Governance Attack
Seizing enough voting power to pass a malicious proposal and drain a protocol — DeFi's hostile takeover.
A governance attack captures control of a DAO or protocol by amassing a majority of governance tokens — bought, borrowed via flash loan, or accumulated cheaply — then passing a proposal that benefits the attacker, such as draining the treasury or redirecting funds.
These attacks exploit the tension in token-voting: if voting power is for sale and a protocol holds more value than its token’s market cap, buying control can be profitable. Defenses include timelocks (delaying execution so the community can react), quorum requirements, and vote-escrow models that make voting power costly to acquire quickly. It’s the reason “how hard is it to buy control here?” is a real security question, not just a governance one.