Glossary
Governance Attack
An attacker acquires (or borrows) enough governance tokens to pass a malicious proposal — minting tokens, draining a treasury, upgrading a contract to a backdoor.
Any protocol governed by a transferable token is potentially exposed to a governance attack. The attacker accumulates the governance token (sometimes via flash loan from an AMM with deep liquidity), submits a proposal that benefits them, waits out the voting period, and executes.
The 2022 Beanstalk exploit drained ~$182M this way: the attacker flash-loaned BEAN and 3CRV, took an instant supermajority, and executed a proposal that transferred the treasury. Defenses include time-locks on execution, quorum requirements, multisig veto rights, and locking governance power for a delay.