Pressure test 12 · operational
Hostile cross-DAO governance attack
An adversarial actor identifies a flaw in template governance logic and attempts to coordinate an attack across multiple DAOs that share the same template, exploiting the similar flaw in each instance simultaneously.
Scenario
An adversarial actor identifies a flaw in template governance logic and attempts to coordinate an attack across multiple DAOs that share the same template, exploiting the similar flaw in each instance simultaneously.
Cost / impact
Bounded by per-property isolation. A successful attack on one DAO's treasury or governance does not propagate to other properties. Worst case is loss of one DAO treasury.
Prevention
Template audits include governance-attack vector consideration. Quorum and supermajority thresholds are tuned to prevent thin-vote captures. Permissioned membership ensures every member is KYC'd — there are no anonymous attackers.
Mitigation
Per-property isolation contains the damage. Governance attack on one instance triggers a review of the same template modules across all deployed instances. Emergency governance procedures in M2 allow recovery.
Residual risk
Low for permissioned DAOs. Membership gating is the strongest defense; a coordinated attack requires compromising multiple known, identified members.