coin-img-HYPEHYPE-7.21%coin-img-OPNOPN-21.75%coin-img-BNLIFEBNLIFE-0.43%coin-img-ETHETH-1.90%coin-img-BTCBTC-2.60%coin-img-SOLSOL-2.87%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-1.91%coin-img-HYPEHYPE-7.21%coin-img-OPNOPN-21.75%coin-img-BNLIFEBNLIFE-0.43%coin-img-ETHETH-1.90%coin-img-BTCBTC-2.60%coin-img-SOLSOL-2.87%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-1.91%coin-img-HYPEHYPE-7.21%coin-img-OPNOPN-21.75%coin-img-BNLIFEBNLIFE-0.43%coin-img-ETHETH-1.90%coin-img-BTCBTC-2.60%coin-img-SOLSOL-2.87%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-1.91%coin-img-HYPEHYPE-7.21%coin-img-OPNOPN-21.75%coin-img-BNLIFEBNLIFE-0.43%coin-img-ETHETH-1.90%coin-img-BTCBTC-2.60%coin-img-SOLSOL-2.87%coin-img-USDCUSDC+0.02%coin-img-XRPXRP-1.91%

Governance Exploit Lets Attacker Mint 10B TOP, Drain About $1.5M in WETH From Balancer Pool

Security researchers say a governance takeover enabled an attacker to mint 10 billion Token of Power (TOP) tokens and siphon roughly $1.5 million in WETH from a Balancer liquidity pool on Ethereum. Blockchain security firm Blockaid reported that 944.2 WETH—valued at about $1.58 million—was drained from the TOP/WETH Balancer V1 pool after the attacker exploited a governance configuration linked to the TOP ecosystem. Researchers emphasized Balancer itself was not vulnerable; the attack path ran through governance. Blockaid and CertiK said the attacker first accumulated more than 50% of TOP's token supply, then pushed through a governance proposal that minted billions of new TOP tokens directly to an attacker-controlled contract. The exploit was tied to a misconfiguration in an Aragon DAO using TOP's MiniMeToken structure. According to Blockaid, the governance setup lacked timelock protections, allowing proposal creation, voting, and execution within a single transaction. That let the attacker quickly secure majority voting power, execute the mint immediately, generate 10 billion TOP, and dump the newly minted supply into the liquidity pool in exchange for WETH. "The Aragon Voting app allowed create → vote → execute in a single tx with no timelock," Blockaid said. CertiK separately reported the attacker initially withdrew 662 ETH from Tornado Cash before building a large enough TOP position to take majority governance control. Researchers said the incident underscores how DAO governance can become an attack surface in DeFi: rather than exploiting smart contract bugs, governance takeovers abuse embedded administrative permissions and voting mechanisms. Timelocks are widely used to slow execution and give communities time to respond; investigators said the absence of delays allowed this exploit to unfold instantly. The episode also renews scrutiny of legacy DAO infrastructure on Ethereum. Aragon and MiniMeToken-based governance frameworks were widely used in earlier phases of the ecosystem, and some deployments may not reflect current governance security standards. Final Summary: An attacker exploited a governance misconfiguration to mint 10 billion TOP tokens and drain roughly $1.5 million in WETH from a Balancer liquidity pool. Researchers said the exploit relied on an Aragon DAO configuration that allowed proposal creation, voting, and execution in a single transaction without a timelock.
Selected
ETH
ETH-2.10%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.