Governance Takeover Drains $1.58M via Token of Power Exploit

A governance exploit on the Token of Power ($TOP) resulted in $1.58 million being drained from a Balancer V1 pool within minutes. The attacker hijacked the token's voting mechanism to mint 10 billion new TOP tokens before pulling liquidity, according to blockchain security firms.

The exploit targeted a vulnerable Aragon DAO governance setup rather than a flaw in Balancer's core code, researchers confirmed. Weak token safeguards — including low quorum thresholds and unchecked proposal execution — allowed a single address to seize control without significant opposition.

Regulatory scrutiny of DeFi governance structures may intensify following this incident. While the SEC has not commented on this specific case, the agency has previously signaled that governance token structures fall under securities law when they grant economic rights or control.

Token of Power, a low-cap altcoin, saw its market cap collapse from roughly $2 million to near zero after the exploit. The incident underscores the fragility of small-cap tokens with centralized governance, which remain a persistent risk vector in the broader crypto market.

On-chain data shows the attacker bridged stolen funds to Ethereum and partially converted them to ETH, dwarfing TOP's entire 24-hour trading volume. Competing DAO protocols like Uniswap and Compound, which enforce higher quorum thresholds and timelock delays, have avoided similar attacks — highlighting the disparity in governance security across DeFi projects.