$25 million was drained from the Compound Finance (COMP) treasury in a recent governance attack, raising concerns about the state of decentralized governance in Decentralized Finance (DeFi) Ecosystem.
DAO complex hijacked
According to DeFi researcher Ignas said the attack began with an initial proposal to give away 92,000 COMP tokens, which was submitted without prior discussion on the Compound DAO forum.
Despite the “glaring red flags” identified by the project’s security advisor, Michael Llewellyn, the warning received little engagement from the community, with only a few voices, such as MonetSupply and Wintertermute, raising concerns. Fears.
Related reading
But the story took a more disturbing turn when Humpy came back with a third proposal, this time asking for 499,000 COMP tokens — a 5.4x increase from the initial 92,000. Interestingly, this proposal passed easily, with only 57 addresses casting their votes.
Who is Hampi, and how did he gain such immense influence?
According to According to DeFi researcher StableScarab, Humpy is a major player across multiple DeFi protocols, skillfully exploiting incentive designs to amass massive amounts of governance tokens. His tactics allowed him to gain significant control over Balancer, an Ethereum-based automated market maker, in 2022, and now he has set his sights on Compound.
The researcher asserts that this incident reveals a very important issue in DeFi governance: “the illusion of decentralization.”
While the complex decentralized autonomous organization (DAO) is promoted as a decentralized decision-making body, but the reality, as StableScarab puts it, is that only 20 addresses typically participate in governance votes.
Researchers argue that even when controversial proposals are made, the wider community remains largely indifferent, seemingly unaware or unconcerned about the consequences.
Related reading
Furthermore, the Compound team itself appears to be uninvolved, with the official @compoundfinance X account going silent at the time of writing, hours after the incident.
This raises questions about the true nature of the protocol. Governance StructureGauntlet, a paid advisor, appears to be effectively managing the DAO. StableScrab also noted:
Humpy’s influence goes beyond governance. He has his own token, @Gold_On_Chain, for the “Golden Boys” community. Following today’s Compound event, $GOLD’s value has doubled as speculators bet on Humpy’s ability to continue finding “highly profitable” governance/farming strategies.
On the other hand, Compound’s native token, COMP, has fallen more than 1% in the last 24 hours and more than 7% in the past week alone in the wake of the latest governance exploit.
Additionally, this has exacerbated the token’s ongoing downtrend since its 2021 rally, which saw the token hit an all-time high of $910 in May of that year, and is currently down about 95% from that level.
It remains to be seen what communications the Compound team will send to investors and what other consequences will emerge in the wake of the exploit.
Featured image by DALL-E, chart by TradingView.com