Original title: $24 million Compound Finance proposal passed by whale over DAO objections
Original article by Zack Abrams, The Block
Original translation: Fairy, ChainCatcher
A recently passed proposal on lending protocol Compound Finance has sparked allegations of a governance attack from community members, who claim that a small group of people forced the proposal through after buying up a large number of tokens on the open market.
Proposal 289, which would allocate 5% of Compound’s treasury, or 499,000 COMP tokens worth about $24 million, to the yield protocol designed by the “Golden Boys” for one year, was passed by a narrow vote of 682,191 to 633,636 on Sunday. Voting on the proposal began at 11:40 p.m. Thursday and lasted through the weekend.
However, community members claim there is more to these voting results than meets the eye.
Michael Lewellen, security solutions architect at OpenZeppelin and security advisor to Compound Finance, noted on his X account that multiple accounts purchased large quantities of COMP tokens on the open market and made multiple proposals intended to transfer COMP holdings to the goldCOMP product created by the Golden Boys.
Following Lewellen’s security alert, several community members, including Wintermute Governance, Columbia Blockchain, Penn Blockchain, and StableLab, expressed similar concerns as the team made two more attempts after the initial proposal failed. “In my personal opinion, if @Humpy and the Golden Boys team continue to persist in trying to extract funds from the protocol, in clear violation of the wishes of all other Compound DAO delegates, their actions could be considered a governance attack,” Lewellen said in a personal opinion published after Proposition 289 was created.
However, after Proposition 289 passed, Golden Boys main leader Humpy defended the proposal in an article denouncing Lewellen. Humpy claimed: Stealing funds is an incorrect and misleading term, especially coming from a risk expert. The proposed investment is set up in a trust with a series of binding actions that do not allow the funds to be stolen or transferred.
In an earlier post, Wintermute’s governance account questioned the claim that the “trust setup” actually prevented the transfer of funds, writing: “Any form of withdrawal action (withdrawal) is completely controlled by GoldenBoyzMultisig, which means that the DAO cannot withdraw funds on its own. The DAO needs to vote to initiate the PHASE update first, and then trust GoldenBoyzMultisig to call the relevant withdrawal function.”
Bryan Colligan, founder and CEO of Compound’s official growth team, pointed out that even putting aside the risks, this opportunity does not seem that lucrative for Compound Finance. “Leaving aside the security issues, according to our early analysis, there are many better POL opportunities that can be achieved through cooperation with emerging chains and decentralized exchanges. Most of these opportunities have an annualized rate of return between 15-20%, and some are as high as 40%.”
While Humpy does not appear to be acting entirely alone, at least one of the five members of the Golden Boys multisig wallet claims to have been completely unaware of the proposal. Ogle, one of the other four administrators of the multisig wallet mentioned by Humpy, said: We used multisig a long time ago and had no idea a vote was taking place and did not participate in the vote. Ogle then responded more cautiously to the allegations of a governance attack, writing under the proposal: From my interactions with them last year, they were self-interested but not acting inappropriately, so Im surprised if this was done to hurt someone. My guess is that this is a way for everyone, including the team, to make money, but I really only just heard about it... so I dont know any more than you do.
According to The Block’s Compound price page, Compound’s token price fell nearly 7% in the 24 hours after the proposal passed.
Humpy is not the first governance attack
Humpy was allegedly involved in similar attempts to seemingly exploit the DAO’s governance process for excessive personal gain. In a lengthy event in 2022, Ethereum-based DeFi protocol Balancer engaged in a lengthy battle with Humpy, whose proposal was voted through by whales in large numbers.
“Between April and December 2022, Balancer struggled to align Humpy’s activities with the DAO’s goals through incentives, and it was forced into a cat-and-mouse game to control the whales’ profit-seeking activities through governance,” a Messari report noted.
Although Humpy’s team and the protocol eventually reached a peace agreement, the battle involved Humpy using multiple wallets to control more than 50% of the voting share, essentially unilaterally passing multiple proposals.
Humpy was also accused of launching an attack by SushiSwap’s Jared Grey in March. “As the process progresses, if his governance attack is successful, he will attempt to extract value from Sushi by creating inflation to support the performance and distribution of its underperforming GOLD token,” Grey wrote in the X post describing the attack.
Grey also responded to the passing of Proposition 289, posting on X on Sunday: “Saddened by the ongoing governance attacks on Compound and Humpy.”
