Compound DAO: DeFi's Governance Pioneer and the Security Council Revolution

Compound DAO: DeFi’s Governance Pioneer and the Security Council Revolution

In June 2020, Compound Labs distributed COMP — a governance token — to users of the Compound lending protocol. The distribution mechanism was simple: users earning or paying interest on Compound received COMP proportionally. The consequences were anything but simple. In days, COMP’s market price implied that Compound was more valuable than every traditional bank in most countries. More consequentially, the COMP token distribution catalysed an industry-wide movement: the great DeFi governance token summer of 2020, which saw dozens of protocols rush to distribute governance tokens and establish on-chain DAOs.

But Compound’s governance contributions extend far beyond the airdrop moment. The technical infrastructure Compound built — the Governor Bravo contract, the delegation mechanism, the on-chain binding vote system — became the foundation on which most of DeFi’s governance architecture rests. And in 2024, Compound’s governance architecture was exploited in a way that defined the next phase of governance design for the entire industry.

The Protocol: Algorithmic Money Markets on Ethereum

Compound was founded by Robert Leshner and Geoffrey Hayes in San Francisco, with Compound Labs incorporated in 2018. The core protocol innovation was elegant: algorithmic money markets governed by supply and demand curves, with interest rates adjusting continuously based on utilisation ratios.

The mechanism: a user deposits ETH into the Compound protocol and receives cETH (a compound token representing their deposit plus accrued interest). Another user borrows ETH against their deposited USDC (posted as collateral) and pays interest. Interest rates are not set by administrators — they are calculated algorithmically based on the ratio of borrowed to supplied assets in each market. High utilisation (most assets borrowed) means high interest rates, incentivising more supply and less borrowing until the rate normalises.

This was a clean, understandable model. By 2020, Compound had become the second-largest DeFi protocol by total value locked, with markets for ETH, USDC, DAI, WBTC, USDT, and other major assets. The markets generated hundreds of millions in annual protocol revenue through the interest rate spread.

What distinguished Compound from similar protocols was the quality of its smart contract engineering. Compound’s contracts were among the first DeFi contracts to undergo rigorous third-party audits (Trail of Bits, OpenZeppelin), and the architectural separation between core logic and market parameters created a governance-friendly design where parameters could be changed through governance without requiring core contract upgrades.

The COMP Token: One of DeFi’s Most Influential Distributions

COMP launched in June 2020 with a fixed supply of 10,000,000 tokens distributed across:

• 42.30% to Compound shareholders (investors and team, subject to 4-year vesting from deployment)
• 24.00% to Compound Labs employees (subject to 4-year vesting)
• 7.75% to future team members
• 7.75% to governance treasury reserves
• 4.20% to Compound community
• 14.00% reserved for liquidity mining (distributed to protocol users over time)

The liquidity mining component — distributing COMP to users proportional to their supply and borrow activity — was the innovation that ignited DeFi summer. Users could supply assets to Compound, borrow against them, and receive COMP rewards that (at peak prices) generated annualised returns far exceeding the underlying interest rates. This created the “yield farming” paradigm that defined DeFi in 2020.

The COMP distribution also represented a genuine commitment to governance decentralisation. Unlike many subsequent governance token distributions that maintained founder control through voting power concentration, Compound’s distribution was structured to progressively transfer control to the community as vesting and liquidity mining proceeded.

By 2025, COMP’s governance token had facilitated more than 100 successful on-chain governance proposals — from minor parameter adjustments to major protocol architecture changes. The on-chain voting record constitutes a detailed public history of one of DeFi’s most significant governance experiments.

Governor Bravo: The Architecture That Defined an Industry

Compound’s most enduring technical contribution is the Governor system — the smart contract framework through which token holders exercise governance. Governor Alpha was the original implementation; Governor Bravo was the improved successor that Compound deployed in 2021.

The Governor Bravo system works as follows:

Proposals are submitted by addresses meeting a minimum COMP delegation threshold (25,000 COMP in Compound’s implementation). A proposal specifies on-chain actions to be taken if passed: contract function calls, parameter changes, treasury transfers. The proposal proceeds through:

1. Pending (48-hour review period): The proposal exists but voting has not opened.
2. Active (72-hour voting period): COMP holders with delegation cast for/against/abstain votes.
3. Succeeded or Defeated: If quorum (400,000 COMP) is reached and majority support achieved, the proposal succeeds. Otherwise it is defeated.
4. Queued (48-hour timelock): Succeeded proposals enter the timelock queue. Anyone can initiate queuing.
5. Executed: After the timelock period, anyone can trigger execution. The proposal’s specified on-chain actions execute automatically.

The critical innovation is the automatic on-chain execution. Unlike governance systems where voting produces a recommendation that humans then execute, Governor Bravo executes governance decisions automatically through the smart contract. There is no admin who decides whether to implement a passed vote. The code executes, period.

This automatic execution model was subsequently adopted by virtually every major DeFi protocol — with OpenZeppelin’s Governor contract providing a standardised, audited implementation compatible with the Governor Bravo interface. Uniswap, Aave, Gitcoin, ENS, and dozens of other protocols use contracts derived from or compatible with the Compound Governor model.

The delegation mechanism — where COMP holders must explicitly delegate their voting power (to themselves or others) before it can be exercised — was similarly influential. Undelegated tokens do not vote. This requires active engagement from token holders, creating a more accurate signal of actual governance participation than systems where all tokens vote by default.

Compound v3 (Comet): The Architecture Redesign

Compound v3, branded “Comet,” represented a significant departure from the original protocol architecture. The core change: instead of a single pooled market where all assets share risk, Compound v3 creates isolated markets where each deployment has a single base asset (the borrowable asset — initially USDC or ETH) with multiple collateral types.

The governance implications of Comet are significant:

In the original Compound model, governance decisions about one market (say, WBTC collateral factor) had limited direct effects on other markets. In Compound v3’s isolated market model, each deployment is essentially a separate protocol with its own risk parameters. A DAO that governs four Compound v3 markets effectively governs four separate lending protocols — with compounded governance complexity.

This architecture shift has prompted Compound governance to experiment with delegation and sub-governance models: risk management delegates who specialise in specific market parameter decisions, automated risk parameter updates within governance-defined ranges (reducing the need for full votes on routine parameter adjustments), and streamlined governance for market-specific decisions.

Compound v3 has also improved capital efficiency and reduced liquidation risk through better risk parameter isolation — benefits that come with the governance complexity cost. The protocol’s TVL on Compound v3 has grown substantially since its deployment, with the USDC market becoming one of the most used lending facilities in DeFi.

The 2024 Governance Attack: The Industry’s Wake-Up Call

The governance attack on Compound DAO in mid-2024 became the defining governance security incident of the DeFi cycle. It warrants detailed analysis because its implications extend far beyond Compound itself.

Background: A group of addresses known informally as the “Golden Boys” — the name reflecting the gold-themed branding of their governance communications — had been acquiring COMP tokens and accumulating delegate agreements over several months. Their stated governance positions were broadly aligned with Compound’s interests, and they had established some credibility in the governance forum.

The proposal: The Golden Boys submitted a governance proposal that, on its face, was presented as a governance process improvement. The full text of the proposal included, in its executable on-chain actions, instructions to transfer a significant quantity of COMP tokens — ultimately approximately $24 million in value — from the Compound DAO treasury to addresses controlled by the Golden Boys group.

The passage: The proposal reached quorum and achieved majority support. The Golden Boys had accumulated sufficient voting power — through their own COMP holdings and delegate agreements — to pass the proposal. A number of large COMP holders did not vote against the proposal; some may not have reviewed the full executable actions; others may have been subject to the rational ignorance dynamic, not considering it worth engaging with what appeared to be a routine governance proposal.

The proposal succeeded and entered the timelock queue.

The detection and defence: During the timelock period, a community member reviewing queued proposals identified the COMP transfer actions buried in the proposal’s execution data. A rapid mobilisation effort began: governance forum posts, direct outreach to major COMP holders, social media alerts through DeFi governance networks. The 48-hour timelock provided just sufficient window for the community to organise.

Emergency delegate activity succeeded in assembling sufficient opposition to veto the queued proposal — the timelock allowed this because a newly submitted proposal to cancel the malicious proposal could proceed through a fast-track process (under Compound’s cancellation mechanism for proposals with identical actions).

The treasury was protected. But the incident demonstrated with clinical precision that Governor Bravo’s pure token voting was exploitable by a sufficiently capitalised and patient attacker.

The aftermath: Compound governance immediately initiated discussions about security council models. Within months, Compound had approved a Security Council — a multi-signature body of elected community members with authority to veto malicious proposals during the timelock window.

The Compound Security Council model draws directly from the Arbitrum Security Council architecture:

• A defined set of elected community members
• Multi-sig threshold for veto actions
• Explicit authority limited to blocking malicious proposals
• Cannot initiate governance actions independently or transfer treasury funds

The Security Council is an addition to governance, not a replacement. Token holders still govern all protocol decisions through COMP votes. The Security Council adds a monitoring and veto layer for the specific attack vector the 2024 incident demonstrated.

The OpenZeppelin Relationship and Standards Development

One of Compound’s most underappreciated contributions to DeFi infrastructure is the relationship between Compound’s Governor and OpenZeppelin’s Governor contract library. OpenZeppelin — the Swiss-based smart contract security company — created an audited, modular implementation of the Governor interface compatible with Compound’s Governor Bravo.

The OpenZeppelin Governor contract is now used by hundreds of DeFi protocols. Its existence means that a new protocol can launch governance with a well-audited, widely deployed governance contract in days, rather than building from scratch. The Governor standard created by Compound has therefore propagated through OpenZeppelin’s library into virtually every corner of DeFi governance.

OpenZeppelin itself has Swiss roots and connections — founded with significant Swiss involvement and operating within the Zug crypto ecosystem’s broader advisory network — making this a Swiss-adjacent governance standards story that rarely receives adequate attention in the DAO governance literature.

Compound’s Competitive Position in 2025

The honest assessment of Compound’s competitive position in 2025 requires acknowledging significant market share loss. Aave — which launched its governance token in 2020 and has iterated aggressively through v2 and v3 — has substantially surpassed Compound in total value locked across most markets.

The reasons for Aave’s growth relative to Compound are multiple: Aave’s more aggressive cross-chain deployment strategy (more networks, earlier deployment), Aave’s broader asset market selection, Aave’s more active governance culture (higher proposal volume, more active treasury management), and Aave’s safety module architecture that provides clearer insurance against bad debt.

Compound’s response has been Compound v3 (Comet) — a product that many risk analysts consider architecturally superior to Aave’s pooled model for isolated risk management. Compound v3 has attracted institutional interest precisely because its risk isolation properties make it more predictable for large positions. The protocol’s more conservative governance culture, while less dynamic than Aave’s, has also meant fewer aggressive protocol changes and a more stable risk environment.

The competitive race between Compound and Aave will turn on product development velocity, cross-chain deployment, and the ability to attract new asset classes. As of 2025-2026, Aave leads by TVL but Compound competes effectively in specific market segments.

Compound DAO Treasury and Swiss Context

Compound’s DAO treasury holds approximately $900 million in assets, primarily in COMP tokens with some stablecoin diversification. The treasury is one of the more conservatively managed in DeFi — Compound governance has generally been resistant to aggressive treasury deployment, preferring to maintain reserves for protocol security and measured grant spending.

The Swiss connection for Compound comes primarily through the protocol’s adoption by Swiss-based DeFi platforms and foundations. Compound protocol markets are integrated into multiple Swiss-accessible DeFi interfaces. Swiss-based protocol foundations hold COMP tokens as part of their treasury positions. And the OpenZeppelin governance standards developed from Compound’s architecture have Swiss origins.

Compound DAO has not established a Swiss foundation. Like many US-founded DeFi protocols, Compound’s governance operates through a Cayman Islands foundation (the Compound Grants Programme and related functions) rather than a Swiss Stiftung.

Outlook

Compound’s governance legacy is already established: it created the technical infrastructure for on-chain DAO governance that the industry runs on. Governor Bravo, the delegation model, the automatic on-chain execution — these are durable contributions regardless of Compound’s competitive position in the lending market.

The 2024 governance attack and Security Council response may prove equally important. Compound was the first major DeFi protocol to be successfully exploited through pure token voting governance (the attack passed before detection), and its rapid Security Council adoption in response has provided a blueprint for governance security that other protocols are following.

For protocol governance researchers, Compound is the essential case study: the governance model that worked brilliantly until scale exposed its structural vulnerability, and the institutional response that may define the next generation of governance architecture.

This profile is informational only and does not constitute investment or financial advice.

Published by The Vanderbilt Portfolio AG, Zurich, Switzerland. Author: Donovan Vanderbilt.

Related Coverage

• DAO Governance Models Compared: Token Voting, Optimism’s Bicameral Model, and Security Councils
• DAO Governance Activity Tracker: Proposals, Votes, and Participation 2025
• On-Chain Governance: Token Voting, Multisig, and DAO Governance Mechanisms
• Delegated Voting: How DAO Delegation Actually Works
• The Problems With Token-Weighted Voting
• Aave DAO: The DeFi Safety Module and Multi-Chain Lending Governance

Frequently Asked Questions

What is Governor Bravo and why is it important?

Governor Bravo is the smart contract governance system developed by Compound that enables binding on-chain governance through token voting. It is important because it became the de facto standard for DeFi protocol governance: dozens of major protocols, including Uniswap, Aave, and Gitcoin, use Governor Bravo-compatible contracts (including OpenZeppelin’s Governor implementation) for their governance. Governor Bravo’s key innovation is automatic on-chain execution of passed proposals — governance decisions execute without human intermediation.

What happened in the Compound governance attack of 2024?

In mid-2024, a group of delegates known as the “Golden Boys” accumulated sufficient COMP voting power to pass a governance proposal containing hidden treasury transfer actions worth approximately $24 million in COMP. The proposal passed quorum and entered the timelock queue. During the timelock window, a community member identified the malicious actions and a rapid community mobilisation assembled sufficient opposition to cancel the queued proposal before execution. Compound subsequently adopted a Security Council — an elected multi-sig body with veto authority during the timelock window — to defend against similar attacks.

How does Compound v3 (Comet) differ from the original protocol?

Compound v3 (Comet) uses isolated markets — each deployment has a single borrowable asset (USDC, ETH) with multiple collateral types — rather than the original pooled model where all assets shared risk. This isolation improves risk management and reduces contagion between markets, but increases governance complexity since each market deployment requires its own parameter governance.