Vote Sniping

The defining feature of vote sniping is the timing of the attack. The sniper monitors a governance proposal and withholds their voting power until the final moments before the voting period closes. This prevents the opposing side from mounting a counter-vote, as there is insufficient time to react. The strategy exploits the irreversibility and finality of on-chain transactions once a block is confirmed.

Snipers are typically motivated by direct financial gain, not ideological alignment with a proposal. Common profit mechanisms include:

• Arbitrage: Voting to pass a proposal that will temporarily move an asset's price, allowing the sniper to profit from pre-positioned trades.
• Token Value Extraction: Voting for proposals that directly allocate treasury funds or provide special benefits to large token holders.
• Governance Token Accumulation: In systems where voting earns rewards, sniping can be used to maximize reward yield with minimal token lock-up time.

This attack is only feasible in fully on-chain governance models where votes are immutable transactions. The sniper depends on the fact that once their vote transaction is included in a block, it cannot be reversed or contested within the protocol's rules. This contrasts with off-chain signaling (like Snapshot), where a "vote" is just a signed message and can be changed until the snapshot is taken.

Protocols implement various defenses to reduce the risk and impact of vote sniping:

• Vote Delay / Timelock: A delay between a vote's conclusion and its execution, allowing time to detect and potentially respond to malicious outcomes.
• Quorum Requirements: Setting a high minimum participation threshold makes it harder for a last-minute vote to be decisive.
• Commit-Reveal Schemes: Voters submit a hashed vote first and reveal it later, obscuring the voting landscape until the reveal phase.
• Bonded Voting: Requiring voters to lock (bond) tokens for a period after voting, increasing the cost and risk for snipers.

It's important to differentiate vote sniping from related governance attacks:

• Vote Buying: Openly purchasing votes before or during the voting period. Sniping is about timing, not necessarily explicit payment.
• 51% Attack: A majority takeover of a blockchain's consensus mechanism. Vote sniping occurs within the governance layer, often with far less than 51% of tokens.
• Proposal Spam: Flooding the governance system with proposals to cause fatigue. Sniping targets specific, individual proposals.

The primary motivation is to capture Maximal Extractable Value (MEV). A sniper identifies a proposal that will pass and significantly move the market price of a governance token. By voting with the winning side at the last moment, they can:

• Front-run the market reaction by buying tokens before the vote concludes.
• Profit from the anticipated price increase without contributing to the governance process's legitimacy.

Sniping undermines the skin-in-the-game principle of governance. Traditional voters must lock capital (e.g., via staking) for the proposal's duration, bearing opportunity cost and price risk. Snipers avoid this by:

• Using flash loans to borrow voting power instantly.
• Only committing capital for the final block, eliminating risk and distorting the economic alignment of voters.

This is an attack vector against specific governance mechanisms. It is most effective against:

• Continuous approval voting: Where a 'yes' vote at any time counts.
• Snapshot voting with execution delays: Where a vote result is known before on-chain execution.
• Systems without vote concealment (e.g., commit-reveal schemes) or robust anti-collusion measures.

The impact degrades the perceived fairness and security of decentralized governance. Consequences include:

• Reduced participation: Honest voters may disengage if outcomes are predictable and exploitable.
• Centralization pressure: Communities may adopt more centralized 'guardian' multisigs to prevent sniping, counter to decentralization goals.
• Protocol risk: Critical upgrades could be influenced by actors with no long-term stake in the protocol's health.

Snipers are free-riders on the governance work of others. They:

• Do not perform due diligence on proposals.
• Do not engage in forum discussions or signaling.
• Rely entirely on the research and consensus-building of the legitimate community, then parasitically capture value from the resulting decision.

Protocols implement mechanisms to mitigate sniping. Key defenses include:

• Bonded Voting: Requiring voters to post a bond that is slashed for malicious behavior.
• Commit-Reveal Schemes: Hiding vote direction until after the voting period ends.
• Time-weighted Voting: Valuing votes based on how long tokens are locked (e.g., veToken models).
• Proposal Execution Delay: Adding a timelock between vote conclusion and execution.

In early Uniswap governance, actors would monitor the temperature check and consensus check phases. By waiting until the final moments of a snapshot vote, they could deploy large amounts of delegated UNI tokens to:

• Tip a narrowly failing proposal over the required quorum.
• Defeat a proposal that threatened their interests.
• This led to the implementation of a vote delay to reduce last-minute surprises.

Flash loans supercharge vote sniping by providing instant, uncollateralized capital. An attacker can:

• Borrow a massive amount of a governance token (e.g., AAVE, MKR) just before a vote ends.
• Use the borrowed voting power to swing the proposal.
• Repay the loan in the same transaction, only paying a small fee. This makes sniping attacks capital-efficient and difficult to predict.

Protocols implement specific mechanisms to deter sniping:

• Vote Escrow (ve-tokens): Models like Curve's veCRV require locking tokens for long periods to gain voting power, making last-minute acquisition costly.
• Voting Delay: A mandatory waiting period (e.g., 2 days on Compound) between proposing and voting, allowing community review.
• Quorum Thresholds: Setting a high minimum participation level makes it harder for a single sniper to meet it alone.

Snapshot (off-chain signaling) is highly susceptible to sniping as votes are free and can be changed until the last second. On-chain execution (e.g., Compound, MakerDAO) adds a cost barrier but is vulnerable to flash loan attacks. The key difference is the binding nature of the vote; sniping a Snapshot poll may influence sentiment, while sniping an on-chain vote directly alters protocol state.

Some protocols grant administrators a proposal cancellation power as a nuclear option against malicious or sniped proposals. For example, a timelock controller or governance guardian can cancel a proposal that passed due to clear vote sniping before it executes. This is a centralized safety mechanism that conflicts with pure decentralized governance ideals.

A defensive mechanism where a proposal's creator or a privileged actor (e.g., a multisig) can cancel a live proposal. This is sometimes used as a countermeasure against a detected vote-sniping attack to prevent a malicious outcome.

• Use Case: If a malicious actor is poised to snipe a proposal in its final hours, cancellation halts the attack, though it also nullifies legitimate debate.
• Governance Overhead: Highlights the trade-off between security and decentralization, as it often requires centralized intervention.

A system where token holders delegate their voting power to a representative or delegate. This aggregates voting power but can centralize influence and create single points of failure for sniping attacks.

• Sniping Vector: A large delegate's voting decision, if revealed late, can be a prime target for counter-sniping or manipulation.
• Mitigation: Some protocols use blind voting or commit-reveal schemes during the delegation process to obscure final voting intent until a deadline.

A minimum threshold of total voting power that must participate for a proposal to be valid. Low quorums are particularly vulnerable to vote sniping, as a small amount of last-minute power can easily swing the result.

• Attack Surface: A proposal passing with a 51%/49% split and a 10% quorum can be reversed by a sniper controlling just over 1% of the total supply.
• Defense: Higher quorums force attackers to amass more capital to snipe, increasing cost and risk.

The ultimate governance mechanism where a dissenting community executes a protocol fork, creating a new chain with a different rule set. This is a nuclear option in response to governance attacks, including successful vote sniping that leads to a harmful outcome.

• Historical Example: The Uniswap community's control over the protocol treasury makes a fork a credible threat against malicious governance takeovers.
• Relationship to Sniping: The possibility of a fork acts as a deterrent, as a sniper's gains on one chain may be worthless if the valuable community and liquidity migrate.