The Compound Finance (COMP) treasury has been drained of $25 million in a current governance assault, elevating alarms in regards to the state of decentralized governance within the decentralized finance (DeFi) ecosystem.
Compound DAO Hijacked
In accordance to researcher DeFi Ignas, the assault started with an preliminary proposal to grant 92,000 COMP tokens, submitted with out prior dialogue on the Compound DAO discussion board.
Regardless of “obvious crimson flags” recognized by the challenge’s safety advisor, Michael Lewellen, the warning obtained minimal engagement from the group, with only some voices, akin to MonetSupply and Wintermute, elevating issues.
Associated Studying
However the story took an much more troubling flip when Humpy returned with a 3rd proposal, this time requesting 499,000 COMP tokens – a 5.4x enhance from the preliminary 92,000. Curiously, this proposal sailed by, with solely 57 addresses casting their votes.
Who Is Humpy, And How Did He Amass Such Outsized Affect?
In accordance to DeFi researcher StableScarab, Humpy is a serious participant throughout a number of DeFi protocols, adeptly exploiting incentive designs to build up huge quantities of governance tokens. His ways allowed him to realize vital management over Balancer, an Ethereum-based automated market maker in 2022, and now he has set his sights on Compound.
The researcher highlights that this incident unveils a essential challenge in DeFi governance: “the phantasm of decentralization.”
Whereas Compound decentralized autonomous group (DAO) is touted as a decentralized decision-making physique, the truth, within the phrases of StableScarab, is {that a} mere 20 addresses usually take part in governance votes.
The researchers declare that even when contentious proposals are put forth, the broader group stays largely detached, seemingly unaware or unconcerned with the implications.
Associated Studying
Furthermore, the Compound staff itself seems disengaged, with the official @compoundfinance X account going silent on the time of writing, hours after the incident.
This raises questions in regards to the true nature of the protocol’s governance construction, because it appears Gauntlet, a paid advisor, successfully runs the DAO. StableScrab additional famous:
Humpy’s affect goes past governance. He has his personal token, @Gold_On_Chain, for his ‘Golden Boys’ group. After immediately’s Compound occasion, $GOLD’s worth doubled as speculators guess on Humpy’s skill to proceed discovering “extremely worthwhile” governance/farming methods.
Alternatively, the Compound’s native token COMP has retraced over 1% within the final 24 hours and over 7% prior to now week alone within the wake of the most recent deemed governance exploit.
Moreover, this has additional exacerbated the token’s ongoing downtrend for the reason that 2021 bull run, which noticed the token hit an all-time excessive of $910 in Could of that 12 months, and is at the moment down practically 95% from that degree.
It stays to be seen what communications the Compound staff will challenge to buyers and what different findings will come to mild within the wake of the exploit.
Featured picture from DALL-E, chart from TradingView.com