The Compound Finance (COMP) treasury has been drained of $25 million in a current governance assault, elevating alarms concerning the state of decentralized governance within the decentralized finance (DeFi) ecosystem.
Compound DAO Hijacked
In accordance to researcher DeFi Ignas, the assault started with an preliminary proposal to grant 92,000 COMP tokens, submitted with out prior dialogue on the Compound DAO discussion board.
Regardless of “evident purple flags” recognized by the challenge’s safety advisor, Michael Lewellen, the warning obtained minimal engagement from the neighborhood, with just a few voices, akin to MonetSupply and Wintermute, elevating considerations.
Associated Studying
However the story took an much more troubling flip when Humpy returned with a 3rd proposal, this time requesting 499,000 COMP tokens – a 5.4x improve from the preliminary 92,000. Curiously, this proposal sailed by means of, with solely 57 addresses casting their votes.
Who Is Humpy, And How Did He Amass Such Outsized Affect?
In accordance to DeFi researcher StableScarab, Humpy is a significant participant throughout a number of DeFi protocols, adeptly exploiting incentive designs to build up huge quantities of governance tokens. His ways allowed him to realize important management over Balancer, an Ethereum-based automated market maker in 2022, and now he has set his sights on Compound.
The researcher highlights that this incident unveils a essential challenge in DeFi governance: “the phantasm of decentralization.”
Whereas Compound decentralized autonomous group (DAO) is touted as a decentralized decision-making physique, the fact, within the phrases of StableScarab, is {that a} mere 20 addresses usually take part in governance votes.
The researchers declare that even when contentious proposals are put forth, the broader neighborhood stays largely detached, seemingly unaware or unconcerned with the implications.
Associated Studying
Furthermore, the Compound crew itself seems disengaged, with the official @compoundfinance X account going silent on the time of writing, hours after the incident.
This raises questions concerning the true nature of the protocol’s governance construction, because it appears Gauntlet, a paid advisor, successfully runs the DAO. StableScrab additional famous:
Humpy’s affect goes past governance. He has his personal token, @Gold_On_Chain, for his ‘Golden Boys’ neighborhood. After right this moment’s Compound occasion, $GOLD’s worth doubled as speculators guess on Humpy’s capability to proceed discovering “extremely worthwhile” governance/farming methods.
However, the Compound’s native token COMP has retraced over 1% within the final 24 hours and over 7% prior to now week alone within the wake of the most recent deemed governance exploit.
Moreover, this has additional exacerbated the token’s ongoing downtrend because the 2021 bull run, which noticed the token hit an all-time excessive of $910 in Might of that 12 months, and is presently down practically 95% from that stage.
It stays to be seen what communications the Compound crew will challenge to buyers and what different findings will come to gentle within the wake of the exploit.
Featured picture from DALL-E, chart from TradingView.com
