MarketPR
A governance attack on the Token of Power (TOP) protocol allowed an exploiter to mint 10 billion TOP tokens and drain 944.2 WETH — roughly $1.585 million — from a TOP/WETH $BAL Balancer V1 liquidity pool.
Blockchain security firm Blockaid detected the exploit and flagged it on X, crediting its exploit detection system with identifying the attack.
Weak governance safeguards and the absence of a timelock left the protocol exposed.
How the Attack Unfolded The attacker first secured majority voting control over the Token of Power protocol, then used that position to push through a malicious governance proposal.
Keep reading