Despite their name, many decentralized autonomous organizations aren’t autonomous, and control is often centralized among large tokenholders who have the power to sway governance decisions.
Whales or small groups of holders controlling as little as $17 million in tokens can attack protocols controlling over $2 billion in user funds.
Ironically, inactivity from other whales is also a problem. Their outsized voting power can protect protocols from governance attacks but is often wasted away doing nothing in the background.
“Participation in the current setup of DAO governance is very low, so the amount of money needed to attack these governance protocols is not so much,” Luca Prosperi, CEO of M^0 Labs, tells Magazine.
In several recent cases, DeFi whales have acquired a significant number of tokens and influenced governance decisions to get what they wanted.
Humpy’s controversial proposal highlights DAO governance flaws
The most infamous instance saw a crypto whale known as Humpy propose that Compound DAO allocate $25 million in COMP tokens to a yield-bearing protocol controlled by their group, the Golden Boys.
After two failed attempts, Humpy’s third succeeded on July 28. Compound security adviser Michael Lewellin suspected this proposal was made so that voting would take place over a weekend when participation is lower.
Though the proposal was ultimately canceled in favor of a yield-bearing product controlled by Compound, the situation could have been avoided if influential voters had been active.
Humpy’s group accumulated an estimated 325,333 COMP in the open market, just 75,000 short of the 400,000 quorum threshold.
At Compound, a16z holds the highest voting power through 333 delegations. Its 361,000 COMP represents 90.25% of the quorum.
Despite this, the VC firm rarely votes in governance decisions, even to thwart proposals other users see as “governance attacks.”
But maybe it has its reasons.
“If you’re such a large vote holder, then either you should vote with integrity on (almost) everything or vote on nothing at all,” Dan Hughes, founder of DeFi platform Radix DLT, tells Magazine.
“Voting on only a few proposals sends a signal of interference or agenda, even if it may not be. If your position is abstinence, then you should not accept delegation and delegate your vote power across a number of third parties.”
Humpy sat on several walls before Compound
Diego Alvarez, chief strategy officer at Ethereum layer-2 network Cyber, does not consider Humpy’s proposal at Compound a “governance attack” due to subsequent communications, a compromise and an eventual resolution.
“It was done within the systems and processes of the DAO, so if anything, it was a bit shady, but it was not outside the remit,” he says.
But Compound was not Humpy’s first rodeo.
The whale has allegedly pulled similar governance “moves” at DeFi protocols Balancer and Sushi.
While the Balancer saga ended in a “peace treaty,” Sushi’s run-in with Humpy left some dirty dishes in the sink.
Sushi’s “head chef” at the time, Jared Grey — who now heads Sushi Labs — and his operations team received heavy backlash in March 2024 for a proposal to transfer Sushi’s treasury assets to Sushi Labs, a United Kingdom entity incorporated in October 2023.
The move was called a “hostile takeover” by former Sushi developer Naïm Boubziz, but Grey defends it as an attempt to protect the protocol from Humpy’s alleged governance attack.
“During the [discussions], he made several legal threats directed at me and the team,” Grey tells Magazine. “He delegated some of his holdings to a group of disgruntled former Sushi contributors and community members, SushiCitizens, led by [Boubziz]. He applied pressure on the operations team in any way possible to get his desired outcome.”
Grey said that Humpy used SushiCitizens as a mouthpiece to launch “clandestine governance proposals” and post “inflammatory tweets” against the Sushi operations team.
“The deal he offered for the Sushi DAO and operation team initially included a supply increase of 750 million tokens, with two-thirds of the newly minted tokens going to pools of his choosing, one-third directly supporting his Golden Boys project,” Grey alleges, adding that his team did not agree to the deal.
Read also
Humpy responds
Regarding the claims and allegations against them, Humpy asked Magazine “how” and “who” should judge governance proposals to be clandestine. The whale also defended SushiCitizens as legitimate concerned DAO members.
“Legal action is by all means legal in democracy. Alas, I didn’t pursue legal action against this crooked team,” Humpy tells Magazine.
“Under the false guise of Sushi being under attack, the core team sent most of the DAO’s reserves to a UK company whose ultimate ownership is members team and lawyer,” they say.
Humpy did not say whether they believe recent proposals at Compound and Balancer to be governance attacks.
Various shapes and sizes of DAO governance complaints
Governance issues showcasing siloed control among rich insiders have been observed in even the largest DAOs.
“If you look really carefully, there are very small groups that haven’t been appointed, and they make all the decisions,” M^0 Labs’ Prosperi says.
He recalls a proposal at MakerDAO in 2022 that he believes was overpowered by a smaller group despite strong community support.
“I was asking for more checks and balances in the DAO, and at the time, all the large holders voted in favor — but it was not enough to overcome the founders of the DAO.”
Governance issues aren’t unique to large-scale DAOs.
In 2023, “hacktivists” known as “DAO raiders” took over Nouns DAO and Aragon DAO by gobbling up governance tokens to amass influence.
The raids led to governance threats and the extraction of $27 million from Nouns, while Aragon came out the other end as a nonprofit.
Compulsory voting system
Prosperi and M^0 have systems in place to ensure governance tokenholders don’t waste away their voting power by “punishing” those who do not participate.
“If you are not participating, you are progressively diluted out in terms of voting power for the protocol,” he says.
However, one reason investors may avoid voting is that they risk possible legal consequences by mingling with DAO decisions.
Read also
In June 2023, the US Commodity Futures Trading Commission won a legal case against Ooki DAO for operating an illegal trading platform. The outcome included fines and bans on trading and registration.
While only the founders were liable, the court classified DAOs as general partnerships, meaning members could be held responsible.
Elsewhere, the DAO behind Mango Markets recently voted in favor of a settlement proposal with the US Securities and Exchange Commission over security law violations, hoping to resolve the allegations without admitting or denying wrongdoings.
The SEC has yet to accept the proposal.
Complete decentralization is not realistic
DAOs distribute decision-making responsibilities among tokenholders, but this fails in practice due to real-life human behaviors, says Radix’s Hughes.
“A real tangible solution I could come up with is to have a redelegation model,” he says.
“If tokens are redelegated to more active voters whom you can trust, they can vote on your behalf, and this could represent more of the majority sentiment.”
Prosperi remains optimistic about the future of DAOs, noting that governance issues are more common in “first-generation” DAOs based on Compound’s governance model.
He says this design became the blueprint for early DeFi governance due to Compound’s monetization success, not its governance quality.
Many traders buy governance tokens like COMP for speculation rather than active participation, leading to inactive voters.
Newer protocols are learning from early DAO design flaws.
Prosperi’s M^0 separates governance tokens from fungible investment tokens, making it sensible to penalize inactive delegates.
Cyber’s Alvarez suggests a “security council” could veto proposals during governance raids, a concept adopted by newer DAOs like Optimism and Cyber’s DAO.
Compound introduced a similar feature called a “Guardian” on Aug. 17, and the proposal passed with overwhelming support — even a16z voted in favor.
Subscribe
The most engaging reads in blockchain. Delivered once a
week.
Yohan Yun
Yohan Yun is a multimedia journalist covering blockchain since 2017. He has contributed to crypto media outlet Forkast as an editor and has covered Asian tech stories as an assistant reporter for Bloomberg BNA and Forbes. He spends his free time cooking, and experimenting with new recipes.