The recent occurrence of vote buying within Arbitrum has sparked significant questions regarding the validity of the DAO governance model, placing holders at considerable risk.
Decentralized autonomous organizations were initially envisioned to enhance financial decentralization and autonomy. However, a situation that surfaced on April 8 raised alarming issues about this framework. Specifically, an individual spent 5 ETH to acquire approximately 19.3 million in Arbitrum (ARB) voting rights.
This represented an expenditure of around $10,000 to sway decisions related to roughly $6.5 million in governance authority, surpassing the voting strength of major delegators like L2Beat and Wintermute. The user, identified as hitmonlee.eth, took advantage of LobbyFi, a service that enables token holders to profit by leasing out their governance influence.
In this case, the acquired votes were directed toward endorsing CupOJoseph’s bid for a position on Arbitrum’s Oversight and Transparency Committee. The use of vote buying to affect the outcome of an election for a transparency committee raises substantial concerns about the credibility and safety of DAO governance.
As noted by Ignas from Pink Brains, the oversight role offers a compensation of approximately $7,500 per month for a year. This points to the possibility that vote buying is not merely driven by ideology but could also be financially motivated. More broadly, it illustrates that DAO governance frameworks, particularly those employing a one-token-one-vote system, might be vulnerable to exploitation.
Security Threats from DAO Vote Buying
In July 2024, Compound DAO narrowly approved a vote that allocated $24 million, equivalent to 5% of its treasury, to an external protocol. This protocol was managed by a prominent COMP holder who supported the proposal. The decision, which followed two previous failed attempts, was labeled a governance attack by some DAO members.
The risk associated with platforms like LobbyFi is that they greatly lower the financial barrier for governance attacks. Unscrupulous individuals can now sway critical DAO decisions without needing substantial funds. This empowers them to benefit at the expense of both the token holders and the DAO itself.