Governance token concentration (Gini)

A governance & admin factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor computes the Gini coefficient of governance token holdings across the top-N holders — producing a concentration measure between 0 (perfectly equal distribution) and 1 (fully concentrated in one address). The assessment reads on-chain token holder distributions for the governance token and applies the Gini formula, displayed alongside the protocol's current quorum threshold to provide context on whether a small number of whales can unilaterally control governance outcomes.

**Why it matters** Highly concentrated governance token distributions are a prerequisite for governance attacks by large holders without requiring flash loans. When the top five holders collectively control more than 50% of the voting supply, any two or three of them can pass a proposal unilaterally. This factor surfaces the structural power distribution within a protocol's governance, which is orthogonal to the attack surface factors (RD-F-036, RD-F-037) but relevant for assessing governance capture risk from large holders. It is a display field rather than a critical factor — concentration alone is not sufficient for a D or F grade — but it informs the holistic governance picture.

**Green / Yellow / Red** Green is assigned when the Gini coefficient of voting token distribution is below 0.6 and no single address controls more than 20% of voting supply. Yellow covers Gini 0.6–0.8 or single-address control of 20–40%. Red is assigned when a single address or a clearly coordinated group controls more than 40% of voting supply, enabling unilateral governance outcomes.

**Common gray cases** This factor is grayed when the governance token is vote-locked (non-transferable), where the standard holder scan does not accurately represent voting power, or when governance is off-chain and token distribution is not directly linked to proposal authority.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Compute the Gini coefficient of governance token holdings across the top-1000 holder addresses.

Data & output #

Data source

Etherscan token holders API + on-chain `Transfer` event history via subgraph (The Graph governance subgraph or protocol-specific)

Output format

Green / Yellow / Red

Evidence artifact

Holder distribution snapshot JSON + Gini coefficient + top-10 share % + block number

Confidence signal

green = Gini <0.7 (reasonably distributed); yellow = 0.7–0.85; red = >0.85 or top-3 holders control >50%; gray = governance token not identified or no on-chain governance

Scored protocols 80 carry this factor #

Protocol RD-F-047

Aave v3 ethereum yellow Across Protocol ethereum gray Aerodrome Finance base gray Axelar Network ethereum gray Babylon Protocol bitcoin red Balancer (v2 + v3) ethereum red Beefy Finance ethereum yellow BENQI avalanche not_assessed BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum gray Centrifuge ethereum gray Chainlink CCIP ethereum yellow Circle USYC binance not_applicable Compound V3 (Comet) ethereum yellow Concrete ethereum not_applicable Convex Finance ethereum gray crvUSD (Curve Stablecoin) ethereum yellow Curve Finance ethereum red deBridge ethereum yellow Dolomite ethereum gray dYdX v4 (dYdX Chain) dydx yellow EigenLayer ethereum yellow Ethena ethereum yellow ether.fi ethereum yellow Euler V2 ethereum yellow Falcon Finance ethereum red Fluid ethereum gray Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum gray Hyperlane ethereum gray Hyperliquid arbitrum red Jito solana yellow Jupiter solana red Jupiter Perpetual Exchange solana yellow JustLend DAO tron gray Kamino Lend solana gray Kinetiq hyperliquid yellow Lido ethereum yellow Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum gray Lista DAO bsc yellow Lombard Finance ethereum yellow M^0 ethereum yellow Maple Finance ethereum gray Marinade Finance solana yellow Meteora solana gray mETH Protocol ethereum gray Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum red Multipli ethereum not_applicable Ondo Finance ethereum gray OpenEden ethereum not_applicable Orca solana gray PancakeSwap bsc red Pendle Finance ethereum gray Polymarket polygon not_applicable QuickSwap polygon yellow Raydium solana not_applicable Rocket Pool ethereum yellow Sanctum solana yellow Save (formerly Solend) solana red Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum red Spiko stellar not_applicable Stake DAO ethereum gray StakeWise v3 ethereum gray Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_applicable SUNSwap (sun.io) tron gray Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum yellow Symbiotic ethereum gray Synapse Protocol ethereum yellow Uniswap (v2 + v3) ethereum yellow USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum gray Veda (BoringVault) ethereum not_applicable Venus Protocol bsc red Wormhole ethereum gray Yearn Finance ethereum gray

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.

rubric_version v1.7.0 factor RD-F-047 category 2 carried 80 critical no