Too Long; Didn't Read
The only mechanism that can prevent a whale from influencing the outcome of voting decisions within permissionless DAOs without strong IDM (identity management) is veto-like powers attributed to a subset of the token holders. This is because in most of the current implementations these governance tokens are bought with money: FIAT or crypto, and the more money you have the more tokens you can buy! The D for decentralized in the DAO effectively becomes a C or an S for semidecentralised depending on the particular implementation in clear contradiction to the spirit of Web3.