Crypto University logoCrypto University
NewsDictionaryGuidesCoursesReviewsToolsDeals
Log In
Log InRegister

Browse

  • News
  • Dictionary
  • Guides
  • Courses
  • Reviews
  • Tools
  • Deals

Explore More

  • Blog
  • Signals
  • About Us
  • Community
  • Affiliates
  • FAQs

Crypto University

Definitions, guides, reviews, and tools designed for decisions you can defend.

Library

NewsDictionaryGuidesReviews

Network

Our StoryAffiliate ProgramPartner DealsCrypto ToolsGet in Touch

Legal & Connect

PrivacyTerms of Use

Join the Community

Educational content only. Not investment, tax, or legal advice. Verify details with primary sources before making decisions. © 2026 Crypto University.

  • Dictionary
  • Guides
  • Courses
  • Reviews
  • Deals

Go Back to Crypto University Blogs

No Adverts are available

How BonkDAO Lost $20M Without A Hack

Crypto University • 14 July 2026

blog
Guides
No Adverts are available

Key Takeaways

  1. No code was broken. An attacker spent roughly $4.4 million buying BONK on the open market, cleared BonkDAO’s 1 percent quorum threshold, voted alone to approve a proposal, and automatically moved about $20 million out of the treasury. Every transaction was valid. The contracts did exactly what they were written to do.

  2. The vulnerability was arithmetic, not engineering. When the cost of buying a temporary voting majority is lower than the value of the treasury it controls, the attack is profitable. BonkDAO’s turnout was 2.9 percent, so the majority was cheap.

  3. The defenses already exist and are well understood. Timelocks, multisig execution checks, participation floors, and lock-up based voting weight would each have raised the cost or created a window to intervene. BonkDAO had none of them in the path of this transaction.

What Happened

On July 6, 2026, BonkDAO, the on-chain governance body of the Solana memecoin BONK, confirmed that approximately $20 million worth of BONK tokens had been drained from its treasury through what it described as a malicious governance proposal.

There was no compromised private key, no phishing site, no reentrancy bug, no oracle manipulation, no bridge exploit. The attacker did not break into the system. The attacker bought a majority of a vote that almost nobody attended, and then voted to hand themselves the treasury.

This is called a governance attack, and it is one of the few categories of crypto loss where the security question is not “was the code audited” but “who is allowed to decide, and how cheaply can that permission be purchased.” The mechanism is not exotic, and the conditions that enabled it are common.

Quick Facts

Item

Detail

Target

BonkDAO, governance body of the BONK memecoin on Solana

Date of execution

July 6, 2026

Reported loss

Approximately $20 million in BONK (around 4.4 trillion tokens)

Attacker’s reported cost

Approximately $4.4 million in BONK purchases

Governance platform

Realms, built on Solana’s SPL Governance program

Proposal

BIP #76, titled “Sowellian BonkDAO”

Voter turnout

7 wallets, against a membership reported at more than 18,000 (about 2.9 percent)

Code exploited

None

Loss figures are estimates reported by BonkDAO and blockchain analytics firms. Token values fluctuate, so dollar amounts vary between reports.

Background: How BonkDAO Voting Worked

BONK launched in December 2022 and became one of Solana’s best known memecoins, in part because roughly half the supply was distributed through an airdrop. BonkDAO is the community body that governs the project’s treasury, and it ran on Realms, a governance front end built on Solana’s SPL Governance program. The model is standard across the industry:

  • Token holders deposit BONK into the DAO to receive voting power proportional to their holdings. This is called token-weighted voting: one token, one vote.

  • Any holder with enough tokens can submit a proposal.

  • A proposal can carry executable instructions, meaning it is not just an opinion poll. It can contain an on-chain instruction such as “transfer X tokens from the treasury to wallet Y.”

  • If the proposal passes, that instruction executes automatically on-chain.

Two parameters matter for this story. Quorum is the minimum voting weight required for a proposal to count. BonkDAO’s quorum was set at yes votes equal to 1 percent of BONK’s total supply. An execution delay, or timelock, is a mandatory waiting period between a vote passing and the instruction running. Realms allows DAOs to configure one. BonkDAO’s configuration did not include one.

That combination is the whole story.

The Timeline

Date (2026)

Event

June 30

An anonymous wallet submits BIP #76, “Sowellian BonkDAO.” It reads like a turnaround pitch, promising to install a new council, rebuild the project, monetize holdings, and stop the bleeding. It notes that yes voters would be eligible to receive tokens. Beneath the prose sits the only instruction that mattered: transfer roughly 4.43 trillion BONK to the proposer’s wallet.

July 4 to 5

A separate wallet spends approximately $4.4 million buying BONK on Bybit and Binance, acquiring just over 1 percent of supply. This is exactly the quorum threshold. Lookonchain also reported borrowing through DeFi lending platforms.

July 6

The vote closes. Seven wallets participate. The proposal clears quorum by a hair: 882.38 billion BONK in favor against an 879.95 billion threshold. Attacker-linked wallets accounted for roughly 99.9 percent of votes cast.

July 6

Execution is automatic. Around $20 million in BONK leaves the treasury to an attacker-controlled address, which Solscan showed had been funded through a Bybit account.

July 6, roughly one hour later

The attacker begins selling the BONK it bought to vote, offloading around $5.3 million worth. The tokens were a tool, not an investment.

July 6, later that day

Per Chainalysis, roughly $188,000 moves to an exchange, while about $19 million moves into a multisig wallet. PeckShield separately flagged roughly $148,000 of stolen BONK reaching OKX.

July 6 to 7

BonkDAO confirms the attack, says it has identified the exchange wallets used to buy tokens ahead of the vote, and begins coordinating with exchanges, bridges, the Solana Foundation, and law enforcement. Upbit and Kraken pause BONK deposits and withdrawals. BONK falls roughly 8 to 10 percent on the day.

Two details deserve a second look.

The promised voter reward never arrived. The proposal dangled BONK rewards for yes voters. The tokens were not distributed. They were moved to a second address hours later.

The attacker used a multisig to protect the proceeds. That is the same category of control BonkDAO did not have on its own treasury.

The Teaching Core: Why No Code Broke

This is the part most readers skim past, and it is the whole lesson.

A conventional exploit takes a system that has rules and finds a state the rules did not anticipate. A governance attack takes a system that has rules and follows them exactly.

Walk back through it:

  • Buying BONK on an exchange is a legal purchase.

  • Depositing tokens into a DAO to receive voting power is the intended use of the governance contract.

  • Submitting a proposal is a permissioned action, and the attacker met the permission threshold.

  • Voting your full stake in favor of your own proposal is not prohibited by the contract.

  • Executing an approved proposal is what the SPL Governance program is built to do.

At no point did the software behave incorrectly. There is no patch for this, because there is no bug. The BONK token contract was fine. The Realms and SPL Governance programs were fine. Auditors reviewing the code would have found nothing, because the vulnerability was never in the code. It was in the parameters, and parameters are a design choice, not an engineering defect.

This is why security researchers describe governance risk as a problem of mechanism design. The question a DAO must answer is not “is our code correct” but a colder one:

Is our treasury worth more than the cost of buying a majority of our vote?

For BonkDAO, the answer was yes by roughly five times. Approximately $4.4 million bought control of approximately $20 million. Once that inequality holds, an attack is not a possibility. It is an incentive.

The Cost of Votes Calculation

Variable

BonkDAO

Effect on attacker

Treasury value

Approximately $20 million

The prize

Quorum requirement

1 percent of supply

The price tag

Voter turnout

2.9 percent

Nobody to outvote

Execution delay

None

No window to intervene

Multisig on treasury outflows

None

No human checkpoint

Resale value of voting tokens

High, BONK is liquid

Recovers part of the cost

The last row is easy to miss. The attacker did not need to write off the $4.4 million spent on tokens, because those tokens could be sold immediately afterward. The real cost of the attack was not the purchase price. It was the price impact of buying and then selling into a market, which is far smaller.

The Defenses, Explained One by One

None of the following are new ideas. Security researchers have recommended them since at least 2022. They are absent from many DAOs because each one costs something a community values, usually speed or decentralization.

1. Timelocks

A timelock is a mandatory delay between a proposal passing and its instruction executing, commonly 24 to 48 hours, often longer for treasury actions. Compound, Aave, and Uniswap have routed proposals through timelocks as standard practice for years.

A timelock does two things at once.

It creates a reaction window. A proposal submitted by an unknown wallet, approved by a single accumulator, with 97 percent of members absent, and instructing a full treasury transfer, is exactly the kind of anomaly a community or a monitoring service can catch. BonkDAO’s vote was live for six days and nobody moved, which is often used to argue a timelock would not have helped. It cuts the other way. A live voting period is not a reaction window, because during the voting period the outcome is still theoretical. Alarm bells ring when a malicious proposal passes, and at BonkDAO the moment it passed was the moment the money left.

It also breaks flash loan attacks entirely, for reasons covered below.

Trade-off: the DAO cannot respond instantly to emergencies. Every legitimate proposal is slowed down.

2. Multisig Execution Override

A multisig requires several named keyholders to co-sign a transaction. Applied to governance, it means a passed proposal above a certain value cannot execute until human signers approve it, or it means a security council can veto or pause an execution during the timelock window.

This inserts an accountable human checkpoint between “the vote passed” and “the money moved.”

Trade-off: this is the uncomfortable one. It reintroduces a trusted group into a system whose selling point is that no trusted group is required. Critics reasonably ask what the DAO is for if five people can override its vote. Supporters answer that a veto that can only block transfers, never initiate them, is a much narrower power than it appears.

3. Quorum Design Versus Participation Floors

Here is the trap in BonkDAO’s design. Quorum was defined purely as voting weight, set at 1 percent of supply. A single wallet holding 1 percent satisfies it perfectly. Quorum was supposed to represent community consensus, and instead it functioned as a price list.

Better designs measure participation, not just weight:

  • Wallet-diversity quorum: require a minimum number of unique voting addresses, not only a total weight. A single accumulator cannot satisfy this without recruiting real participants. Note that this must be paired with defenses against sybil attacks, where one entity splits holdings across many wallets to look like a crowd.

  • Turnout floors: require a minimum percentage of circulating voting power to actually vote before any result counts.

  • Scaled thresholds: the larger the treasury outflow requested, the higher the quorum and approval threshold required. Moving $500 is not the same governance decision as moving $20 million, and it should not face the same bar.

Trade-off: high thresholds mean legitimate proposals fail through apathy, which frustrates communities and can freeze a DAO entirely.

4. Vote-Escrow and Lock-Up Weighting

Vote-escrow, often written as veTokens, makes voting power a function of both how many tokens you hold and how long you have locked them up. A holder who locks tokens for four years gets meaningfully more voting weight than a wallet that bought yesterday.

This directly targets the BonkDAO pattern. An attacker who must lock tokens for months or years to obtain useful voting weight can no longer buy power on Friday, vote on Monday, and sell on Tuesday. The exit is closed, and the attacker becomes exposed to the consequences of their own vote, which is the alignment the original token-weighted model only assumed.

A related and simpler measure is a voting power activation delay, meaning newly deposited tokens cannot vote for a set period.

Trade-off: long lock-ups deter genuine participants too, and concentrate power among early holders who locked at low prices.

5. The Flash Loan Variant

BonkDAO’s attacker spent real money and held real tokens across several days. A more aggressive variant needs no capital at all.

In a flash loan governance attack, the attacker borrows a very large sum with no collateral, on the condition that the loan is repaid within the same transaction. Inside that single atomic transaction they:

  1. Borrow.

  2. Buy or acquire a controlling block of governance tokens.

  3. Pass a proposal.

  4. Execute it and drain the treasury.

  5. Repay the loan and keep the difference.

The entire operation can complete inside one block. Beanstalk Farms lost approximately $182 million this way in April 2022, and it remains the canonical example.

The defense is a timelock, and it is absolute. A flash loan must be repaid in the same transaction, so borrowed tokens cannot be held across an execution delay. Any mandatory delay between approval and execution, even a short one, makes the flash loan variant structurally impossible.

Defense Comparison

Defense

What it stops

What it costs

Timelock (24 to 48 hours or more)

Flash loan attacks entirely. Buys a reaction window for bought-vote attacks.

Slower governance, no instant emergency response

Multisig or security council veto

Anomalous execution, including this exact case

Reintroduces trusted humans into a trustless system

Wallet-diversity quorum

Single accumulator clearing quorum alone

Sybil risk, harder to pass legitimate proposals

Scaled quorum by transfer size

Large treasury drains specifically

Complexity, potential deadlock on big decisions

Vote-escrow or lock-up weighting

Buy, vote, dump strategies

Deters casual participants, favors early holders

Proposal monitoring and alerts

Nothing on its own

Only becomes prevention when paired with a timelock

That last row is the honest one. Monitoring tells you the house is on fire. A timelock is what gives you time to leave.

This Has Happened Before

Incident

Date

Reported loss

Method

Build Finance DAO

Feb 2022

Around $500,000

Attacker accumulated tokens, passed proposals granting minting rights

Beanstalk Farms

Apr 2022

Around $182 million

Flash loan bought a voting supermajority inside one transaction

Tornado Cash

May 2023

Governance takeover

A proposal with a hidden self-destruct function granted the attacker roughly 1.2 million votes

Compound (Proposal 289)

Jul 2024

499,000 COMP, around $24 million

A whale-led bloc accumulated tokens and passed a treasury allocation over delegate objections, narrowly, over a weekend

BonkDAO (BIP #76)

Jul 2026

Around $20 million

Bought just over quorum on the open market, voted alone

The pattern repeats with small variations. The method of acquiring votes changes. The underlying arithmetic does not.

Two contextual figures are worth noting, both widely reported rather than independently verified. Realms is reported to host more than 800 DAOs collectively managing over $1.5 billion in treasuries. Research cited by risk firm Gauntlet has found that a majority of major DeFi protocols see voter participation below 10 percent. If both are approximately right, BonkDAO was not an outlier. It was simply the one that got priced.

The Honest Debate: Theft, or the Rules as Written?

This is where the crypto industry has never reached consensus, and this article will not pretend to settle it.

The case that this is theft. Intent is unambiguous. The proposal was written to deceive, dangling rewards for yes voters that were never paid. The buying was timed and structured to avoid attention. The proceeds were laundered through a second address within hours. In every other area of law and commerce, using a legitimate mechanism with fraudulent intent to take assets that are not yours is theft, and the mechanism being on-chain does not create an exception. BonkDAO, Chainalysis, and the analytics firms treat it as an attack. Law enforcement has been notified.

The case that this is rules-as-written. A DAO is a machine that converts votes into actions. BonkDAO published its rules, set its own quorum, chose not to configure a timelock, and invited anyone in the world to buy its token and vote. Somebody did exactly that, in public, on-chain, over six days, with nothing hidden. Calling it theft afterward, this argument goes, amounts to saying that the vote is binding only when the community likes the outcome, which is a claim that dissolves the entire premise of on-chain governance. If the code is law, then law was followed.

Both positions are held by serious people, and the tension between them is not academic. It determines whether recovery is even coherent as a goal, and it is why governance attacks are so hard to reverse: there is no exploit transaction to roll back, only a decision the DAO made.

What is not in dispute is the mechanism, and the mechanism is the lesson. A treasury that any temporary majority can move is only as secure as the cost of buying that majority.

What Is Still Unknown

Responsible reporting requires flagging what has not been established as of July 13, 2026:

  • The identity of the attacker.

  • Whether any funds will be recovered. Roughly $19 million reportedly sits in a multisig and has not moved.

  • The final governance reforms BonkDAO will adopt, though timelocks, higher quorums, multisig treasury controls, and veto windows are all reported to be under discussion.

  • Precise loss figures, which vary between reports because BONK’s price moved during the event.

The 12-Question DAO Governance Security Checklist

Before you hold, buy, or vote with any governance token, work through these. If you cannot answer them from public documentation in under thirty minutes, that is itself an answer.

#

Question

1

What is the total value of the treasury this token can move?

2

What does it cost, at current prices, to buy the quorum threshold?

3

Is answer 2 smaller than answer 1?

4

Is there an execution timelock between a proposal passing and running? How long?

5

Can any group pause or veto an execution during that window, and who are they?

6

Is quorum measured only in token weight, or also in unique participating wallets?

7

Does the quorum or approval threshold scale with the size of the requested transfer?

8

Can newly acquired tokens vote immediately, or is there an activation delay or lock-up requirement?

9

What was voter turnout on the last five proposals?

10

Who holds the largest voting positions, and how concentrated are they?

11

Are proposals with executable instructions reviewed by anyone before the vote opens?

12

How would you personally find out that a malicious proposal had passed, and how fast?

FAQ

Was BonkDAO hacked? 

Not in the technical sense. No smart contract was exploited and no private key was compromised. The attacker used BonkDAO’s governance system exactly as it was designed, after buying enough voting power to control the outcome. Whether that constitutes a hack is a definitional argument, which is precisely why the case is instructive.

What is a governance attack? 

A governance attack is the acquisition of enough voting power in a DAO to pass a proposal the wider community would never approve, typically one that transfers the treasury to the attacker. It exploits the rules of voting rather than flaws in code.

Why did only seven wallets vote? 

Low turnout is the norm rather than the exception in DAO governance. Research cited across the industry suggests most major protocols see participation below 10 percent. BonkDAO’s turnout of about 2.9 percent, reported against more than 18,000 members, made a bought majority cheap.

Would a timelock really have saved BonkDAO? 

It would have created a window, not a guarantee. A delay only helps if somebody is watching and somebody has the power to act, which is why timelocks are normally paired with monitoring and an emergency multisig. What a timelock does guarantee is that flash loan governance attacks become impossible.

Can the money be recovered? 

It is uncertain. Recovery in governance attacks is unusually difficult because the transfer was executed by the DAO’s own legitimate process, so there is nothing to roll back. Recovery therefore depends on exchanges, bridges, and law enforcement, not on a contract fix. As of mid-July 2026, roughly $19 million reportedly remained in an attacker-controlled multisig.

Does this mean all DAOs are unsafe? 

No. It means token-weighted voting with a low quorum, low turnout, no timelock, and no multisig on treasury outflows is unsafe, and that combination is common. DAOs that have configured execution delays, participation floors, and treasury controls face a materially higher attack cost.

Is BONK’s token contract affected? 

No. The BONK token contract and Solana’s SPL Governance program functioned as designed. No user wallets were reported drained. The loss was confined to the DAO treasury.

Disclaimer: This content is for educational and informational purposes only and is not financial advice. Nothing here is a recommendation to buy or sell any asset or use any platform. Do your own research and manage your risk.

MetaMask Agent Wallet: A Complete Beginner's Guide

What Is a Liquidity Pool? How AMMs Replace Order Books

How Ethereum Gas Fees Work and How to Minimize Them

Is Your Crypto Exchange Still Legal in Europe? Here's the Complete List of Licensed Platforms Before the July 2026 Deadline

No Adverts are available

Share Posts

Copy Link

cryptouniversity.networkblog/how-bo...

No Adverts are availableNo Adverts are availableNo Adverts are available
How to Verify a Stablecoin's Reserves Yourself (Before the Rules Change)
Crypto University•13 July 2026

How to Verify a Stablecoin's Reserves Yourself (Before the Rules Change)

Learn how to check a stablecoins reserves, redemption terms, issuer licence and freeze powers using public documents, before the GENIUS Act rules land.

Crypto News
MiCA Explained: What the End of the EU Crypto Transition Period Means
Crypto University•10 July 2026

MiCA Explained: What the End of the EU Crypto Transition Period Means

The EU MiCA transition period ended on July 1, 2026, leaving 244 licensed crypto firms. Learn what MiCA is, who qualified, and what changes for users.

Crypto News
Crypto Scams in 2026: How to Spot AI-Powered Threats Like Deepfakes, Pig Butchering, and Recovery Scams
Crypto University•13 July 2026

Crypto Scams in 2026: How to Spot AI-Powered Threats Like Deepfakes, Pig Butchering, and Recovery Scams

Learn how AI is powering more sophisticated crypto scams in 2026, including deepfakes, pig butchering, impersonation, and recovery schemes. Discover practical red flags, on-chain indicators, checklists, and protection steps for beginners.

Guides