Code Is Not Law: What the $20 Million BONK DAO Governance Attack Means for Crypto DAOs

Last week, the treasury of BONK DAO—the decentralized organization behind the Solana memecoin BONK—was emptied of roughly $20 million. There was no hack in the conventional sense. No stolen private keys, no exploited smart contract bug, no phishing. Instead, an anonymous actor spent about $4.4 million buying BONK tokens, used that stake to satisfy the DAO's 1% quorum requirement, and voted through a governance proposal whose payload was a transfer of the treasury to a wallet the actor controlled. The proposal passed with seven wallets voting and a 99.9% "yes" result—effectively a single voter approving their own payday. Once approved, the transfer executed automatically on-chain.

No criminal investigation has been announced as of this writing, and it may never be. But the incident is a timely reminder of a principle we return to often with clients in this space: code is not law, and structuring a taking as a series of "valid" transactions does not immunize it from legal consequence—or, just as importantly, guarantee legal consequence for the perpetrator.

The anatomy of a governance attack

What happened to BONK DAO is what security researchers call a governance attack: rather than breaking the rules of a protocol, the attacker uses the rules exactly as written. Here, the DAO's design allowed any sufficiently large token holder to propose and pass a binding, self-executing transfer of treasury assets. The attacker's economics were brutally simple. The cost of assembling a decisive voting bloc (about $4.4 million, some of it reportedly borrowed through DeFi lending platforms) was a fraction of the treasury it unlocked (about $20 million). Low voter turnout—under 3% of members participated—did the rest.

Within hours of the drain, the attacker began selling the tokens purchased for the vote, keeping the treasury proceeds parked in a multisig wallet. BONK DAO has acknowledged the incident and says it is coordinating with exchanges, bridge operators, and the Solana Foundation to trace and contain the funds.

Theft, or just aggressive use of the rules?

Predictably, the incident has reignited the debate that follows every exploit of this kind: if every individual transaction was permitted by the protocol, was anything actually stolen? A vocal contingent of on-chain commentators takes the "code is law" position—that the attacker merely played a badly designed game better than everyone else.

Courts have not been so accommodating, but they have not been entirely hostile either, and the leading case shows how unsettled this area remains. In the Mango Markets matter, Avraham Eisenberg extracted roughly $110 million from a DeFi protocol through what he called a legal trading strategy. A federal jury convicted him in 2024 of commodities fraud, manipulation, and wire fraud. Then, in May 2025, the district court vacated the commodities counts for improper venue and acquitted him outright on wire fraud, reasoning in part that a permissionless, self-executing protocol with no stated rules about borrowing could not have been "deceived" in the way the fraud statutes require. Prosecutors have appealed, arguing the ruling would unsettle traditional understandings of fraud, and that appeal remains pending.

The Eisenberg saga cuts both ways for anyone assessing the BONK situation. On one hand, it shows prosecutors are willing to treat protocol exploitation as ordinary fraud and that juries can be receptive. On the other, it exposes real doctrinal friction: fraud theories built on misrepresentation strain when the "victim" is autonomous code, and venue—a threshold requirement prosecutors usually clear easily—becomes genuinely difficult when the defendant, the protocol, and the counterparties have no meaningful geographic anchor. That said, the BONK facts may arguably present a cleaner case than Mango Markets. A governance proposal is not autonomous code; it is a communication directed at human token holders.

What DAO’s should take from this

For those building or governing DAOs, the lesson is structural. A treasury is only as secure as the cost of temporarily buying a voting majority, and quorum thresholds calibrated for engagement look very different when viewed as an attack price. Practical mitigations exist and are increasingly standard: timelocks between proposal passage and execution, veto councils or guardian multisigs for treasury-touching proposals, vote-escrow models that require tokens to be locked (and thus at risk) before they carry governance weight, and proposal screening that flags executable payloads regardless of how the accompanying text reads.

For traders on the other side of the ledger tempted to view weak governance as an arbitrage opportunity—the message is equally direct. The absence of an announced investigation is not a safe harbor. Blockchain analytics firms traced the BONK attacker's exchange onramps within hours, exchanges are cooperating, and the legal system has repeatedly shown it will look past the formal validity of on-chain transactions to the substance of the scheme. Even where criminal theories falter, civil exposure, asset freezes, and regulatory action remain very much in play.

Smart contracts execute what they are told. The law asks why.

This newsletter is for informational purposes only and does not constitute legal advice. If you have questions about DAO governance, digital asset custody, or exposure arising from on-chain activity, contact our team at D'Angelo Legal.

FAQ

What happened in the BONK DAO governance attack? An anonymous actor spent roughly $4.4 million buying BONK tokens, used that stake to meet the DAO's 1% quorum, and passed a governance proposal that transferred about $20 million from the DAO treasury to a wallet the actor controlled. The transfer executed automatically once the vote passed — no hack or code exploit was involved.

Is a governance attack illegal if every transaction followed the protocol's rules? Not necessarily legal, and not necessarily prosecutable either — this is unsettled law. Prosecutors have treated protocol exploitation as ordinary fraud (as in the Mango Markets case), but courts have pushed back where the "victim" is autonomous code. A governance attack may present a stronger fraud theory because the proposal is a communication aimed at human voters, not just an algorithm.

What is the "code is law" argument? It's the position that any action permitted by a blockchain protocol's code is legitimate, so exploiting poorly designed rules is just skilled play, not theft. Courts have neither fully embraced nor fully rejected it: a judge vacated the Mango Markets exploiter's convictions in 2025, but prosecutors are appealing, and civil and regulatory exposure remains regardless.

Can the BONK DAO recover the stolen treasury funds? Possibly in part. The DAO is working with exchanges, bridge operators, and the Solana Foundation to trace and freeze funds, and blockchain analytics identified the attacker's exchange onramps quickly. Civil claims such as conversion and unjust enrichment, asset freezes, and regulatory action are all potential recovery paths even without a criminal case.

How can DAOs protect their treasuries from governance attacks? The core fix is making a hostile vote more expensive and slower than it's worth: timelocks between passage and execution, veto councils or guardian multisigs for treasury-touching proposals, vote-escrow models that lock tokens before they carry voting power, and screening of proposal payloads regardless of how the accompanying text reads.

Next
Next

The Supreme Court Holds: A Geofence Warrant Is a "Search" — Here's What Chatrie Means for You