DeFi governance under pressure

Hashlock’s Final Report v3 dated January 2026 documents the MarketDAO code review, marks all flagged issues as remediated and shows a “Secure” verification for both the January audit and the February follow‑up. hashlock.com MarketDAO’s technical reference reveals governance-specific controls not in most DAOs: tradable election tokens implemented as ERC‑1155, configurable vesting windows on purchased voting tokens, and token‑locking while a vote is cast to prevent double‑counting. marketdao.dev Industry monitoring firms report a sharp spike in governance exploits this year—an analysis flagged a 340% increase in governance attacks in early 2026 and attributed over $180M redirected via malicious proposals. blocklr.com Academic and conference research is shifting toward real‑time anomaly detection for governance activity, with the HOUSTON system proposing explainable, transaction‑level models to flag suspicious proposal‑level behavior before execution. ndss-symposium.org The security market is scaling: Halborn closed a $90M funding round to expand advisory and pen‑testing services and Forta reported screening hundreds of millions of transactions in 2025 as on‑chain monitoring demand rose. finance.yahoo.com Event‑study literature shows first‑time audits by reputable firms correlate with measurable TVL and token‑value uplifts, while breach announcements produce statistically significant negative abnormal returns in short windows. sciencedirect.com Historical precedent remains instructive: the Beanstalk flash‑loan governance exploit in April 2022 drained roughly $181–$182M after a governance proposal was pushed through without sufficient execution delay. coindesk.com On‑chain signals to watch for this episode are explicit in MarketDAO’s docs—proposal timelocks, vesting durations, and active voting participation metrics—while the Hashlock audit page publishes verification updates and remediation proofs. marketdao.dev