Compound Community Suspects Governance Attack

The DeFi liquidity platform Compound Finance approved proposal 289, but the project’s community has raised suspicions of a potential “governance attack.”

The initiative involves allocating 5% of Compound’s treasury (499,000 COMP tokens valued at approximately $24.1 million) to the yield protocol GoldCOMP, developed by the Golden Boys team.

The proposal passed by a narrow margin of votes—682,191 to 633,636. Only 57 addresses participated in the decision-making process.

Community members assert that there is more to the voting outcome than meets the eye. A similar proposal was rejected by project participants in May, which involved transferring only 92,000 COMP to the Golden Boys.

Subsequently, OpenZeppelin security solutions developer Michael Lewellen linked several accounts accumulating COMP on the open market to proposals for redirecting coins to fund GoldCOMP.

The researcher identified five addresses collectively holding 230,333 COMP, slightly more than half of the 400,000 token quorum threshold needed to pass a proposal.

“In my personal opinion, the actions of the Golden Boys could be considered a governance attack if they continue their attempts to withdraw funds from the protocol, clearly against the will of all other Compound DAO delegates,” added Lewellen.

In response to the warning, several community members, including Wintermute Governance, Columbia Blockchain, Penn Blockchain, and StableLab, expressed similar concerns.

Ultimately, the proposal was accepted on the third attempt. The leader of the Golden Boys, known as Humpy, attempted to defend his position.

Under Lewellen’s post, he stated that “stealing funds is an improper and misleading phrase coming from a risk specialist.” According to him, the funds will go through the Trust Setup service with a set of restrictions that will prevent their appropriation.

In July, the Compound Finance website was hacked, redirecting visitors to phishing pages.