top of page
Search

HumidiFi WET Token Launch Halted After Massive Botting Incident on Solana

Photorealistic 3D render of an industrial vault at night. Dozens of small, insect-like, wheeled, and hovering robots are swarming an open steel safe, which is overflowing with gold and brass tokens. The robots are actively carrying, grappling, and moving the tokens, with some on the safe's rim and others on the floor. The scene is lit by cold fluorescent lights, highlighting the metallic robots and tokens, with motion blur conveying frantic activity.

Introduction


HumidiFi’s chaotic $WET token presale on Solana has sparked controversy after on-chain analytics platform Bubblemaps exposed a Sybil-style bot attack linked to a single actor known as “Ramarxyz.” Using more than 1,000 wallets, this entity allegedly sniped around 70% of the WET public presale allocation on Jupiter Exchange’s Decentralized Token Formation (DTF) launchpad, causing the sale to sell out in just two seconds before most retail investors could participate. Despite this, the accused later demanded a refund on social media, deepening community outrage and scrutiny around Solana DeFi token launches and fairness.


Blockchain data showed that over 1,100 of the 1,530 participating addresses followed an identical pattern, each funded with exactly 1,000 USDC from centralized exchanges right before the sale, strongly suggesting a coordinated bot farm. Additional analysis from trader Gautam Mgg revealed that 4% of the public allocation went to only 10 wallets, with four wallets alone committing 40% of the entire public sale supply. Critics have blamed Jupiter Exchange for failing to implement basic anti-bot protection such as CAPTCHA or dynamic address rotation, turning what was meant to be a flagship DTF token launch for HumidiFi into a case study in how presales can be gamed by sophisticated actors.


In response, HumidiFi voided the compromised sale, canceled suspected bot allocations, and announced it will reissue the WET token under a new, audited contract, with legitimate Wetlist and JUP staker participants set to receive a prorated airdrop and access to a fresh public sale. As one of the most active Solana decentralized exchanges, with billions in monthly volume, HumidiFi had promoted WET as a staking and fee-rebate token distributed in a community-first way via Jupiter’s DTF platform. The incident not only delays the WET launch but also reignites broader concerns over token distribution fairness, Sybil resistance, and crypto presale security across major launchpads, especially as DeFi projects seek more transparent and trust-minimized ways to launch new tokens.


Background


The first public token sale for HumidiFi’s WET token on Solana turned into a live case study in presale security, Sybil resistance, and fair token distribution. Within seconds of going live on Jupiter Exchange’s Decentralized Token Formation (DTF) launchpad, a single actor—known on X as “Ramarxyz”—allegedly captured around 70% of the public WET presale allocation using a large network of automated wallets.


On-chain analytics platform Bubblemaps published a detailed investigation showing that more than 1,000 wallets that participated in the WET public sale were likely controlled by this same entity, effectively turning a community sale into a highly concentrated position for one player. The sale sold out in roughly two seconds, and many retail participants were unable to even submit a transaction before the allocation was exhausted. After the incident, HumidiFi voided the compromised presale, canceled suspected bot allocations, and committed to reissuing WET under a new audited contract with a new public sale structure.


This episode lands at an important moment for Solana DeFi, where HumidiFi is already a major liquidity venue. According to DefiLlama, HumidiFi has processed tens of billions of dollars in cumulative DEX volume and is categorized as a proprietary AMM on Solana, often ranking among the top Solana DEXs by trading volume over 24 hours and 30 days (DefiLlama). Separate coverage from Blockbeats/WEEX notes that, on some days, HumidiFi has represented around 30% of all Solana DEX volume, with 24‑hour volumes above $10 billion (WEEX). That context helps explain why the WET token launch attracted so much interest—and why the failure mode is so instructive for DeFi and fintech practitioners.


How the WET Presale Was Bott‌ed: A Practical Look at Sybil Attacks in Token Sales


The basic structure of the WET presale


The WET public sale ran on Jupiter’s DTF launchpad, a system designed to make token launches transparent and on-chain. Key parameters for the public phase included:


  • Token: WET (HumidiFi’s native token)

  • Chain: Solana

  • Price: ~$0.069 per token

  • Public allocation: 30 million WET

  • Per-wallet cap: 1,000 USDC

  • Venue: Jupiter DTF launchpad on Solana


In theory, a relatively low per-wallet cap should encourage broad participation and reduce whale dominance. In practice, that only holds if each wallet meaningfully corresponds to a unique participant.


What is a Sybil or bot attack in a token presale?


A Sybil attack in this context occurs when a single actor controls a large number of wallets and uses them to appear as many distinct users. In a crypto presale or airdrop:


  • Each wallet looks like a separate participant.

  • Caps “per wallet” can be bypassed by spinning up hundreds or thousands of wallets.

  • Public sales that rely purely on address-based limits (without identity or stronger Sybil resistance) become easy targets.


For the WET presale:


  • Bubblemaps’ investigation on X showed that at least 1,100 of the 1,530 participating wallets appeared to be controlled by a single entity (linked to the alias “Ramarxyz”), based on common funding patterns and transaction timing.


  • Most wallets received exactly 1,000 USDC shortly before the sale, predominantly from the same set of centralized exchange sources.


  • One wallet broke the standard pattern and was linked, via prior on-chain activity, to the @ramarxyz X/Twitter account.


This kind of setup is typical of a coordinated bot farm: funds are distributed just-in-time across many addresses, and automated scripts are prepared to submit transactions as soon as the presale opens. When the sale went live, those bots likely submitted transactions in the first block or two, filling almost the entire allocation in seconds.


Community analysis and blame assignment


On top of Bubblemaps’ work, a separate analysis by trader Gautam Mgg found that:


  • 4% of the public WET allocation went to just 10 wallets, and

  • 4 wallets alone accounted for 40% of the entire public sale supply—again suggesting concentrated, automated participation.


Gautam and others criticized Jupiter Exchange for not enabling basic anti-bot protections, such as:


  • CAPTCHAs or signed human-verification proofs

  • Randomized or rotating claim mechanisms

  • Stronger rate limiting or pre-registration workflows


Importantly, this is not the first large-scale Sybil incident flagged by Bubblemaps. In September 2025, the analytics firm warned about a $170 million Sybil attack in the MYX airdrop, where roughly 100 newly created wallets claimed a disproportionate share of tokens after being funded simultaneously from OKX (Cryptonews). That case already raised concerns about how fragile airdrop and launchpad designs can be when they rely mainly on wallets as a proxy for users.


The WET incident reinforces the same theme: address ≠ user, and relying solely on wallet caps for fair token distribution is no longer sufficient in modern DeFi.


HumidiFi, WET, and Jupiter DTF: What’s at Stake for Solana DeFi


Why HumidiFi matters in the Solana ecosystem


HumidiFi is often described as a “dark pool” or proprietary AMM (prop AMM) on Solana. Rather than open public liquidity pools, it operates with internal, professionally managed liquidity and integrates directly into Solana routing infrastructure, especially Jupiter, the dominant DEX aggregator on Solana.


External analyses describe HumidiFi as:


  • A prop AMM that manages its own capital and quoting logic rather than relying on retail liquidity providers.


  • One of Solana’s top DEX venues by volume, often capturing a significant share of daily on-chain spot volume (DefiLlama and WEEX).


  • A protocol that emphasizes tight spreads, low slippage, and reduced MEV exposure by focusing on professional, algorithmic market making rather than passive LPs.


From a fintech and market-structure standpoint, HumidiFi looks closer to an on-chain version of a specialist liquidity provider or dark pool operator than a typical community-run AMM. The upcoming WET token is designed to sit on top of this infrastructure as:


  • A staking and fee-rebate asset, and

  • A way to share economic upside with the broader community rather than keeping all economics at the prop-trading level.


That combination—a leading Solana DeFi liquidity engine and its first community-facing token—made WET one of the more closely watched presales on Jupiter DTF.


Jupiter DTF’s role and reputational risk


The Jupiter Decentralized Token Formation (DTF) platform is intended to be:


  • A transparent and on-chain alternative to traditional ICOs and IEOs.

  • A curated environment where token launches can be verified, auditable, and accessible to the community.

  • A key piece of infrastructure connecting Solana DeFi users with new assets in a more trust-minimized way.


The WET sale was DTF’s first live deployment, effectively its flagship launch. The fact that this first showcase was disrupted by a highly visible bot/Sybil attack is not just a HumidiFi problem; it’s a stress test for Jupiter’s model of token formation and for launchpad design on high-throughput chains more broadly.


For market participants, product teams, and risk managers in DeFi and fintech, this raises several practical questions:


  • How should launchpads balance openness vs. Sybil resistance?

  • What is the right mix of purely on-chain criteria (wallet caps, timing, allocation mechanisms) and off-chain or identity-aware filters (KYC, passport-based limits, social graph checks)?

  • How do you maintain regulatory and UX practicality while still protecting against industrial-scale botting?


The WET presale shows how quickly a credibly neutral design can be captured by sophisticated participants if the underlying assumptions are not robust.


HumidiFi’s Response and Design Lessons for Future Crypto Presales


Immediate remediation: voiding the sale and reissuing WET


Once the scale of the attack became clear, HumidiFi took several steps:


  1. Confirmed the bot attack and acknowledged that a large share of public allocation was controlled by a single actor using a bot farm.


  1. Voided the compromised sale, canceling all suspected Sybil-linked allocations.


  1. Announced plans to deploy a new, audited WET token contract.


  1. Committed to a pro-rata airdrop of the new WET token to legitimate Wetlist and JUP staker participants, preserving value for genuine contributors.


  1. Signaled a new public sale under improved conditions, aiming to reduce the likelihood of a similar exploit.


From a governance and reputational point of view, this is effectively a full reset of the token launch, with an explicit prioritization of fairness and investor protection over speed.


For a leading Solana DEX, that response matters: it sets a precedent that large protocols will unwind compromised launches rather than pushing ahead at the expense of their broader community.


Key design takeaways for DeFi and fintech teams


For teams building launchpads, DeFi protocols, or token distribution systems, the WET incident highlights several actionable themes:


  1. Wallet caps are not Sybil resistance

Per-wallet maximums (e.g., 1,000 USDC) provide only superficial fairness. In practice, sophisticated players will spin up and fund thousands of wallets at negligible cost.


  1. Timing-based launches favor automation over humans

 “Fastest transaction wins” mechanics on high-throughput chains like Solana reward:


  • co-located infrastructure

  • optimized RPC routing

  • private mempool access (where applicable)

  • pre-signed transactions and custom client code


Human users clicking a UI button will almost always lose to scripts.


  1. Presale design should treat Sybils as the default threat model

Modern presale and airdrop design needs to start from the assumption that:


  • Adversaries can cheaply create thousands of addresses.

  • CEX funding and chain infrastructure can be coordinated at scale.

  • On-chain patterns (simultaneous funding, uniform contribution sizes) will emerge—but often only after damage is done.


  1. Layered defenses are more resilient

In a purely on-chain, non-KYC environment, teams can still consider:


  • Eligibility lists tied to past organic usage, not just signups.

  • Rate-limited participation, e.g., staggered rounds or randomized assignment.

  • Commit–reveal schemes, where orders are committed first and revealed later, making precise sniping harder.

  • Sybil scoring and real-time monitoring, with explicit rollback or pause powers spelled out in the launch docs.


  1. Transparency about powers and contingencies is crucial

If a team reserves the right to cancel or modify a sale in case of a clear exploit, that should be:


  • Documented up-front in the launch terms.

  • Governed by clear criteria (e.g., concentration thresholds, abnormal on-chain patterns).

  • Followed by transparent, data-backed post-mortems when invoked.


The HumidiFi team’s choice to void the sale and reissue WET with a fresh contract is a strong remediation, but it also underscores the need to codify failure modes in launch design ahead of time.


Why This Incident Matters for the Future of Solana DeFi and Token Launches


The WET presale bot attack is not an isolated edge case; it’s part of a growing pattern in crypto presales, airdrops, and incentive programs. High-performing chains like Solana are particularly attractive to sophisticated actors because they:


  • Enable extremely fast transaction inclusion.

  • Keep transaction costs low, making large Sybil farms economical.

  • Attract substantial liquidity and attention around new launches.


At the same time, protocols like HumidiFi and platforms like Jupiter DTF are pushing on-chain markets toward more institutional-grade execution and transparent fundraising. That combination—professionalized liquidity with open participation—can be powerful, but it also amplifies the need for robust, research-driven launch mechanics.


For DeFi and fintech professionals, this case offers a few enduring lessons:


  • Market microstructure and incentive design are security surfaces.

Tokenomics, caps, and allocation logic are as important as smart contract audits.


  • Analytics and monitoring are not optional.

Tools like Bubblemaps, internal anomaly detection, and third-party watchdogs are now part of the operational stack, not nice-to-haves.


  • Fair distribution is a moving target.

As launchpads and protocols iterate on anti-bot and Sybil-resistant designs, attackers will adapt. Continuous experimentation and post-mortems—like the one emerging around WET—are part of the cost of doing business in open financial systems.


HumidiFi’s decision to unwind the compromised WET presale and deploy a new contract signals that large Solana DeFi players are willing to prioritize integrity over expediency. For participants and builders alike, this incident is a timely reminder: in token launches, getting the design and defenses right is just as important as getting the hype and demand right.



Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
bottom of page