We do not have a reliable USD price for the recorded assets yet.
0x5a475a73343519f899527fdb9850f68f8fc73168073c72a3cff8c0c7b8a1e5200xfb071837728455c581f370704b225ac9eabdfa4aBSCWallStreetMemes PresaleBSCV6 on BSC was exploited in tx 0x5a475a73343519f899527fdb9850f68f8fc73168073c72a3cff8c0c7b8a1e520 at block 37569861. The attacker flash-borrowed 5,000,000 WSM, sold that inventory into the public WSM/WBNB 0.3% Uniswap v3 pool at 0xf420603317a0996a3fce1b1a80993eaef6f7ae1a, then called the public presale buyWithBNB(uint256,bool) entrypoint while the spot quote was depressed. The presale transferred 2,770,000 WSM for only 2.881196755668116793 BNB, after which the attacker unwound the temporary pool distortion, repaid the flash loan, and realized 2,516,938.179912631607253979 WSM profit.
The root cause was the presale's use of a same-transaction manipulable Uniswap v3 spot quote inside fetchPrice(uint256), which buyWithBNB(uint256,bool) trusted immediately when sending presale inventory.
The victim was the PresaleBSCV6 proxy at 0xfb071837728455c581f370704b225ac9eabdfa4a on BSC. Independent validation of the proxy's EIP-1967 implementation slot at block 37569860 resolves to implementation 0xa5b8a34219279c7d2a675297c56137adb5e64ec2.
The presale supports a dynamic-sale mode controlled by dynamicSaleState. In that mode, buyWithBNB computes the required payment through fetchPrice(amount * baseDecimals) instead of a fixed admin-set price. The verified implementation exposes the critical pricing path:
function fetchPrice(uint256 amountOut) public returns (uint256) {
if (WSMPrice == 0) {
bytes memory data = abi.encodeWithSelector(
quoter.quoteExactOutputSingle.selector,
0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c,
0x62694D43Ccb9B64e76e38385d15e325c7712A735,
3000,
amountOut,
0
);
(bool success, bytes memory result) = address(quoter).call(data);
require(success, "Call to Quoter failed");
uint256 amountIn = abi.decode(result, (uint256));
return amountIn + ((amountIn * percent) / 100);
}
}
Because quoteExactOutputSingle is just a live spot quote, any actor who can move the referenced pool inside the same transaction can change the sale price that the presale accepts. At block 37569860, an independent cast call to fetchPrice(2770000000000000000000000) returned 49.702311565373243727 BNB, showing the normal order of magnitude before manipulation.
The vulnerability class is an on-chain pricing attack caused by trusting a manipulable DEX spot quote for primary-market token sales. The presale did not anchor pricing to a TWAP, Chainlink feed, immutable admin-set sale schedule, or any other manipulation-resistant reference. Instead, it asked the Uniswap v3 quoter how much WBNB was needed to buy a target amount of WSM from the live 0.3% pool and then charged that amount plus percent. The referenced pool was public, liquid, and directly tradeable by the attacker in the same transaction. That made the presale's sale price path-dependent on pool state that the buyer itself could distort just before purchase. Once buyWithBNB received the low quoted amount, it forwarded the discounted BNB to paymentWallet and transferred presale inventory immediately. The exploit was therefore deterministic for any unprivileged actor with access to public flash liquidity and the public presale entrypoint.
The violated invariant was: presale inventory must not be sold using a price that the buyer can manipulate inside the purchase transaction.
The concrete breakpoint was the pair of functions fetchPrice(uint256) and buyWithBNB(uint256,bool) in implementation 0xa5b8a34219279c7d2a675297c56137adb5e64ec2. fetchPrice queried the live WSM/WBNB 0.3% pool quote, and buyWithBNB immediately used that number as settlement price:
function buyWithBNB(uint256 amount, bool _stakeStaus)
external
payable
whenNotPaused
nonReentrant
returns (bool)
{
require(dynamicSaleState, "dynamic sale not active");
directTotalTokensSold += amount;
uint256 ethAmount = fetchPrice(amount * baseDecimals);
require(msg.value >= ethAmount, "Less payment");
sendValue(payable(paymentWallet), ethAmount);
if (!_stakeStaus) {
IERC20Upgradeable(saleToken).transfer(_msgSender(), amount * baseDecimals);
}
return true;
}
The seed trace shows the attacker helper contract 0x014ee3c3de6941cb0202dd2b30c89309e874b114 borrowing 5,000,000 WSM from the WSM/WBNB 1% pool 0x84f3ca9b7a1579ff74059bd0e8929424d3fa330e, then swapping that full amount into the quoted 0.3% pool. That trade increased the 0.3% pool's WSM balance from 108783178168262673449102909 to 113783178168262673449102909, depressing the marginal WBNB required for exact-output WSM purchases. Immediately after that price move, the presale accepted only 2881196755668116793 wei for 2,770,000 WSM. The balance diff confirms the payment wallet 0xb03311570f7273e03578d659b0e3b60d9a4446a7 gained exactly that amount and the presale lost exactly 2770000000000000000000000 WSM.
Nothing in the victim logic forced the attacker to wait for an oracle window, average price, or administrator action. The same transaction could manipulate the quote, consume discounted inventory, and unwind the manipulation before state was observed externally. That is why the exploit is ACT rather than privileged or timing-dependent on secret information.
The adversary EOA was 0x3026c464d3bd6ef0ced0d49e80f171b58176ce32. Its helper contract 0x014ee3c3de6941cb0202dd2b30c89309e874b114 executed the exploit in one transaction.
Step 1 was flash borrowing from the WSM/WBNB 1% pool:
0x84F3...330E::flash(attackerHelper, 5000000000000000000000000, 0, 0x)
Step 2 was selling the borrowed WSM into the WSM/WBNB 0.3% pool to depress the spot quote used by the presale:
0xf420...AE1a::swap(attackerHelper, true, 5000000000000000000000000, 4295128740, ...)
Step 3 was calling the public presale function while the manipulated quote was live. The presale then transferred 2,770,000 WSM and forwarded only 2.881196755668116793 BNB to the payment wallet.
Step 4 was unwinding the pool trade, repaying the flash loan plus fee, and transferring the residual WSM to the attacker EOA. The seed balance diff records the final EOA profit as 2516938179912631607253979 WSM. The same trace also shows the flash pool finishing with a positive WSM delta, consistent with repayment plus fee.
The victim presale lost 2,770,000 WSM of inventory in exchange for a manipulated underpayment. The payment wallet received only 2.881196755668116793 BNB for that transfer, far below the normal fetchPrice value measured before manipulation. The attacker realized 2,516,938.179912631607253979 WSM net profit in the exploit transaction.
The directly measured presale inventory loss was:
[
{
"token_symbol": "WSM",
"amount": "2770000000000000000000000",
"decimal": 18
}
]
0x5a475a73343519f899527fdb9850f68f8fc73168073c72a3cff8c0c7b8a1e5200xfb071837728455c581f370704b225ac9eabdfa4a0xa5b8a34219279c7d2a675297c56137adb5e64ec20xf420603317a0996a3fce1b1a80993eaef6f7ae1a0x84f3ca9b7a1579ff74059bd0e8929424d3fa330e0x62694d43ccb9b64e76e38385d15e325c7712a735/workspace/session/artifacts/collector/seed/56/0x5a475a73343519f899527fdb9850f68f8fc73168073c72a3cff8c0c7b8a1e520/trace.cast.log/workspace/session/artifacts/collector/seed/56/0x5a475a73343519f899527fdb9850f68f8fc73168073c72a3cff8c0c7b8a1e520/balance_diff.json