Illustration by Alex Castro / The Verge
On April 17th, the decentralized finance (DeFi) project Beanstalk Farms was exploited for $182 million after an attacker mounted a lightning-fast hostile takeover, buying a controlling stake of tokens and immediately voting to send themself all of the funds.
The incident sparked discussion around “governance attacks,” a way of manipulating blockchain projects that use decentralized governance structures by gaining enough voting rights to reshape the rules.
In the wake of the attack, chat logs and video evidence show that the founders were warned about the risk of exactly this kind of attack, but they dismissed community members’ concerns.
The Beanstalk exploit was made possible by another DeFi mechanism known as a “flash loan,” which…