Flash Governance Attack

A flash governance attack occurs when an actor borrows a massive amount of governance tokens through a flash loan to gain temporary voting power within a decentralized autonomous organization. By acquiring a majority stake for a single block, the attacker can force through malicious proposals, such as transferring treasury funds to their own address or altering protocol parameters to their advantage.

Since flash loans require no collateral and must be repaid within the same transaction, the attacker incurs almost no capital risk while executing the exploit. This type of attack highlights the vulnerability of protocols that rely solely on token balance for voting power without considering time-weighted voting or other reputation-based mechanisms.

It effectively turns the protocol's own democratic governance system into a tool for theft. Protocols often implement delay periods for proposal execution or quadratic voting to mitigate this risk.