He Spent $4.4 Million to Vote Himself $20 Million, and It Was Legal
No smart contract was hacked. No key was stolen. No website was spoofed. An attacker spent $4.4 million buying votes, submitted a proposal to send themselves the treasury, and won the election 99.9% to nothing. Seven wallets voted. This is what on-chain democracy looks like.

Most crypto thefts break something. A smart contract bug. A stolen private key. A spoofed website. BonkDAO lost $20 million and nothing broke. The system worked exactly as designed. That was the problem.
BONK is a Solana memecoin. BonkDAO is the decentralized organization that governs it, which means token holders vote on proposals and, if a vote passes, the code executes it automatically on-chain. Anyone holding enough tokens can propose a change. Anyone. That was not a loophole. That was the pitch. On-chain governance was sold a few years ago as the future of how communities run themselves. In July 2026 it became the weapon used to rob one.
Here is how you steal $20 million without writing a single line of exploit code.
On June 30, an anonymous wallet submitted a proposal to BonkDAO's treasury. Titled "BIP #76 - Sowellian BonkDAO," it read like a pep talk. It promised to "rebuild from the ashes, monetize holdings, stop the bleeding." It noted that "all YES voters are eligible to receive tokens." Buried underneath the motivational language was the only line that mattered: a transfer of 4.43 trillion BONK to a wallet the proposer controlled.
Then the attacker went shopping.
Over July 4 and 5, a separate wallet quietly bought BONK on Bybit and Binance, spending roughly $4.4 million to accumulate just over 1% of the token's entire supply. One percent does not sound like much. But BonkDAO's quorum - the minimum participation needed for a vote to count - was 1% of supply. The attacker was not buying an investment. They were buying exactly enough votes to become the only voter who mattered.
On July 6, they cast their entire stake in favor of BIP #76.
The proposal had been live for six days. More than 18,000 BonkDAO members existed. Seven wallets voted. Turnout was 2.9%. The attacker's wallets controlled 99.878% of the votes cast. The proposal cleared quorum by the thinnest possible margin - 882.38 billion BONK in favor against an 879.95 billion threshold, almost exactly the stake the attacker had spent five days assembling. The 99.9% "yes" result was a single voter agreeing with itself.
The vote passed. The code did what code does. About $20 million in BONK - 4.426 trillion tokens - moved automatically out of the treasury and into the attacker's wallet. No alarm. No override. No human in the loop. The treasury had consented to its own robbery, by majority vote.
BONK dropped 8 to 10% within a day. Upbit and Bithumb froze BONK deposits and withdrawals. BonkDAO put out a statement confirming the drain, said it had identified the exchange wallets used to buy the votes, and started coordinating with exchanges, bridges, the Solana Foundation, and law enforcement. PeckShield flagged around $148,000 of the stolen BONK already moving to OKX. Recovery odds: low. Once a governance proposal executes on-chain, reversing it is close to impossible, because there is nothing to reverse. Every step was a valid transaction.
Which raises the question the whole incident forced into the open. Was this even theft? Every action was legal within the rules. The attacker bought tokens on public exchanges, voted with them, and the DAO's own code paid out. SlowMist co-founder Yu Xian pointed out it was not a hack at all - the attacker simply spent $4 million to control a vote nobody else bothered to show up for. Some on-chain observers argued the attacker just exploited a badly designed system. BonkDAO and the analytics firms call it an attack, and law enforcement is treating it as one. Both things are true. It was a robbery conducted entirely through the front door, with a key the DAO handed out to anyone willing to pay for it.
Token-weighted voting assumes big holders are aligned with the protocol because they have money at stake. That assumption dies the moment someone buys tokens purely to drain the treasury and dump them afterward. To that attacker, the tokens were not an investment. They were a weapon, discarded the second it fired.
A treasury that can be drained by whoever assembles a temporary voting majority is only as secure as the cost of buying that majority. Here the majority cost $4.4 million and the prize was $20 million. Nobody needed to be a hacker. They just needed to be the only one who showed up to vote.
The Aftermath
BonkDAO said it had traced the exchange accounts used in the pre-vote token accumulation and was coordinating with exchanges, bridges, the Solana Foundation, and law enforcement to recover funds and identify the attacker. Recovery odds were treated as low - governance proposals execute automatically and irreversibly on-chain, and every step of the attack was a valid transaction. BONK fell 8-10% and Korean exchanges Upbit and Bithumb froze deposits and withdrawals. The incident reignited a debate across Solana DAOs and the wider crypto governance space over whether token-weighted voting is safe for treasury decisions, with community discussion turning to timelocks, higher quorum floors, multisig checks, and conviction-based voting as safeguards. The philosophical question - theft versus fair use of the rules - stayed unresolved, but law enforcement involvement made the practical answer clear.
COMMENTS