The MakerDAO Community (MKR) is urgently implementing measures to prevent manipulation of the vote through flash loans. This was precipitated by what is likely the first instance of the feature used to influence a DeFi governance vote on October 26.
According to an article published by community member LongForWisdom, someone used a flash loan to force a governance proposal. BProtocol, a service that allows users to pool cash to participate in Maker debt auctions, has come forward as the culprit.
The proposal would have whitelisted the project to access Maker’s pricing oracle, which would allow decentralized custodians to be managed.
BProtocol used dYdX’s flash lending feature – an unsecured loan that is only granted if it is also returned in the same block. This requirement means that its users must have a predefined path for the money they borrow, and this is only useful for operations that can be done instantly.
Maker Monetsupply community member explained to TBEN that governance contracts do not have a blackout period:
“The current MKR government system allows voters to lock their tokens, immediately vote to pass a proposal, and then unlock the tokens all in the same block.”
Using flash loans to engage in governance can be seen as manipulative because the money is essentially free. Anyone can use them to carry out their own proposals without being part of the Maker.
Governance power is limited to the amount of MKR contained in various DeFi protocols. In this specific case, MKR was from Aave, but up to 64,000 MKR worth $ 34 million is available for flash loans. This is enough to influence at least some of the future governance proposals.
For this reason, the community is initiating emergency containment measures to make exploitation more difficult while waiting for a more definitive solution. A twelve-hour delay between the passage of proposals and their execution – introduced to allow the community to challenge malicious votes – will be increased to 72 hours.
Additionally, the community is disabling circuit breakers that would allow governance to disable oracles and liquidations, as they could potentially be abused by malicious actors to exploit the system for cash.
The case that set off the alarms was relatively minor, with the founder of BProtocol claiming that “we didn’t want to do any harm and no harm was done”. He added that this “was intended to trigger an internal technical discussion” and that he did not expect such a dramatic community response.
A proposal to fix the underlying problem was under discussion for at least three weeks, but “this incident made it much more urgent,” Monetsupply said.
A relatively simple solution is to measure a user’s voting power from the tokens locked in the previous block, thwarting any flash-lending-based attack. This fix is expected to be added soon by the Maker Foundation, although no concrete deadline has yet been announced.
Some in the community see this incident as a good thing, as it was a long-standing issue that “should have been resolved before,” forum member TheoRochaix said. Since no harm seems to have been done, this is a much cheaper lesson than the failed Black Thursday auction.