Cryptosolv@cryptosolv
Something odd happened a few hours ago involving a convoluted mess of $HEXDC (@POWERCITYio) and @phiatcrypto. There's a bit to unpack, and a number of unanswered questions here - let's dive in.
🔎 The wallet mentioned in the quoted post (0x678fdae40f5e6760dd45560103c453317784d435) bridged in 124.95 $WETH earlier today (mostly sourced from the TornadoCash 10 ETH pool), before fomo buying some large chunks of $WPLS, and then switching to a more sensible DCA strategy to finish up. All of the $WETH was swapped for $WPLS, which was then unwrapped to $PLS.
Notably, their transaction style was unusual. They clearly set up their PulseX router settings to ONLY use the V1 WETH/WPLS pair, and ate quite significant slippage on their first 3 buys.
🔎 A few hours after their buying spree, they deployed a contract and made a single large swap in one transaction - swapping 23.6b $PLS for just over $12k $HEXDC - a loss of around $220k value in a single swap. They used PulseX, despite much of the HEXDC liquidity being on other DEXs that require an aggregator to access.
🔎 Meanwhile, one of the larger MEV bots on chain made ~$172k profit off this swap ($146k stables, 2.6b PLS) - a screenshot of one of the transactions below where they made $106k in a single tx.
Here's where things get strange.
🔎 The address responsible for the terrible PLS>HEXDC swap then performed 2 contract interactions with 0xD4E5B052AE95bB6c663bB1cC245C3076c259C694, which looks to be a Phiat price oracle contract:
otter.pulsechain.com/tx/0x8013ea05f…
otter.pulsechain.com/tx/0x66e33f033…
Within 40 seconds, they called 2 'update' functions, one to the Phiat HEXDC price feed (HEXDC/HEX pair), the 2nd to the Phiat HEX price feed (HEX/WPLS pair). We understand that both of these calls are just forcibly updating the oracles view of these pairs by recording one new TWAP observation - potentially trying to take advantage of temporarily skewed prices?
For them to be able to call these functions, they've likely spent extensive time and effort decompiling this contract as it's unverified.
🔎 5 days ago, an unconnected address (funded by BlockBlend, a privacy protocol) also called the same function on this contract, this time calling an 'update' function for the USDL/WPLS pair - perhaps they were practicing?
otter.pulsechain.com/tx/0x6af96b57c…
🔎 There appears to be no benefit gained from this activity for the wallet involved - no Phiat lending/borrowing that would benefit from skewed price data, no real damage to the HEXDC protocol (it was back at peg immediately), no obvious liquidity grab from anywhere in the ecosystem.
Why they're interacting with a Phiat contract after making the terrible swap is beyond us. There's a reasonable likelihood given this wallet has some level of understanding of code (has decompiled the Phiat contract + is deploying their own contracts) that they may also own the arb bot that took most of the profits from this trade - though they'd still be down well over $60k from today's activities.
✍️ We're pretty sure there's a hidden angle here that we're missing - surely nobody is this stupid, right? Did they try to manipulate the HEXDC price in some sort of vague attempt to exploit the protocol? Were they intending to gain anything from Phiat?
Trying to make this swap in PulseX shows you just how bad the output discrepancy was. Nothing this wallet has done makes sense on the surface.
Anyone have any insight?
