Token of Power Governance Takeover

On June 9, 2026, Token of Power (TOP), an Ethereum token governed through an Aragon DAO, was drained of approximately 944.2 WETH (~$1.58 million) in a governance-takeover attack. The Balancer protocol itself was unaffected — the loss fell on the TOP/WETH liquidity pool deployed on Balancer V1.

What happened

The attacker first acquired more than 50% of TOP's circulating supply, enough to single-handedly control voting. TOP's governance relied on a misconfigured Aragon setup built around the MiniMeToken standard with no timelock separating proposal creation from execution. That let the attacker create a proposal, vote on it, and execute it within a single transaction — minting roughly 10 billion new TOP tokens directly to an attacker-controlled contract. The freshly minted supply was then swapped against the TOP/WETH pool, draining about 944 WETH while leaving liquidity providers holding a now-worthless token. Security firms Blockaid, Cyvers and PeckShield flagged the activity on-chain, with Blockaid characterising it as a governance-takeover attack.

Aftermath

The stolen ETH was routed into Tornado Cash, complicating tracing. The starting wallet had itself been funded through Tornado Cash, consistent with a premeditated operation. As of reporting, none of the funds had been recovered.

Why it matters

TOP is a textbook single-transaction governance capture: when a token's own supply is the voting weight and there is no timelock, anyone who can buy or borrow a majority can rewrite the rules in one block. It echoes the Beanstalk flash-loan governance drain and the Tornado Cash governance takeover, and — like Audius — turns on a contract-configuration flaw rather than a market manipulation. The episode is a reminder that timelocks and execution delays are not optional ornaments but the core defence that gives a community time to react before a malicious proposal settles.