Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
CFD
Stock CFD Derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
3.8%
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
Bonk’s DAO Governance Attack: A Mysterious Person Spends $4.4 Million to “Legally” Move $20 Million
Thieves in broad daylight: someone spent about $4.4 million to buy over 1% of BONK, meeting the voting threshold, then submitted a proposal titled "Governance Reform" that hid a line transferring 4.43 trillion BONK to their own wallet. The proposal sat on the BonkDAO forum for several days unnoticed. Out of 18k eligible voting addresses, only 7 cast votes. The attacker voted in favor, and the DAO's smart contract executed as usual, draining about $20 million worth of BONK from the treasury "legally."
(Previous: ENS governance infighting escalates: co-founder proposes delegating 5 million ENS to dilute a single large holder's voting power) (Background: Solana launches on-chain governance mechanism SGP: requires validators with over 100,000 SOL to submit proposals)
Key Points
The crypto space has another example of "legal robbery." This incident involved no hackers, no leaked private keys — the attacker followed BonkDAO's own voting system from start to finish. They first spent about $4.4 million to sweep up over 1% of BONK (roughly 882.3 billion tokens), just barely crossing the voting threshold, letting a single vote decide the outcome. Every step was "legal," and that's what makes it chilling.
The "attack" that followed all the proper procedures
The attack script was absurdly simple. Step one: buy enough 1% of BONK to meet the voting requirement. Step two: submit a proposal titled "Governance Reform." Step three: hide the real intention in the proposal content — transferring 4.43 trillion BONK into their own wallet.
What's more, the proposal was written like a rallying cry, saying things like "rebuild from the ashes, liquidate holdings, stop the bleeding," and even added "those who vote yes will receive tokens" as bait.
18,000 addresses, only 7 voted
The proposal passed not because of rhetoric, but because nobody was watching. BonkDAO's governance forum was already quiet, and with the market downturn, even less attention was paid. The proposal sat for days undetected. By the voting deadline, only 7 out of 18,000 eligible addresses had voted, and the attacker's votes accounted for nearly 99.878% of the voting power.
The final vote saw roughly 882.3 billion in favor, just barely surpassing the threshold of about 880 billion. The approval number almost exactly matched the stake the attacker had slowly accumulated over those days. Once the threshold was met, the smart contract executed immediately, draining about $20 million worth of BONK from the treasury.
Spent $4.4 million, took $20 million — a return ratio of nearly 1:5, an absurdly high profit margin for this "transaction."
BonkDAO later stated that it had identified the exchange wallet used by the attacker to buy tokens, and is cooperating with the exchange, cross-chain bridges, and the Solana Foundation to handle the aftermath. BONK's price fell roughly 10% on the news.
FAQ
How did the BonkDAO governance attack happen?
The attacker spent about $4.4 million to buy over 1% of BONK, meeting the voting threshold, and submitted a proposal titled "Governance Reform" that actually hid a transfer of 4.43 trillion BONK. Due to the forum's low activity, no one noticed. Ultimately, only 7 wallets voted, the proposal passed, and the smart contract automatically transferred out about $20 million.
Is a governance attack considered a hacker attack?
Strictly speaking, no. The attacker did not break into the system or steal private keys. Every step was a valid transaction, merely exploiting a loophole in the governance design. The problem lies in the lack of a minimum voting threshold, a timelock, and multi-signature safeguards, allowing just 7 wallets to decide the fate of a $20 million treasury.