What Happens When a DAO Is Hacked?

The phrase "DAO hack" gets applied to two fundamentally different failures that happen to share a name. One is a standard smart contract exploit — code has a bug, an attacker finds it, funds are drained. The other is a governance attack — no code is broken, the attacker follows the rules exactly and uses them to extract value. The distinction matters because the failure modes work differently, the response options are different, and the post-hack trajectory looks different depending on which type you're dealing with.

Two Different Types of Failure

Smart contract exploits work the same way in a DAO as anywhere else in DeFi. There's a vulnerability in the code, an attacker discovers it, and funds are drained. The governance system isn't involved — the DAO just happens to be the entity that owns the protocol when it gets exploited.

The original DAO hack in 2016 was this type. A reentrancy bug in The DAO's withdrawal function let an attacker recursively drain funds before the contract updated its internal balance. 3.6 million ETH was extracted — roughly $60M at the time, worth considerably more by any later measure. The governance mechanism played no role; the code was broken.

Governance attacks are stranger and arguably more instructive. The attacker acquires enough governance tokens to pass a malicious proposal, votes it through, and the governance system executes exactly as designed. No code breaks. The protocol's democratic mechanism becomes the attack vector.

The Beanstalk exploit in April 2022 is the clearest example. An attacker took out a flash loan to temporarily acquire 79% of Beanstalk's governance tokens, proposed and immediately passed a governance action that transferred $182M in assets to themselves, and repaid the flash loan — all within a single block. The governance contract worked perfectly. The flaw wasn't in the code; it was in the design assumption that token-weighted voting with no time delay and no minimum holding period would be safe. It wasn't.

Mango Markets in October 2022 was a more layered attack. An attacker manipulated the price of MNGO (the governance token) to inflate the apparent value of their collateral, borrowed far beyond its real value, then used their large token holdings to vote through a governance proposal forgiving the bad debt and paying themselves from the treasury. Oracle manipulation and governance capture, combined in sequence.

What Governance Can Actually Touch

In a governance attack, what's accessible is whatever the governance contract has authority over. That's not everything — it's specific to how the DAO is architected.

Most DAOs keep their treasury in a contract that governance can authorize transfers from. If a proposal can pass a transfer transaction, whoever controls governance can drain the treasury. There's often no additional protection beyond the token threshold.

Many protocols also allow governance to modify operational parameters: interest rates, collateral factors, fee structures, access controls. A governance attack doesn't have to take the treasury directly — it can set parameters that enable secondary extraction, or change access controls to hand the attacker ongoing privileged access.

What governance usually can't touch: individual user wallets, assets users have deposited into separate protocols, funds held by entities outside the on-chain governance contract. The attack surface is bounded by what governance can authorize.

The Response Problem

Flash loan governance attacks complete in a single transaction. By the time anyone sees the on-chain activity, the funds are gone. There's no window for human intervention.

Slower governance attacks — those requiring a multi-block voting period — can sometimes be countered. A whale token holder might recognize a malicious proposal and vote against it. The team might alert users to exit. But many governance contracts give protocols no emergency pause capability, because emergency pause requires a trusted admin, which undermines the decentralization argument.

Post-attack, the options are constrained. Legal recovery requires knowing who the attacker is. On-chain activity is pseudonymous. If the attacker routes funds through exchanges, those exchanges can potentially freeze withdrawals with law enforcement coordination — but that's a slow, uncertain process and exchanges cooperate selectively.

Negotiated settlement has happened. Mango Markets paid the attacker $47M in a community-approved arrangement. The DAO decided legal uncertainty made this the least-bad path. The attacker returned the rest in exchange for no prosecution. Unusual, but it set a precedent.

Hard forks — the Ethereum community's response to the 2016 DAO hack — reversed the transactions by forking the chain before the attacker could move funds. That was extraordinary, required near-unanimous social coordination, and caused the Ethereum/Ethereum Classic split. It hasn't been done since and almost certainly never will be again at that scale.

Most governance attacks and smart contract exploits end with the funds unrecovered.

Who Absorbs the Loss

In a governance attack, it's the treasury that gets drained. The treasury belongs to the DAO's stakeholders — token holders primarily, but also liquidity providers and users whose positions are backstopped by protocol reserves. If there's no reserve left, users with positions that depend on protocol solvency are exposed.

The cascade often does more damage than the initial loss. After an exploit, confidence drops, TVL exits, revenue generation falls, and any thesis that the protocol will replenish its treasury through future fees becomes increasingly uncertain. Most hacked protocols don't recover to pre-hack TVL levels, even when the technical vulnerability is patched or the governance design is improved.

What's Changed

The Beanstalk and Mango attacks shifted expectations around governance design. A few practices have become increasingly standard.

Timelocks are now widely considered baseline. A 48–72 hour delay between a proposal passing and its execution means that even if an attacker achieves a malicious vote, there's a window to detect and respond. Emergency multisigs can pause execution. Token holders can mobilize. It raises the cost of a flash loan attack to essentially impossible — you can't hold flash-loan capital for two days.

Minimum voting periods and quorum requirements close related gaps. A governance contract that allows immediate voting on tokens acquired seconds earlier is structurally vulnerable. Requiring tokens to be held for some period before they confer voting rights eliminates the flash loan vector entirely.

Some protocols have also separated the governance of different authority tiers — parameter changes with one threshold and timelock, treasury access with a higher threshold and longer timelock. It doesn't eliminate attack surface, but it makes the most damaging actions harder to execute.

Admittedly, better governance design doesn't fix all of it. Slow-build accumulation attacks — where an attacker gradually acquires governance tokens over months — aren't addressed by timelocks. Governance of protocols with poorly designed token distribution remains exposed.

Confirmation and Invalidation

Confirmation: Declining frequency of governance attacks on protocols with timelocks and holding period requirements; continued adoption of tiered governance structures separating operational and treasury authority; auditors treating governance attack surface as a first-class security concern alongside code review.

Invalidation: Slow-accumulation governance attacks succeeding at protocols with timelocks, demonstrating the vector merely shifted rather than closed; governance attacks adapting to exploit the gap between proposal detection and timelock expiry; continued large losses at protocols that implement surface-level governance safeguards without meaningful treasury separation.

Timing Perspective

Now — active risk for protocols without timelocks or holding period requirements. Governance attacks are well-understood and the tooling to execute them is accessible. The Beanstalk playbook is documented. Any protocol with a governable treasury and no delay mechanism is exposed.

Next — timelocks and minimum holding periods becoming baseline expectations rather than differentiators. Governance attack surface increasingly included in formal audit scope. Better tooling for on-chain monitoring and automated alerts.

Later — more complex questions around delegation, veToken systems, and identity-verified governance as potential paths toward reducing flash loan governance amplification. No near-term technical solution exists for slow accumulation attacks.

Boundary

This covers the mechanics of how DAO hacks work and what determines the outcome. It doesn't address the tax treatment of losses from governance attacks, the regulatory status of DAO governance tokens, or the current security posture of any specific protocol. A timelock is one layer of governance security — not a complete solution. Governance design, smart contract code, oracle security, and key management are separate concerns, each with its own failure modes.