Home >web3.0 >Compound Governance Attack Storm: A suspected 'habitual offender' whale hoarded a large amount of coins and forced the passage of a $24 million proposal

Compound Governance Attack Storm: A suspected 'habitual offender' whale hoarded a large amount of coins and forced the passage of a $24 million proposal

WBOY
WBOYOriginal
2024-07-30 01:30:531176browse

Compound Governance Attack Storm: A suspected habitual offender whale hoarded a large amount of coins and forced the passage of a $24 million proposal

Original title: $24 million Compound Finance proposal passed by whale over DAO objections

Compiled by: Fairy, ChainCatcher

Lending protocol Compound Finance A recently passed proposal sparked accusations of a governance attack from community members, who claimed that a A small group of people forced the proposal through by acquiring tokens in large quantities on the open market.

On Sunday, Proposition 289, which allocates 5% of Compound’s treasury, or 499,000 COMP tokens worth approximately $24 million, to a “Golden Boys”-designed yield protocol, passed by a margin of 682,191 to 633,636 votes , for a period of one year. Voting on the proposal begins at 11:40 p.m. Thursday and continues through the weekend.

However, community members claim that there is more to the story behind these voting results.

Michael Lewellen, security solutions architect at OpenZeppelin and security consultant at Compound Finance, pointed out on his X account that multiple accounts purchased COMP tokens in large quantities on the open market and proposed multiple intentions to transfer COMP holdings to Proposal for goldCOMP product created by Golden Boys.

Following Lewellen’s security alert, several community members, including Wintermute Governance, Columbia Blockchain, Penn Blockchain, and StableLab, expressed similar concerns as the team made two more attempts after the initial proposal failed. In a personal opinion posted after the creation of Proposal 289, Lewellen said: “In my personal opinion, if @Humpy and the Golden Boys team continue to persist in trying to obtain funds from the protocol, clearly against the wishes of all other Compound DAO representatives, their actions can Seen as a governance attack.”

However, after Prop. 289 passed, Golden Boys lead Humpy defended the proposal in an article rebuking Lewellen. Humpy claims: "'Stealing funds' is a wrong and misleading term, especially coming from a risk expert. The requested investment is set up through a trust with a set of binding actions that does not allow for the theft or transfer of funds."

In an earlier post, Wintermute's governance account questioned whether the "trust setup" actually prevented the transfer of funds, writing: "Any form of withdrawal action (divestment) is completely controlled by GoldenBoyzMultisig, which means that the DAO cannot Recall the funds on its own. The DAO needs to vote to initiate the PHASE update and then trust GoldenBoyzMultisig to call the relevant divestment function.” Bryan Colligan, founder and CEO of Compound’s official growth team, pointed out that even setting aside the risks, this opportunity is for Compound Finance. Doesn't seem that profitable either. “Security issues aside, based on our early analysis, there are many better POL opportunities that can be realized through cooperation with emerging chains and decentralized exchanges. Most of these opportunities have annualized returns between 15-20%. time, some even as high as 40%.”

While Humpy does not appear to be acting entirely alone, at least one of the five members of the Golden Boys multisig wallet claimed to be completely unaware of the proposal. Ogle, one of four other managers of the multisig wallet mentioned by Humpy, said: "Multisignature was used a long time ago, had no idea the vote was taking place, and did not participate in the vote." Ogle later responded more cautiously to the accusations of governance attacks In response, he wrote under the proposal: "From my interactions with them last year, although they were motivated by self-interest, there was nothing wrong with their behavior, so if I want to "hurt" some people, I Surprised. My guess is that this is a way for everyone including the team to make money, but I really just heard about it... so I don't know any more than you do."

According to The Block’s Compound price page, Compound’s token price fell by nearly 7% in the 24 hours after the proposal was passed.

Humpy is not the first time to launch a governance attack

It is said that Humpy has participated in similar attempts and seems to have used the DAO's governance process to obtain excessive personal benefits. In a long-running event in 2022, Ethereum-based DeFi protocol Balancer engaged in a lengthy battle with Humpy, whose proposal was approved by whales in a massive vote.

A report from Messari states: “Between April and December 2022, Balancer struggled to align Humpy’s activity with the goals of the DAO through incentives, and it was forced into a cat-and-mouse game by Governance to control the profit-seeking activities of whales.”

While Humpy’s team and the protocol eventually reached a peace agreement, the battle involved Humpy using multiple wallets to control over 50% of the vote share, essentially unilaterally passing more than 50% of the vote. proposal.

In March of this year, Humpy was also accused of an attack by Jared Gray of SushiSwap. Gray wrote in an performance and distribution.”

Grey also responded to the passage of Proposition 289, posting on X on Sunday: "Sad for the ongoing governance attacks by Compound and Humpy."

The above is the detailed content of Compound Governance Attack Storm: A suspected 'habitual offender' whale hoarded a large amount of coins and forced the passage of a $24 million proposal. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn