Skip to main content
Sigvex

Governance Risk

Governance-token concentration analyzer with on-chain fetch, editable holder and signer tables, and JSON/CSV export.

What it is

A page that builds a governance concentration report from a token address. It has an Auto-fetch from chain section with multi-select candidates, editable Top Holders and Multisig signer tables, and export actions for JSON, CSV, and clipboard.

Why it exists

Concentrated voting power is a hidden risk in many DAO tokens. The page gathers holder and signer data (or accepts manual entries), classifies the concentration profile, and produces an exportable report that can be attached to audit findings.

Who uses it

  • Auditor — documents governance concentration as part of an engagement.
  • Researcher — compares concentration across protocols.

How to open it

  1. Sidebar → Simulation → Governance Risk.
  2. Direct URL — /governance-risk.

Using the page

  1. Auto-fetch from chain — pick a governance token contract, candidate holder wallets, and an optional governor contract from the workspace pickers.
    • 1. Find top holders — scans asset transfers and appends discovered holders to the candidate multi-select.
    • 2. Fetch on-chain balances — fills Total supply, the Top Holders table, and (if a compatible multisig governor is picked) the Multisig signer list from chain.
  2. Token + quorum — Total supply, Quorum threshold, Token price (USD), and Flash-loan pool depth (USD).
  3. Top holders — editable table; + Add holder appends a row.
  4. Multisig (optional) — Threshold plus signer rows with a deployer cluster checkbox; + Add signer appends a row.
  5. Concentration report — verdict badge plus KPIs for Top 5, Top 10, Gini, Holders to quorum, Flash-loan capture cost, and Multisig · deployer cluster, with auditor Notes below.
  6. Simulate compromise — Role name, Capability dropdown (withdraw, upgrade_to, transfer_ownership, mint, pause, destroy), Value at risk (USD), Run compromise simulation — runs a fork-runtime simulation and seals a capsule; a transcript link opens the result in Exploit Lab.
  7. Export JSON — downloads the full report.
  8. Export CSV — downloads holders as CSV.
  9. Copy — copies the JSON report to the clipboard.

Inputs and outputs

Input Source Required
Governance token Workspace contract picker yes
Candidate holder wallets Workspace account picker or discovery for on-chain fetch
Governor contract Workspace contract picker no
Top holders On-chain fetch or manual entry yes
Multisig signers Manual entry or governor fetch no
Output Format Destination
Concentration report JSON Browser download
Holders CSV Browser download
Report JSON Clipboard via Copy

Controls reference

  • 1. Find top holders — on-chain candidate discovery.
  • 2. Fetch on-chain balances — populates supply, holders, and (if a governor is set) signer rows.
  • + Add holder / + Add signer — append rows to the holder or signer table.
  • Run compromise simulation — seals an exploit capsule for the selected capability.
  • Export JSON / Export CSV / Copy — output actions.

Limits

  • Requires a signed-in account.
  • Auto-fetch depends on token support and RPC availability; when unavailable, the holder table must be filled manually.
  • The multisig section is optional and is only included in the report when rows are present.

Troubleshooting

Symptom or error Cause Action
Find top holders returns an empty candidate list Token not indexed or RPC unreachable Fill the Top Holders table manually.
Report shows a different signer count than expected Unchecked signer clusters are excluded Tick the clusters that should be included.