defirisk.co
rubric v1.7.0

Flash-loanable voting weight

Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap's assessment for RD-F-036 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Governance uses Snapshot off-chain voting with snapshot-block checkpoints. Sushi docs explicitly state: 'you cannot simply buy $SUSHI tokens to vote on an already ongoing vote.' Voting power (SUSHIPOWAH) derived from xSUSHI and SUSHI-ETH LP positions at the snapshot block. Flash-loan borrowing for same-block governance manipulation is structurally blocked. No on-chain governor with live-balance vulnerability exists.

Sources #

  • Docs
    Sushi Governance Docsdocs.sushi.com/dao/governance — 'you must have SUSHIPOWAH from any or all of the three above options when the vote starts. This means that you cannot simply buy $SUSHI tokens to vote on an already ongoing vote'retrieved 2026-05-17
  • URL
    How to Vote on Snapshot — Sushi FAQsushi.com/faq — voting on Snapshot requires holding SUSHIPOWAH at snapshot blockretrieved 2026-05-17

Methodology #

Determine whether governance voting power is a function of current token balance of a transferable token with no lock or checkpoint, making it flash-loan susceptible.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sushi factor RD-F-036 score green collected_at 2026-05-16 19:50:37