End-to-End Launchpad Development: Smart Contracts, KYC, Audit

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
End-to-End Launchpad Development: Smart Contracts, KYC, Audit
Complex
from 2 weeks to 3 months
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

How Does an IEO Platform Work?

Every IEO platform faces three critical challenges: fair allocation distribution, protection from manipulation, and regulatory compliance. How you solve these determines investor trust and project success. We develop IEO platforms—full solutions for Initial Exchange Offering that don't just sell tokens but ensure project verification, fair allocation distribution, and exchange integration. Binance Launchpad and KuCoin Spotlight are examples of such systems. A custom platform gives you full control over fees, sale conditions, and liquidity. We help guide you from concept to launch, including smart contract audit. We have been on the market for over 5 years and have delivered more than 15 launchpad projects, so we know all the pitfalls.

Platform Components

Component Responsibility
Project Registry Verification and storage of project data
Allocation Engine Distribution of lots among participants
KYC/AML Gateway Integration with verification provider
Token Sale Contract On-chain sale execution
Staking Contract Platform token staking for tier system
Distribution Contract Vesting and token claim
Admin Dashboard Management of projects, sale parameters

How Allocation Distribution Works

There are two main approaches.

Guaranteed Allocation

Each participant gets a guaranteed allocation proportional to their tier. This is a simple and predictable method, but some tokens may remain unsold.

contract GuaranteedSale {
    mapping(address => uint256) public maxAllocation;
    mapping(address => uint256) public purchased;

    function buy(uint256 amount) external payable {
        require(saleActive(), "Sale not active");
        require(purchased[msg.sender] + amount <= maxAllocation[msg.sender], "Exceeds allocation");

        uint256 cost = amount * price;
        require(msg.value >= cost, "Insufficient ETH");

        purchased[msg.sender] += amount;
        totalSold += amount;
        if (msg.value > cost) payable(msg.sender).transfer(msg.value - cost);
    }
}

Lottery with Oversubscription

A fairer approach when demand is high. Participants register, then a random selection of winners proportional to their tier is made. In practice, a lottery using Chainlink VRF generates 3 times fewer complaints about unfairness compared to guaranteed allocation under oversubscription. This is confirmed by data from major launchpads—Polkastarter and TrustPad switched to lottery for this reason.

Why Chainlink VRF Is Mandatory

For a fair on-chain lottery, verifiable randomness is essential. blockhash or block.timestamp can be manipulated by validators, so we use Chainlink VRF—the security standard for launchpad platforms.

contract LotteryAllocation is VRFConsumerBaseV2Plus {
    mapping(uint256 => address[]) public tierParticipants;
    mapping(address => bool) public isWinner;
    uint256 public randomSeed;

    function register() external {
        require(registrationActive(), "Registration closed");
        StakeInfo memory info = staking.stakes(msg.sender);
        require(info.tier > 0, "No tier");
        tierParticipants[info.tier].push(msg.sender);
    }

    function requestRandomness() external onlyOwner {
        uint256 requestId = s_vrfCoordinator.requestRandomWords(
            VRFV2PlusClient.RandomWordsRequest({
                keyHash: keyHash,
                subId: subscriptionId,
                requestConfirmations: 3,
                callbackGasLimit: 500000,
                numWords: 1,
                extraArgs: VRFV2PlusClient._argsToBytes(
                    VRFV2PlusClient.ExtraArgsV1({nativePayment: false})
                )
            })
        );
    }

    function fulfillRandomWords(uint256, uint256[] calldata randomWords) internal override {
        randomSeed = randomWords[0];
        _selectWinners();
    }

    function _selectWinners() internal {
        uint256 seed = randomSeed;
        for (uint8 tier = 5; tier >= 1; tier--) {
            uint256 winnersForTier = tierWinners[tier];
            address[] storage participants = tierParticipants[tier];
            uint256 shuffleLen = participants.length;

            for (uint256 i = 0; i < winnersForTier && i < shuffleLen; i++) {
                uint256 j = i + (uint256(keccak256(abi.encodePacked(seed, tier, i))) % (shuffleLen - i));
                (participants[i], participants[j]) = (participants[j], participants[i]);
                isWinner[participants[i]] = true;
                seed = uint256(keccak256(abi.encodePacked(seed, i)));
            }
        }
    }
}

How to Set Up a Tier System

Most successful platforms (Polkastarter, TrustPad) use a model: the more platform tokens a user has staked, the higher their allocation priority. Typical tiers: 100 tokens—Bronze, 1000—Silver, 5000—Gold. Each tier gives an allocation multiplier: x1, x3, x10. Such a system increases user engagement by 2 times compared to fixed allocations.

contract TierStaking {
    struct Tier {
        uint256 minStake;
        uint256 multiplier;
        uint256 poolWeight;
    }

    Tier[] public tiers;

    struct StakeInfo {
        uint256 amount;
        uint256 stakedAt;
        uint256 lockEnd;
        uint8   tier;
    }

    mapping(address => StakeInfo) public stakes;

    function stake(uint256 amount, uint256 lockDuration) external {
        require(lockDuration >= MIN_LOCK, "Lock too short");
        token.safeTransferFrom(msg.sender, address(this), amount);

        uint8 tier = calculateTier(amount);
        stakes[msg.sender] = StakeInfo({
            amount: amount,
            stakedAt: block.timestamp,
            lockEnd: block.timestamp + lockDuration,
            tier: tier
        });

        emit Staked(msg.sender, amount, tier);
    }

    function calculateTier(uint256 amount) public view returns (uint8) {
        for (uint8 i = uint8(tiers.length - 1); i >= 0; i--) {
            if (amount >= tiers[i].minStake) return i;
        }
        return 0;
    }
}

KYC/AML Integration

An IEO platform must comply with regulatory requirements. We use SaaS providers: Fractal ID, Synaps, or Sumsub. After verification, the address is added to an on-chain whitelist. An alternative approach is Soulbound tokens (EIP-5484), where KYC status is represented as a non-transferable NFT. Contact us to select the optimal KYC solution.

Escrow and Fund Distribution

Sale proceeds should not go directly to the project—standard buyer protection. We use escrow with milestones:

contract IEOEscrow {
    struct Milestone {
        string description;
        uint256 releasePercent;
        uint256 releaseTime;
        bool approved;
        uint256 approvalVotes;
        uint256 rejectionVotes;
    }

    Milestone[] public milestones;
    uint256 public totalRaised;
    address public project;

    function voteMilestone(uint256 milestoneId, bool approve) external {
        require(projectToken.balanceOf(msg.sender) > 0, "Must hold tokens");
    }

    function releaseFunds(uint256 milestoneId) external {
        Milestone storage ms = milestones[milestoneId];
        require(ms.approved, "Not approved");
        require(block.timestamp >= ms.releaseTime, "Too early");

        uint256 amount = (totalRaised * ms.releasePercent) / 100;
        payable(project).transfer(amount);
    }
}

Listing and Post-Sale Liquidity

A portion of raised funds is automatically added to a DEX to provide initial liquidity. LP tokens are then locked for 180 days.

function finalizeAndAddLiquidity() external onlyOwner {
    require(saleFinished(), "Sale not finished");

    uint256 liquidityETH = (totalRaised * liquidityPercent) / 100;
    uint256 liquidityTokens = calculateLiquidityTokens(liquidityETH);

    token.approve(address(uniswapRouter), liquidityTokens);
    uniswapRouter.addLiquidityETH{value: liquidityETH}(
        address(token),
        liquidityTokens,
        0,
        0,
        address(this),
        block.timestamp + 3600
    );

    lpLockEnd = block.timestamp + 180 days;
}

Typical Mistakes in Launchpad Development

  1. Using simple blockhash for lottery—this allows validators to manipulate the outcome. Instead, use provably fair randomness (Chainlink VRF): a lottery with VRF is 3 times more effective in preventing disputes.
  2. Incorrect vesting setup—if project tokens can be withdrawn instantly, it increases the risk of dumping. Set vesting with a linear distribution over 6–12 months.
  3. No escrow—investor funds go directly to the project, and if conditions are not met, they cannot be recovered. Escrow with milestones is mandatory.
  4. Insufficient gas optimization testing—unoptimized contracts can cost users extra fees (for a large sale, commissions can exceed $50,000). Conduct thorough testing and optimization.

What Is Included

  • Requirements audit and technical specification
  • Development of smart contracts for staking, sale, escrow
  • Backend API and admin panel
  • KYC/AML integration
  • Frontend for users
  • Security audit of contracts by third-party teams (costs start from $30k)
  • Testing and deployment

Development Timeline

Component Timeline
Smart contracts (staking, sale, escrow, distribution) 6–8 weeks
Backend API + admin panel 4–6 weeks
KYC integration 1–2 weeks
Frontend (user interface) 4–6 weeks
Smart contract audit 3–4 weeks
Testing + QA 2–3 weeks

The full cycle from specification to launch takes 4–5 months. The audit budget depends on complexity and chosen team. Contact us for an evaluation of your project. Get a consultation on the architecture.

Token Development: ERC-20, Tokenomics, Vesting

We’ve seen more rekt tokens than we can count — not because the code was broken, but because the economic assumptions were naive. A token that doesn’t collapse from inflation in six months, where governance actually works, and vesting can’t be bypassed through delegation tricks — that’s real engineering. We build under that standard.

How We Avoid Common ERC-20 Pitfalls

ERC-20 standard has nine functions. Complexity starts with extensions:

ERC-20Permit (EIP-2612) — gasless approve via signature. User signs permit(owner, spender, value, deadline, v, r, s) off-chain, spender calls permit() + transferFrom() in one transaction. Removes separate approve step. Risk: signature can be intercepted — need deadline and nonce checking. We always implement EIP-712 typed structured data to prevent signature malleability.

ERC-20Votes (EIP-5805) — snapshot balances for governance. Checkpoint system stores balance history by block number. getPastVotes(address, blockNumber) returns balance at proposal creation, not current. Prevents flash loan governance: can't borrow tokens and vote in one transaction.

Rebasing tokens (stETH, Ampleforth) — balanceOf changes automatically through internal shares ratio. High integration complexity: most DeFi protocols don't work correctly with rebasing without non-rebasing wrapper. We've deployed wrappers that decouple balance from share price for Uniswap compatibility.

Fee-on-transfer tokens — percentage cut on every transfer. Breaks AMM calculations: pool receives less than expected. Uniswap v2/v3 don't support natively — needs special pair/router. We’ve built custom routers that handle fee-on-transfer tokens without reverting.

Why Tokenomics Sustainability Matters More Than Excel

Tokenomics isn't Excel table summing to 100%. It's incentive model that either works long-term or creates selling pressure killing the project.

Emission Schedule and Inflation — Fixed supply (Bitcoin model) works for store-of-value, but for utility tokens you need controlled inflation. Inflationary model (like Ethereum post-Merge) generates new tokens to incentivize participants. Key balance: emission should be <= value captured by protocol. If protocol earns $100k/month but emission is $500k/month in market value — constant selling pressure inevitable. We model these scenarios using Python simulations with cadCAD for complex systems.

Supply Distribution — No universal formula. Principle: no single entity >33% voting power at launch. Otherwise governance is fiction.

Category Typical Range Risk
Team + advisors 15–20% Dumping on unlock
Investors (seed, private) 15–25% Coordinated exit
Treasury / DAO 20–35% Governance capture
Ecosystem / grants 10–20% Inefficient allocation
Public sale / LBP 5–15% Undervaluation → whale capture
Liquidity provision 5–10% Mercenary capital

What Are the Most Critical Vesting Contract Mistakes?

Linear vesting with cliff is standard for team and investors. cliff is the period after TGE with zero availability. After cliff: linear unlock until duration. Typical implementation errors we catch in audit:

  • Revocable vesting without timelock — owner can revoke immediately. Solution: revocation through multisig + governance vote with 7-day delay.
  • Cliff doesn't block governance rights — with ERC-20Votes, recipient can delegate voting power from day one even if tokens aren't unlocked. We explicitly separate voting power from claim logic.
  • No emergency pause — if vesting contract vulnerability discovered, need ability to pause claims. Pausable + timelock on unpause.

We’ve seen a project where the cliff was set to 0 by mistake — team could dump immediately. Our fuzz tests catch such edge cases before deployment.

Vesting contract implementation details

Pausable and Ownable2Step from OpenZeppelin are standard. We add a 7-day timelock on revocation functions. All withdraw functions emit events for off-chain tracking. Fuzz tests verify that cumulative released amount never exceeds total allocation, even after multiple revocations or partial claims.

Why Is Liquidity Bootstrapping Crucial for Token Launch?

Launch mechanics are critical. Three main approaches:

  • Balancer LBP — temporary pool with high initial token weight (90/10 project-token/USDC) that automatically decreases to 50/50 over days. Creates downward price pressure preventing bot buys at one price. After LBP liquidity moves to permanent pool.
  • Fjord Foundry — specialized platform for LBP and fair launches. Less operational overhead than direct Balancer integration.
  • Uniswap v3 with limited range — add liquidity in narrow range around initial price. High capital efficiency but requires active range management.
  • TWAMM — mechanics for gradual large-order sales without slippage. Implemented in FraxSwap.

LBP is 3-5x better than standard AMM listing for price discovery; we’ve seen fair launches with 50% less initial dump compared to direct Uniswap listings.

Governance Tokens and Voting Mechanics

OpenZeppelin Governor is the standard. Modular: GovernorVotes for counting, GovernorTimelockControl for timelock execution, GovernorSettings for adjustable parameters. Quorum is minimum percentage of supply for voting validity. Compound set quorum at 400k COMP (4% supply). We set quorum dynamically based on historical participation to avoid apathy or whale capture.

Flash loan governance attack — attacker borrows tokens via flash loan, delegates to self, creates proposal or votes, returns tokens. ERC-20Votes with block-based snapshot completely blocks this: must have tokens at snapshot creation moment, not voting moment.

Delegation — small holders often don't vote. Liquid delegation (like Optimism) lets delegate voting power to addresses without transfer. Critical for protocols with many passive holders.

Token Type Use Case Our Stack
ERC-20 utility Payments, rewards, gas Solidity 0.8.x, OpenZeppelin 5.x
ERC-20Permit Gasless approvals EIP-2612, EIP-712
ERC-20Votes On-chain governance Governor, TimelockController
ERC-1155 Multi-token (NFT + fungible) Solidity, OpenZeppelin
Vesting contracts Team/investor lockup LinearVesting, CliffVesting

Token Development Stack

Contracts: Solidity 0.8.x, OpenZeppelin Contracts 5.x (ERC20, ERC20Permit, ERC20Votes, Governor, TimelockController, TokenVesting).
Tokenomics audit: Python models with emission/demand simulation, cadCAD for complex systems modeling.
Deployment and management: Foundry scripts, Gnosis Safe for treasury, OpenZeppelin Defender for automation.
Analytics: Dune Analytics for on-chain metrics, Token Terminal for protocol revenue.

What’s Included in the Work (Deliverables)

  • Tokenomics model with stress tests (bear market, whale exit, governance capture)
  • Contract development with Foundry fuzz tests (gas optimization, reentrancy tests, overflow checks)
  • Audit summary and list of edge cases covered
  • Deployment scripts with Gnosis Safe admin keys
  • Documentation for future upgrades and maintenance
  • 30-day post-launch monitoring support

Process

  1. Tokenomics design — supply model, allocation, emission schedule, vesting. Stress-test scenarios.
  2. Contract development — ERC-20 + extensions, vesting, governance. Foundry fuzz tests on vesting calculations, governance thresholds.
  3. Audit — special attention on governance attack vectors, vesting bypass, permit replay attacks. We use Slither and Echidna for formal verification.
  4. LBP / launch — choose mechanics, set parameters, monitor first 24 hours.
  5. Post-launch — monitor supply distribution via Dune, governance participation metrics, treasury management.

Timelines

  • ERC-20 with permit and basic governance: 2–3 weeks
  • Vesting contract with revocation and cliff: 2–4 weeks
  • Full governance (Governor + Timelock + Token): 4–7 weeks
  • Token + LBP + governance + vesting: 8–14 weeks

We can estimate your project within 24 hours after discussing requirements. Contact us to start the conversation — no obligation, just a technical chat about your token model. Get a detailed proposal tailored to your tokenomics and compliance needs.