The governance of the DAT organization

When investors buy token,(1-I)ETH will transfer to organization,how should this part of the funds be managed?Should it be decided by the internal decision of the organization, or by all investors voting together, or by some kind of algorithm?
I think investors should have the right to governance.The process of governance is similar to moloch。The investor voted to decide whether the proposal for the use of funds was passed, and the number of tokens was the weight of the ticket.But here is a question, how to avoid the 51% attack?CO is not a 100% buyback reserve mechanism, and investors can’t avoid 51% of attacks by ragequit and withdrawing funds.
Maybe we should add a role of verifier,verifier can veto the proposal passed by the vote。The founder can act as a verifier or select several investors as verifiers through a random algorithm.
Any opinion will be very grateful.

Hello, I’m interested in CO precisely because zero governance power is embedded into it, so it enables the funding of bossless structures (holacracy, teal, sociocracy, open collectives, etc.) So from my perspective this is a feature.
My understanding is that there is 100% buyback reserve, the money transferred to the organizations is not returning.