Spent 4M to steal 20M


The contract wasn't hacked
The BONK treasury theft was passed through a DAO proposal vote
The attacker spent 4M to buy votes, pushing a malicious proposal into a legitimate resolution, and then withdrew 20M
The weakness of token-weighted voting: with money, you can steal legally
The proposal passage threshold is not high; spending 4M in cost is too worthwhile for a 20M return
DAO governance is not secure just because it's written into a contract
Voting weight equals holdings; this design itself is a priced vulnerability
BTC is sideways at 63K; the market has no movement
The attack surface of crypto has long been more than just the contract layer; the governance layer is equally vulnerable
I wonder if more DAOs will be exploited this way in the future
If the return exceeds the cost, someone will definitely do it
BONK-9.78%
BTC0.27%
View Original
post-image
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned