mt logoMyToken
ETH Gas
简体中文

BonkDAO Governance Attack Drains $20 Million on Solana

solana main2

A single malicious governance proposal drained roughly $20 million from BonkDAO’s treasury on Tuesday, laying bare the thin security margins that protect token-weighted voting systems on Solana. Details from the original report show the attacker pushed a governance measure after quietly building a voting block with $4 million worth of BONK, enough to steer the outcome.

The treasury loss hits BonkDAO at an awkward time. BONK remains one of Solana’s largest memecoins by market cap, and its DAO controls a treasury designed to fund ecosystem grants, liquidity incentives, and marketing pushes. Losing $20 million in a single proposal undercuts the notion that large token holders reliably protect community treasuries.

How the Attack Unfolded

The attacker did not exploit smart contract code. The vector was far simpler: buy enough governance tokens to dominate a vote. After acquiring $4 million in BONK, the entity submitted a standard-looking treasury transfer proposal. When the vote closed, the treasury moved roughly $20 million in BONK to addresses the attacker controlled.

BonkDAO confirmed it has identified exchange accounts used to acquire the voting block before the proposal. It is now coordinating with exchanges, bridges, and the Solana Foundation to freeze or trace the funds. The speed of the response matters. Exchange compliance teams often have a narrow window to flag suspicious withdrawals before assets cascade through mixers or cross-chain routes.

The Weakness of Token-Weighted Governance

DAOs built on pure token-voting models have been taking fire for years, but the memecoin sector has been especially slow to adopt safeguards like time-locks, quorum thresholds tied to active participation, or multi-phase proposal reviews. Many meme coin DAOs optimize for speed and community engagement, not treasury security.

This incident fits a pattern that governance researchers have warned about repeatedly. A well-capitalized actor can purchase enough tokens to pass almost any proposal on chains where governance power is cheap and concentration is low. While BonkDAO’s treasury is substantial, its governance token liquidity did not make the $4 million buy particularly difficult to hide until the vote concluded.

Still, Solana’s broader DeFi and developer activity remain robust. As BlockchainReporter noted in its recent breakdown of top blockchains by developer activity , Solana continues to draw strong builder interest, a trend that exists apart from the speculative winds that drive memecoin treasuries.

Recovery Efforts and What Comes Next

The most pressing variable is whether any of the drained BONK can be recovered. Centralized exchanges that hold attacker-linked accounts may freeze remaining balances, but if the tokens have already moved off-platform or been sold, the chances drop sharply. The Solana Foundation’s involvement suggests some hope of freezing on-chain assets, though a truly determined adversary will have planned for that possibility.

What remains uncertain is how BonkDAO adjusts its governance parameters. The community will likely push for higher proposal thresholds and mandatory delay periods, but implementing changes requires another governance vote — the very process that was just compromised. A short-term solution could involve a multisig override controlled by a limited set of trusted contributors, a move that centralizes control but buys time while permanent fixes are debated.

For the wider Solana memecoin corridor, the attack serves as a reminder that treasury size is not a substitute for treasury security. Other DAOs sitting on eight-figure token reserves will now face pressure to explain why their own governance designs cannot be gamed with a fraction of their treasury value.

免责声明:本文版权归原作者所有,不代表MyToken(www.mytokencap.com)观点和立场;如有关于内容、版权等问题,请与我们联系。
更多精彩内容请查阅
X(https://x.com/MyTokencap)
或加入社区了解更多MyToken-官方华文电报群
https://t.me/mytoken_cn