Crypto whales like Humpy are gaming DAO votes — but there are solutions

by skolnes


Voiced by Amazon PollyVoiced by Amazon Polly

Despite their name, many decentralized autonomous organizations aren’t autonomous, and control is often centralized among large tokenholders who have the power to sway governance decisions.

Whales or small groups of holders controlling as little as $17 million in tokens can attack protocols controlling over $2 billion in user funds.

Ironically, inactivity from other whales is also a problem. Their outsized voting power can protect protocols from governance attacks but is often wasted away doing nothing in the background.

“Participation in the current setup of DAO governance is very low, so the amount of money needed to attack these governance protocols is not so much,” Luca Prosperi, CEO of M^0 Labs, tells Magazine.

In several recent cases, DeFi whales have acquired a significant number of tokens and influenced governance decisions to get what they wanted.



Humpy’s controversial proposal highlights DAO governance flaws

The most infamous instance saw a crypto whale known as Humpy propose that Compound DAO allocate $25 million in COMP tokens to a yield-bearing protocol controlled by their group, the Golden Boys.

After two failed attempts, Humpy’s third succeeded on July 28. Compound security adviser Michael Lewellin suspected this proposal was made so that voting would take place over a weekend when participation is lower.

Though the proposal was ultimately canceled in favor of a yield-bearing product controlled by Compound, the situation could have been avoided if influential voters had been active.

Humpy’s group accumulated an estimated 325,333 COMP in the open market, just 75,000 short of the 400,000 quorum threshold.

Humpy Portfolio displayed on DeBank shows $45.9 million in crypto assetsHumpy Portfolio displayed on DeBank shows $45.9 million in crypto assets
Humpy’s crypto holdings as of Aug. 19. (DeBank)

At Compound, a16z holds the highest voting power through 333 delegations. Its 361,000 COMP represents 90.25% of the quorum.

Despite this, the VC firm rarely votes in governance decisions, even to thwart proposals other users see as “governance attacks.”

But maybe it has its reasons.

“If you’re such a large vote holder, then either you should vote with integrity on (almost) everything or vote on nothing at all,” Dan Hughes, founder of DeFi platform Radix DLT, tells Magazine.

Social media users argue that inactive delegates votes should be revoked.Social media users argue that inactive delegates votes should be revoked.
drnick)

“Voting on only a few proposals sends a signal of interference or agenda, even if it may not be. If your position is abstinence, then you should not accept delegation and delegate your vote power across a number of third parties.”

Humpy sat on several walls before Compound

Diego Alvarez, chief strategy officer at Ethereum layer-2 network Cyber, does not consider Humpy’s proposal at Compound a “governance attack” due to subsequent communications, a compromise and an eventual resolution.

“It was done within the systems and processes of the DAO, so if anything, it was a bit shady, but it was not outside the remit,” he says.

But Compound was not Humpy’s first rodeo. 

The whale has allegedly pulled similar governance “moves” at DeFi protocols Balancer and Sushi.

Naim Boubziz shares blockchain transactions to accuse Sushi core ops team of using the multisig wallet to vote for their proposal.Naim Boubziz shares blockchain transactions to accuse Sushi core ops team of using the multisig wallet to vote for their proposal.
(Naïm Boubziz)

While the Balancer saga ended in a “peace treaty,” Sushi’s run-in with Humpy left some dirty dishes in the sink.

Sushi’s “head chef” at the time, Jared Grey — who now heads Sushi Labs — and his operations team received heavy backlash in March 2024 for a proposal to transfer Sushi’s treasury assets to Sushi Labs, a United Kingdom entity incorporated in October 2023. 

The move was called a “hostile takeover” by former Sushi developer Naïm Boubziz, but Grey defends it as an attempt to protect the protocol from Humpy’s alleged governance attack.

“During the [discussions], he made several legal threats directed at me and the team,” Grey tells Magazine. “He delegated some of his holdings to a group of disgruntled former Sushi contributors and community members, SushiCitizens, led by [Boubziz]. He applied pressure on the operations team in any way possible to get his desired outcome.”

Grey said that Humpy used SushiCitizens as a mouthpiece to launch “clandestine governance proposals” and post “inflammatory tweets” against the Sushi operations team.

“The deal he offered for the Sushi DAO and operation team initially included a supply increase of 750 million tokens, with two-thirds of the newly minted tokens going to pools of his choosing, one-third directly supporting his Golden Boys project,” Grey alleges, adding that his team did not agree to the deal.

Read also


Features

Lushsux: A decade of ass-whoopin’ and skullduggery in a single NFT 


Features

Extinct or Extant: Can Blockchain Preserve the Heritage of Endangered Populations?

Humpy responds

Regarding the claims and allegations against them, Humpy asked Magazine “how” and “who” should judge governance proposals to be clandestine. The whale also defended SushiCitizens as legitimate concerned DAO members.

“Legal action is by all means legal in democracy. Alas, I didn’t pursue legal action against this crooked team,” Humpy tells Magazine. 

“Under the false guise of Sushi being under attack, the core team sent most of the DAO’s reserves to a UK company whose ultimate ownership is members team and lawyer,” they say.

Humpy did not say whether they believe recent proposals at Compound and Balancer to be governance attacks.

Luca Prosperi details how his proposal LOVE was outvoted by founders on X.Luca Prosperi details how his proposal LOVE was outvoted by founders on X.
(Luca Prosperi)

Various shapes and sizes of DAO governance complaints

Governance issues showcasing siloed control among rich insiders have been observed in even the largest DAOs.

“If you look really carefully, there are very small groups that haven’t been appointed, and they make all the decisions,” M^0 Labs’ Prosperi says.

He recalls a proposal at MakerDAO in 2022 that he believes was overpowered by a smaller group despite strong community support. 

“I was asking for more checks and balances in the DAO, and at the time, all the large holders voted in favor — but it was not enough to overcome the founders of the DAO.”

Governance issues aren’t unique to large-scale DAOs.

In 2023, “hacktivists” known as “DAO raiders” took over Nouns DAO and Aragon DAO by gobbling up governance tokens to amass influence. 

The raids led to governance threats and the extraction of $27 million from Nouns, while Aragon came out the other end as a nonprofit.

Compulsory voting system

Prosperi and M^0 have systems in place to ensure governance tokenholders don’t waste away their voting power by “punishing” those who do not participate.

“If you are not participating, you are progressively diluted out in terms of voting power for the protocol,” he says.

However, one reason investors may avoid voting is that they risk possible legal consequences by mingling with DAO decisions.

Read also


Features

Unforgettable: How Blockchain Will Fundamentally Change the Human Experience


Features

Soulbound Tokens: Social credit system or spark for global adoption?

In June 2023, the US Commodity Futures Trading Commission won a legal case against Ooki DAO for operating an illegal trading platform. The outcome included fines and bans on trading and registration. 

While only the founders were liable, the court classified DAOs as general partnerships, meaning members could be held responsible.

Elsewhere, the DAO behind Mango Markets recently voted in favor of a settlement proposal with the US Securities and Exchange Commission over security law violations, hoping to resolve the allegations without admitting or denying wrongdoings.

The SEC has yet to accept the proposal.

Complete decentralization is not realistic

DAOs distribute decision-making responsibilities among tokenholders, but this fails in practice due to real-life human behaviors, says Radix’s Hughes. 

“A real tangible solution I could come up with is to have a redelegation model,” he says.

“If tokens are redelegated to more active voters whom you can trust, they can vote on your behalf, and this could represent more of the majority sentiment.”

Prosperi remains optimistic about the future of DAOs, noting that governance issues are more common in “first-generation” DAOs based on Compound’s governance model.

He says this design became the blueprint for early DeFi governance due to Compound’s monetization success, not its governance quality.

Many traders buy governance tokens like COMP for speculation rather than active participation, leading to inactive voters.

Newer protocols are learning from early DAO design flaws. 

Prosperi’s M^0 separates governance tokens from fungible investment tokens, making it sensible to penalize inactive delegates.

Cyber’s Alvarez suggests a “security council” could veto proposals during governance raids, a concept adopted by newer DAOs like Optimism and Cyber’s DAO.

Proposal Guardian voting results show even a16z participated.Proposal Guardian voting results show even a16z participated.
Compound now has a “Guardian” that can veto proposals to mitigate potential governance attacks. (Tally)

Compound introduced a similar feature called a “Guardian” on Aug. 17, and the proposal passed with overwhelming support — even a16z voted in favor.

Yohan YunYohan Yun

Yohan Yun

Yohan Yun is a multimedia journalist covering blockchain since 2017. He has contributed to crypto media outlet Forkast as an editor and has covered Asian tech stories as an assistant reporter for Bloomberg BNA and Forbes. He spends his free time cooking, and experimenting with new recipes.

Source Link

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.