
📉 Bearish
⏱ 3 min read
BonkDAO, the decentralized organization behind Solana’s popular meme coin Bonk, lost approximately $20 million in tokens after a malicious governance proposal drained its treasury in a sophisticated attack that has raised new concerns about decentralized governance security.
What Happened
The incident was identified as a “malicious governance attack” that targeted BonkDAO, resulting in one of the largest exploit-driven losses for a DAO in recent Solana history. In the early hours of Monday morning, a governance proposal, titled “Sowellian BonkDAO” (Improvement Proposal #76), was both submitted and subsequently passed through the BonkDAO platform. Notably, it authorized the transfer of more than 4.4 trillion BONK tokens—worth an estimated $20 million at the time—out of the project’s treasury wallet to a wallet ending “JHvQ.” This transfer utilized the DAO’s on-chain decision-making process, representing a direct attack not on smart contract logic, but rather the governance procedures themselves.
The proposal claimed to implement ‘Sowellian governance,’ installing new council members and apparently offering ‘yes’ voters eligibility for new BONK tokens. However, after passage, none of the tokens were distributed as incentives; instead, all were quickly funneled to the attacker’s wallet, which blockchain analysis via Solscan linked to Bybit deposits. The tokens were later moved to another Solana address ending “eh42.” BonkDAO rapidly began coordinating with centralized exchanges, including Upbit and Kraken, as well as with the Solana Foundation, in an effort to track and freeze assets. Law enforcement was notified, and wallet activity continues to be monitored as part of the investigation.
Why It Matters
This incident illustrates acute governance risk in DAO-managed treasuries, particularly for meme coin projects operating on rapidly scalable Layer-1 chains like Solana. While DeFi exploits often center on smart contract vulnerabilities, this event demonstrates that governance structures—if not robustly designed and monitored—can present equally serious attack surfaces. In broader market context, governance attacks have become an area of growing concern, with some malicious actors targeting proposal processes for control over treasury funds or protocol parameters. The potential for vote buying and sybil attacks remains a persistent threat in under-secured DAOs.
Second-order effects may extend beyond BonkDAO. The exploit is likely to serve as a cautionary case for Solana-based projects and the wider crypto ecosystem, spurring discussion around best practices for DAO transparency and proposal vetting. Historical examples suggest that governance-related exploits trigger waves of internal audits and governance redesigns across protocols. BonkDAO’s quick response and collaboration with exchanges could influence incident playbooks for similar organizations, but the event also raises questions about on-chain governance trade-offs between openness and security.
Key Takeaways
- BonkDAO’s treasury was drained of $20 million in BONK via a passed on-chain governance proposal.
- Tokens were moved through wallets identified by Solscan, implicating Bybit as a funding path.
- Centralized exchanges and the Solana Foundation are supporting incident response and investigation.
- The exploit exposes the unique risks of DAO governance and incentivization structures.
What’s Next
The market will be watching both the immediate recovery efforts and the longer-term response from BonkDAO and other Solana-based DAOs. Further actions from law enforcement, such as asset freezes or legal claims, remain possible. Going forward, analysts expect increased scrutiny of governance proposals on public DAO forums, potential adoption of enhanced voting audits, and possible updates to anti-collusion mechanisms to prevent repeat attacks. Ultimately, this incident may set a new precedent for how decentralized organizations secure their treasuries against insider or governance-driven threats.
🧠 HafidWatch Take
BonkDAO, which oversees the Solana-based meme coin Bonk, suffered a $20 million treasury exploit tied to a malicious governance proposal. The attacker leveraged the DAO process to move 4.4 trillion BONK tokens to personal wallets. The team is working with exchanges and authorities to recover the funds.
Get The Hafid Brief every morning
Crypto & markets. Fast, filtered, serious. Free. Delivered at 7:30am ET.



