token whose holders can vote on protocol parameters, treasury allocation, and code upgrades.
- TimelockA delay between when a governance action is queued and when it executes, giving the community time to react or exit.
- Flash loanAn uncollateralised loan that must be borrowed and repaid in the same transaction — atomic, or it reverts.