Solana Presale Hijacked by Bot Farm, Launch Scrapped

The presale for the Wet (WET) token, hosted through the Solana decentralized exchange aggregator Jupiter, sold out almost instantly. However, this speed was not the result of overwhelming organic demand. According to the organizing team, the automated market maker (AMM) HumidiFi, a single actor used a bot farm controlling over 1,000 wallets to execute a Sybil attack. This coordinated effort allowed the entity to ‘snipe’ nearly the entire token allocation in a matter of seconds, effectively shutting out all genuine retail participants who had no realistic chance to compete.

This incident on the Solana blockchain is a stark example of how automated exploitation can undermine fair distribution in permissionless fundraising events. The attack exploited the presale mechanism on Jupiter, which was designed for open participation but lacked safeguards against a single entity masquerading as a crowd. The result was a complete hijacking of the token launch, forcing HumidiFi to make a drastic decision shortly after the event concluded.

In response to the attack, HumidiFi confirmed the breach and took the significant step of scrapping the WET token launch entirely. The team’s decision highlights the severe operational and reputational risks that such Sybil attacks pose to crypto projects. Rather than proceeding with a token distribution dominated by a malicious actor, which would distort the market and community from day one, HumidiFi chose to reset.

The team announced it would create a new token and hold an airdrop exclusively for legitimate participants. Crucially, HumidiFi stated it would explicitly exclude the wallet addresses linked to the sniper attack from this new distribution. This reactive measure aims to salvage fairness but comes at the cost of delayed launch, added complexity, and the need for the team to manually identify and verify ‘legitimate’ participants after the fact—a challenging task in a decentralized environment.

The event has amplified warnings from industry analysts about the increasing prevalence of such attacks. Bubblemaps CEO Nick Vaiman explicitly stated that Sybil attacks are rising across presales and airdrops. His commentary points to a systemic vulnerability in crypto’s popular fundraising and community distribution methods, where pseudonymity and automation can be weaponized.

Vaiman’s solution is a direct challenge to pure decentralization ideals: he has called on project teams to implement Know Your Customer (KYC) checks or algorithmic detection methods to filter out bot farms. This incident with the WET token on Solana serves as a case study supporting this argument. It underscores the growing tension within the crypto ecosystem between the principle of permissionless access and the practical need for participant verification to ensure equitable outcomes and project sustainability.

The HumidiFi presale debacle is more than an isolated technical failure; it is a stress test for decentralized finance (DeFi) models. As projects like those on Solana seek to leverage platforms like Jupiter for efficient token distribution, the threat from sophisticated Sybil operations forces a reconsideration of launch mechanics. The path forward may involve a hybrid approach, blending decentralized infrastructure with selective verification, as the community weighs the trade-offs between absolute openness and foundational fairness.