Axioma (AXT) Exploit — Mispriced Presale Sells Tokens Far Below the AMM Market Price

Source & credit. Exploit reproduction, trace data, and analysis adapted from DeFiHackLabs by SunWeb3Sec — an open registry of reproduced on-chain exploits. Standalone Foundry PoC and full write-up: 2023-04-Axioma_exp in the evm-hack-registry mirror. Upstream DeFiHackLabs PoC: src/test/…/Axioma_exp.sol.

Vulnerability classes: vuln/oracle/price-manipulation · vuln/logic/price-calculation · vuln/defi/slippage

Reproduction: the PoC compiles & runs in an isolated Foundry project at this project folder (the umbrella DeFiHackLabs repo contains many unrelated PoCs that do not compile together, so this one was extracted). Full verbose trace: output.txt. Verified vulnerable source: AxiomaPresale.sol.

Key info#

TL;DR#

AxiomaPresale.buyToken() sells AXT at a fixed, owner-set price of rate / 1e9 tokens per wei of BNB (AxiomaPresale.sol:402-418). At the time of the attack that price was 300 AXT per BNB (rate = 3e11, buyTax = 0).

Meanwhile the AXT/WBNB PancakeSwap pool was quoting AXT far more expensively: its reserves were only 14,157.67 AXT / 135.48 WBNB, i.e. ≈ 104.5 AXT per WBNB at the margin. So one BNB paid into the presale bought ~300 AXT, but those same AXT were worth far more than one BNB when sold into the thin pool.

The attacker simply closed the gap:

1. Flash-loans 32.5 WBNB from a DODO DVM pool, unwraps it to native BNB.
2. Buys AXT at the presale with all 32.5 BNB → receives 9,750 AXT at the stale price.
3. Dumps the 9,750 AXT into the AXT/WBNB pool (5.5% of it is siphoned by the token's own sell-tax, so 9,213.75 AXT actually hits the pool) → pulls out 53.33 WBNB.
4. Repays 32.5 WBNB to DODO and keeps the difference: 20.83 WBNB profit, all in one atomic transaction with zero starting capital.

There is no rounding bug, no reentrancy, no broken AMM invariant. The single root cause is that the presale price was never tied to (or bounded against) the market price, so anyone could buy cheap from the presale and instantly resell dear on PancakeSwap.

Background — what the Axioma presale does#

AxiomaPresale is a trivially simple fixed-price token sale. It holds a large inventory of AXT and lets anyone buy at a price the owner sets via rate:

uint256 public rate;     // If rate = 100, then tokensPerBNB is 100
uint256 public buyTax;

function buyToken() public payable {
    uint256 bnbAmountToBuy = msg.value;
    uint256 tokenAmount = bnbAmountToBuy.mul(rate).div(10**9);   // ← fixed price, no oracle
    require(token.balanceOf(address(this)) >= tokenAmount, "INSUFFICIENT_BALANCE_IN_CONTRACT");
    payable(PresaleOwner).transfer(bnbAmountToBuy);
    uint256 taxAmount = tokenAmount.mul(buyTax).div(100);
    token.transfer(PresaleOwner, taxAmount);
    (bool sent) = token.transfer(msg.sender, tokenAmount.sub(taxAmount));
    require(sent, "FAILED_TO_TRANSFER_TOKENS_TO_BUYER");
}

AXIOMATOKEN (source) is an ordinary reflection/dividend token with a 5.5% sell fee (rewardsSellFee 25 + marketingSellFee 10 + liquiditySellFee 20 = 55, over feeDivisor = 1000, contracts_AXIOMATOKEN.sol:1351-1354). That fee is the only friction the attack has to overcome.

On-chain parameters at the fork block (read from the trace):

The pair's token0 = AXT, token1 = WBNB (PancakePair.sol:312-313), so reserve0 = AXT and reserve1 = WBNB throughout.

The whole exploit lives in the relationship between these two prices:

Presale price: 1 BNB → 300 AXT. AMM marginal price: 135.48 WBNB / 14,157.67 AXT ⇒ 1 AXT ≈ 0.00957 WBNB, i.e. 1 BNB ≈ 104.5 AXT.

The presale is selling AXT at roughly one-third of what the market is paying for it. Buying from the presale and selling into the pool is pure, instant, capital-free arbitrage.

The vulnerable code#

The price is a hard-coded constant, never compared to the market#

function buyToken() public payable {
    uint256 bnbAmountToBuy = msg.value;
    uint256 tokenAmount = bnbAmountToBuy.mul(rate).div(10**9);   // ⚠️ rate is a fixed admin constant
    require(token.balanceOf(address(this)) >= tokenAmount, "INSUFFICIENT_BALANCE_IN_CONTRACT");
    ...
    (bool sent) = token.transfer(msg.sender, tokenAmount.sub(taxAmount)); // ⚠️ tokens out at that price
    ...
}

AxiomaPresale.sol:402-418

rate is set in the constructor and only ever changed by the owner via updateRate() (AxiomaPresale.sol:384-386):

function updateRate(uint256 newRate) public onlyOwner() { rate = newRate; }

There is:

• No oracle / no AMM quote — the presale has no idea what AXT is worth on PancakeSwap.
• No per-buy or per-block purchase cap — a single call may drain a flash-loan-sized chunk.
• No upper bound on msg.value and no slippage, so the price is identical for the first and the millionth token sold.
• No "presale must be cheaper than market" or "market must be cheaper than presale" guard — the two markets are completely decoupled.

The mirror-image problem (AMM cheaper than presale) would let an arbitrageur run the trade the other way; either direction of dislocation is freely exploitable.

Root cause — why it was possible#

A token has exactly one fair price at any instant. Axioma created two independent venues quoting that token at two different prices and put no mechanism in place to keep them in line:

1. PancakeSwap prices AXT dynamically from its reserves — that price had drifted up to ~104.5 AXT/BNB because the pool was thin (only ~135 WBNB of liquidity).
2. The presale priced AXT at a static rate of 300 AXT/BNB that the owner had configured and never updated to track the market.

Whenever two venues quote the same asset at different prices and value can flow freely between them, the cheaper venue is drained into the dearer one. Here the presale was ~3× cheaper, so it became a free AXT faucet:

Pay BNB into the presale → get AXT at 300/BNB → sell AXT into the pool at ~104.5/BNB → walk away with more BNB than you put in. Flash loans remove even the need for starting capital, and the whole loop is atomic so there is zero price risk.

The presale's only require — token.balanceOf(address(this)) >= tokenAmount — caps a single purchase at the remaining inventory (≈10M AXT), not at anything economically meaningful. The 5.5% AXT sell tax shaves the margin but does not come close to closing the ~3× gap.

Preconditions#

• The presale holds AXT inventory (balanceOf(presale) >= tokenAmount). It held ≈10M AXT.
• The presale rate is materially cheaper (in BNB terms) than the AXT/WBNB pool's marginal price. At the fork block: presale 300 AXT/BNB vs. pool ~104.5 AXT/BNB — a ~3× dislocation.
• A liquid source of BNB. None of the attacker's own capital is needed: a DODO DVM flash loan supplies the WBNB, which is unwrapped to native BNB to call buyToken() and repaid at the end.
• The pool has enough WBNB to absorb the dumped AXT and pay out the arbitrage profit (135 WBNB, of which 53.33 WBNB was extracted on this single ~9.2K-AXT dump).

Attack walkthrough (with on-chain numbers from the trace)#

All figures are taken directly from output.txt. The attacker contract is the Foundry test harness (ContractTest, 0x7FA9385b...).

Verifying the swap math#

PancakeSwap's getAmountOut (0.25% fee, factor 9975/10000) on the AXT→WBNB leg:

amountIn (post-FoT)  = 9,213.75 AXT
reserveIn  (AXT)     = 14,157.67
reserveOut (WBNB)    = 135.48

out = (9213.75 · 0.9975 · 135.48) / (14157.67 + 9213.75 · 0.9975)
    = (9189.46 · 135.48) / (14157.67 + 9189.46)
    = 1,244,985 / 23,347.13
    ≈ 53.32 WBNB

which matches the trace's 53.331130 WBNB out. The pre-swap pool balance read in the trace (balanceOf(pair) = 23,371.42 AXT, output.txt:1660) is exactly 14,157.67 + 9,213.75, confirming the 14,157.67 AXT starting reserve.

Profit accounting (WBNB)#

The profit is purely the price gap: 9,213.75 AXT acquired for 32.5 BNB (≈ 0.003527 BNB/AXT) but sold for 53.33 WBNB (≈ 0.005789 WBNB/AXT) — a ~64% markup, partially eaten by the pool's slippage and the 5.5% sell tax, netting +20.83 WBNB.

Diagrams#

Sequence of the attack#

Where the value comes from: two prices for one token#

Decision flow inside buyToken() — the missing guard#

Why each magic number#

• rate = 3e11 ⇒ 32.5e18 × 3e11 / 1e9 = 9,750e18 AXT for 32.5 BNB. This is the static presale price the owner set and is the entire source of the dislocation. It implies 300 AXT/BNB.
• Flash loan = 32.5 WBNB: sized to the pool's depth. The AXT/WBNB pool only held ~135 WBNB, so dumping the AXT from a 32.5-BNB buy already pushed the pool price down hard (53.33 WBNB out of 135.48, ~39% of the WBNB side). A much larger buy would suffer steep slippage on the sell leg and would also be inventory-bounded; 32.5 BNB roughly maximizes profit for this single pool.
• 5.5% AXT sell tax (536.25 of 9,750 AXT): the only haircut on the trade; it reduces the AXT actually delivered into the pool to 9,213.75 but is far too small to neutralize the ~3× edge.
• 53.331130 WBNB out / 20.831130 WBNB profit: the pool's constant-product response to the 9,213.75-AXT dump, minus the 32.5 WBNB repaid to DODO.

Remediation#

1. Price the presale against a trusted reference, not a static constant. Derive tokenAmount from an oracle (e.g. a TWAP of the AXT/WBNB pool, or a stablecoin-denominated price feed) rather than a hard-coded rate. If a fixed sale price is a deliberate product decision, the sale must be gated so it cannot be arbitraged — see (2)/(3).
2. Bound the presale to the market. Reject (or auto-pause) purchases when the presale price deviates beyond a tight band from the live AMM price, so the presale can never be the cheaper venue for instant resale.
3. Add purchase limits and timing controls. Per-address and per-block caps, a maximum msg.value per call, and a vesting/lockup on presale-bought tokens prevent buy-and-instantly- dump loops and make flash-loan-scale extraction impossible.
4. Make presale tokens non-immediately-sellable. If presale buyers cannot sell into the AMM within the same transaction/block (lockup, claim delay, or non-transferable receipt), the atomic arbitrage is broken even if a price gap exists.
5. Operationally, keep rate current. Any fixed-price sale running alongside a live AMM must have its price actively maintained; a stale rate is a standing invitation to arbitrage.

How to reproduce#

The PoC was extracted into a standalone Foundry project (the umbrella DeFiHackLabs repo has many unrelated PoCs that fail to compile under one forge build):

_shared/run_poc.sh 2023-04-Axioma_exp -vvvvv

• RPC: a BSC archive endpoint is required (the fork block ~27.62M is well in the past). The PoC forks via vm.createSelectFork("bsc", 27_620_321 - 1) (test/Axioma_exp.sol:27); most pruned public RPCs will fail with header not found / missing trie node.
• Result: [PASS] testExploit() with the attacker retaining ~20.83 WBNB.

Expected tail:

Ran 1 test for test/Axioma_exp.sol:ContractTest
[PASS] testExploit() (gas: 430923)
Logs:
  [After Attacks]  Attacker WBNB balance: 20.831130089952719912

Suite result: ok. 1 passed; 0 failed; 0 skipped

References: HypernativeLabs disclosure — https://twitter.com/HypernativeLabs/status/1650382589847302145 · SlowMist Hacked — https://hacked.slowmist.io/ (Axioma, BSC, April 2023).

Sources & further analysis#

Reproductions & code

• Standalone PoC + full trace: 2023-04-Axioma_exp (evm-hack-registry mirror).
• Upstream DeFiHackLabs PoC: Axioma_exp.sol.

Alerts & third-party analyses

• Original alert / thread: post on X.
• DeFiHackLabs incident explorer: search "Axioma (AXT) Exploit".
• Web3Sec X hacked database: search.
• Rekt leaderboard: search.
• Solodit incident search: search.

These dashboards index community alerts tweets, post-mortems, and independent write-ups. Reach them through the protocol name above to cross-check this reproduction against other analyses.