Reported by The Block: A recent proposal passed by Compound Finance’s DAO has sparked claims of a governance attack after a small group led by whale Humpy amassed enough tokens on the open market to help narrowly pass their proposal over the objections of many community members. The proposal allocates 499,000 COMP tokens, currently worth about $24 million, to a yield-bearing protocol controlled by ‘the Golden Boys,’ the group led by Humpy which pushed the proposal through and has allegedly undertaken similar DAO-hijacking behavior in the past.
A recent proposal passed by lending protocol Compound Finance has sparked claims of a governance attack from community members who allege that a small group was able to strong-arm the proposal through the approval process after acquiring large numbers of tokens on the open market.
Proposal 289, which allocates 5% of Compound's treasury, 499,000 COMP tokens worth about $24 million, to a yield-bearing protocol designed by the "Golden Boys" for one year, narrowly passed by a vote of 682,191 to 633,636 on Sunday. Voting for the proposal began on Thursday at 11:40 pm and lasted through the weekend.
However, there's more than meets the eye behind those vote totals, community members have alleged. Michael Lewellen, an OpenZeppelin security solutions architect who serves as a security advisor for Compound Finance, according to his X account, drew a connection between several accounts amassing COMP tokens on the open market and several proposals intended to divert COMP holdings towards the goldCOMP product created by a group dubbed the Golden Boys.
In response to Lewellen's security alert, several community members including Wintermute Governance, Columbia Blockchain, Penn Blockchain, and StableLab echoed similar concerns, especially as the group made two additional attempts to pass its initial failed proposal.
"In my personal opinion, the actions of @Humpy and the Golden Boys can be considered a governance attack if they persist in their attempts to take funds from the protocol in clear opposition to the will of all other Compound DAO delegates," Lewellen posted following the creation of Proposal 289. Lewellen was not able to be immediately reached for comment on this story.
However, following Proposal 289's passage, the apparent leader of the Golden Boys, who goes by Humpy, defended the proposal in a rebuke to Lewellen's post. "‘Steal funds’ is a wrongful & misleading phrase, especially coming from compound’s risk specialist. Requested investment goes through a Trust Setup with a constraint set of actions that doesn’t permit stealing/diverting of funds," Humpy claimed.
Wintermute's governance account had questioned the claim that the 'Trust Setup' actually prevented the diversion of funds in an earlier post, writing, "Any form of withdrawal action (divest) is solely controlled by GoldenBoyzMultisig, meaning that the DAO cannot actually recall funds at any time under their own discretion. The DAO would first vote to initiate a PHASE update and then trust that the GoldenBoyzMultisig calls the relevant divest functions."
Bryan Colligan, founder and CEO of Compound's official growth team, noted that even aside from the risks, the opportunity didn't seem that lucrative for Compound Finance. "Security concerns aside, from our early analysis there are much better POL opportunities available leveraging partnerships from emerging chains and dexes available. Most of these opportunities we are evaluating are starting at 15-20% APR and some as high as 40% APR," Colligan wrote on X.
While Humpy doesn't appear to be acting completely alone, at least one of the five members of the Golden Boys multisig claims they were completely unaware of the proposal. "On multisig from long ago, didn't know this was a vote happening and didn't vote in it," wrote X user Ogle, one of four other members named by Humpy as governors of the multisig.
However, Ogle had a more measured response to claims of a governance attack. "From my interactions I had last year they were self-serving but good actors, as in I'd be surprised if this was meant to *harm* anybody. My guess is it's meant as a way to make everybody money including the group, but I genuinely am just hearing about this...so I don't know any more than you do," wrote Ogle in response to the proposal.
Compound's token's price is down nearly 7% in the past 24 hours following the passage of the proposal.