Beanstalk: Flash Loan + Governance Exploit
An attacker borrowed $1B in a flash loan to temporarily gain a majority vote in Beanstalk's governance, passed a proposal to steal all protocol funds, and walked away with $76M — all in one transaction.
Summary #
Beanstalk suffered a Stablecoin / Algorithmic Stable Protocol on 2022-04-17, resulting in a loss of approximately $181M.
What happened #
An attacker borrowed $1B in a flash loan to temporarily gain a majority vote in Beanstalk's governance, passed a proposal to steal all protocol funds, and walked away with $76M — all in one transaction.
Linked factors #
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty existed (Y/N): Unknown — not mentioned in source] || Bug bounty absent — alternate field name [via dashboard_risk_factors/Bug bounty existed (Y/N): Unknown — not mentioned in source]
- RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action (Y/N + detail): YES** — Malicious governance proposals submitted 24h prior. An on-chain governance monitor watching for unusual proposal initiators or large...]
- RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Anonymous — Publius (protocol founder) doxed themselves post-hack as a group of three]