- The Beluga Brief
- Posts
- š³ Weekly Edition: CLARITY Act odds have never been more unclear as onchain attacks change form
š³ Weekly Edition: CLARITY Act odds have never been more unclear as onchain attacks change form
The BonkDAO $20M attack is yet another example of a no-code hack, exploiting the "weak link" without dealing with complex smart contracts

The previous āinformalā target of July 4th for the CLARITY Actās passing has come and gone, and prediction market odds for its passage have never been lower: Polymarket now reads a 42% chance the bill is signed into law, versus the 80% odds we saw in February. While enacting a crypto market structure bill was one of the primary stated goals of the Trump administration, it feels like weāre just as far from a resolution as we were when he took office this term while reports show heās pocketed over a billion from the industry.

Source: Polymarket
The rise in hack frequency continues to be a dominant theme of this year, as most of the public attributes the thefts to the proliferation of AI tooling enabling smart contract exploits. In reality, the data for the first half of the year tells a different story: for the first time, wallet compromises make up the largest category of crypto theft at a shocking $444.5M, with phishing incidents in second place with a total of $366M according to data from Certik.
Perhaps the most embarrassing āhackā of the year so far has been BonkDAOās governance fiasco in which an anonymous user successfully passed a vote to transfer about $20M to themselves. After buying $4.4M in BONK over a few days, the attacker then used that stake to dominate their own governance proposal⦠you may now be asking yourself, how was $4.4M enough to sway the treasury of a coin that was once worth several billion in market cap?
Well, after six days of the proposal going public onchain, only seven addresses had voted at all with the attacker making up about 99.9% of the votes. The DAO itself was setup with no timelock to delay proposal execution, no quorum floor tied to participation, and no emergency override that could freeze a suspicious transfer once it started moving. The attacker didnāt have to break any of the rules or write a single line of code, he just used the governance process as designed and somehow nobody noticed.
Aside from being another entry in the long list of reasons DAOs havenāt worked yet, it also speaks to the marketās general disinterest in these communities that were once bastions of their respective blockchains. 6 days is a long time for an eight-figure proposal to sit untouched in plain sight, and to me thatās arguably the more damning number than the $20M itself. If we donāt pull ourselves together with proper safeguards, the next governance heist wonāt need $4.4M, itāll just need a quiet week.
Crypto Moves Fast. Trade What Happens Next.
BTC at $100K? ETH above $3K? Market cap hitting new highs? Kalshi lets you trade on the outcomes you're already watching. Buy "Yes" or "No" shares on crypto milestones ā no wallet, no gas fees, no exchange. Just your read on the market. Start with a free $10 and see if you're right.
Trade responsibly.

The Beluga intern has been hard at work gathering all the most important crypto news stories so you have them in one place!
The Majors
Alt Coins and Stocks
Crime
AI
Interesting Reads

Check out our latest content below!



