Claim Contract Development for Token Distribution

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Claim Contract Development for Token Distribution
Medium
~2-3 days
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Claim Contract Development for Token Distribution

You deployed an airdrop, but the gas to deploy a list of 10,000 addresses ate half your budget. Or worse — someone found a way to claim tokens twice with the same proof. These issues appear in production all the time. A claim contract is a standard tool, but its implementation requires precision. We, a team with over 5 years of blockchain experience, provide turnkey claim contract creation with security guarantees and gas optimization. In this article, we'll break down why the Merkle tree is the industry standard and how to avoid costly mistakes.

Why Merkle Tree Over On-Chain List?

Parameter On-chain whitelist Merkle tree
Gas on deploy (10k addresses) ~0.5 ETH ~0.01 ETH
Gas on claim ~50k (SLOAD) ~30k (SLOAD + 2x SHA3)
Storage 10k storage slots 1 bytes32
Updateability requires contract migration root change

Gas savings on deployment up to 90% — for large projects this translates to thousands of dollars.

How to Implement Merkle-Based Claim

Building the Tree (Off-Chain)

import { StandardMerkleTree } from "@openzeppelin/merkle-tree";

// Leaves: [address, amount]
const values = [
    ["0xAddress1...", ethers.parseEther("100")],
    ["0xAddress2...", ethers.parseEther("250")],
    // ...
];

const tree = StandardMerkleTree.of(values, ["address", "uint256"]);
console.log("Merkle Root:", tree.root);

// Save the tree for proof generation
fs.writeFileSync("tree.json", JSON.stringify(tree.dump()));

// For a specific address, generate the proof
for (const [i, v] of tree.entries()) {
    if (v[0] === "0xAddress1...") {
        const proof = tree.getProof(i);
        console.log("Proof:", proof);
    }
}

Contract

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol";
import "@openzeppelin/contracts/access/Ownable.sol";

contract MerkleClaim is Ownable {
    IERC20 public immutable token;
    bytes32 public immutable merkleRoot;
    uint256 public immutable claimDeadline;

    // Packed bitmap for gas efficiency instead of mapping(address => bool)
    mapping(uint256 => uint256) private claimedBitMap;

    event Claimed(address indexed account, uint256 amount, uint256 index);

    constructor(
        address _token,
        bytes32 _merkleRoot,
        uint256 _claimWindowDays
    ) Ownable(msg.sender) {
        token = IERC20(_token);
        merkleRoot = _merkleRoot;
        claimDeadline = block.timestamp + (_claimWindowDays * 1 days);
    }

    function isClaimed(uint256 index) public view returns (bool) {
        uint256 claimedWordIndex = index / 256;
        uint256 claimedBitIndex = index % 256;
        uint256 claimedWord = claimedBitMap[claimedWordIndex];
        uint256 mask = (1 << claimedBitIndex);
        return claimedWord & mask == mask;
    }

    function _setClaimed(uint256 index) private {
        uint256 claimedWordIndex = index / 256;
        uint256 claimedBitIndex = index % 256;
        claimedBitMap[claimedWordIndex] = claimedBitMap[claimedWordIndex] | (1 << claimedBitIndex);
    }

    function claim(
        uint256 index,
        address account,
        uint256 amount,
        bytes32[] calldata merkleProof
    ) external {
        require(block.timestamp <= claimDeadline, "Claim period ended");
        require(!isClaimed(index), "Already claimed");

        bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(index, account, amount))));
        require(MerkleProof.verify(merkleProof, merkleRoot, leaf), "Invalid proof");

        _setClaimed(index);
        token.transfer(account, amount);

        emit Claimed(account, amount, index);
    }

    // Recover unclaimed tokens after deadline
    function recoverUnclaimed() external onlyOwner {
        require(block.timestamp > claimDeadline, "Claim period active");
        uint256 balance = token.balanceOf(address(this));
        token.transfer(owner(), balance);
    }
}

Using a bitmap instead of mapping(address => bool) is an important optimization. One storage slot (32 bytes) stores 256 flags. For 10,000 participants, about 40 slots are needed instead of 10,000. The first claim in a slot costs 20,000 gas (SSTORE cold), subsequent ones 5,000 (SSTORE warm). The savings are significant.

How Vesting Claim Works

For team and investors, claim usually works together with vesting. Cliff + linear unlock is the standard scheme:

struct VestingSchedule {
    uint256 totalAmount;
    uint256 cliffEnd;       // timestamp when cliff ends
    uint256 vestingEnd;     // timestamp when fully unlocked
    uint256 claimed;        // already claimed
}

mapping(address => VestingSchedule) public schedules;

function claimVested() external {
    VestingSchedule storage schedule = schedules[msg.sender];
    require(block.timestamp >= schedule.cliffEnd, "Cliff not reached");

    uint256 vested = _calculateVested(schedule);
    uint256 claimable = vested - schedule.claimed;
    require(claimable > 0, "Nothing to claim");

    schedule.claimed += claimable;
    token.transfer(msg.sender, claimable);
}

function _calculateVested(VestingSchedule memory s) private view returns (uint256) {
    if (block.timestamp >= s.vestingEnd) return s.totalAmount;
    if (block.timestamp < s.cliffEnd) return 0;

    uint256 vestingDuration = s.vestingEnd - s.cliffEnd;
    uint256 elapsed = block.timestamp - s.cliffEnd;
    return (s.totalAmount * elapsed) / vestingDuration;
}

Common Vulnerabilities

Vulnerability Consequences Solution
Double-claim without bitmap Token loss on repeated claim with different amount Bitmap with unique index
Griefing through claim on behalf Forced token transfer to unwanted address Require msg.sender == account
Missing recoverUnclaimed Tokens locked forever Add recovery function with timelock
Frontrunning proof Theft of tokens by swapping account Include account in leaf

Double-Claim Without Bitmap

If you use mapping(address => bool) instead of bitmap, and the same address appears with different amounts — the proof is valid for each variation, the claimed[address] = true flag is set once, but the second claim with a different amount still passes. Bitmap with index as key prevents this: each index is unique.

Griefing Through Claim on Behalf

If claim(account, ...) is called by someone other than account — tokens can be force-sent to an address that hasn't passed KYC or a contract without receive(). For protocols with compliance requirements, restrict: require(msg.sender == account).

No RecoverUnclaimed

Tokens are permanently locked on the contract if the deadline is not handled. Always add a recovery function.

Frontrunning Proof

The proof is public; anyone can see it in the mempool and submit it with their own address. Protection: include account in the leaf (already implemented above) — the proof works only for that specific address.

Multi-Round Claims

For airdrops with multiple rounds (e.g., retroactive + ongoing rewards), use several Merkle roots — one per round, or a mutable root with a timelock on updates:

bytes32[] public merkleRoots;  // index = round number
mapping(uint256 => mapping(uint256 => uint256)) private claimedBitMaps; // round => bitmap

function addRound(bytes32 root) external onlyOwner {
    merkleRoots.push(root);
}

What’s Included in the Work?

  • Smart contract source code (Solidity 0.8.20) with full test coverage (Foundry, including fuzzing).
  • Deploy and verification scripts for Etherscan.
  • Integration documentation (ABI, interfaces, call examples).
  • Post-deployment support: consultations, help with Merkle root updates.
  • Optional: external security audit (from 2 weeks).

Claim Contract Development Process

  1. Requirements analysis — determine the participant list, amounts, vesting schedule, need for multi-round.
  2. Architecture design — choose Merkle tree, bitmap, vesting, additional functions.
  3. Implementation — write the smart contract in Solidity 0.8.20 with full test coverage (Foundry, including fuzzing).
  4. Audit — internal review + optional external audit (from 2 weeks).
  5. Deployment — deploy with optimized parameters (solid gas efficiency guarantee).
  6. Documentation and integration — provide integration guide and support.

Timeline: from 5 working days to 3 weeks depending on complexity. Cost is calculated individually.

We have implemented over 30 claim contracts for projects on Ethereum, Arbitrum, and Polygon. Contact us for a consultation — we will evaluate your project in 2 days. Order turnkey development and get a reliable claim contract protected against all typical vulnerabilities.

Token Development: ERC-20, Tokenomics, Vesting

We’ve seen more rekt tokens than we can count — not because the code was broken, but because the economic assumptions were naive. A token that doesn’t collapse from inflation in six months, where governance actually works, and vesting can’t be bypassed through delegation tricks — that’s real engineering. We build under that standard.

How We Avoid Common ERC-20 Pitfalls

ERC-20 standard has nine functions. Complexity starts with extensions:

ERC-20Permit (EIP-2612) — gasless approve via signature. User signs permit(owner, spender, value, deadline, v, r, s) off-chain, spender calls permit() + transferFrom() in one transaction. Removes separate approve step. Risk: signature can be intercepted — need deadline and nonce checking. We always implement EIP-712 typed structured data to prevent signature malleability.

ERC-20Votes (EIP-5805) — snapshot balances for governance. Checkpoint system stores balance history by block number. getPastVotes(address, blockNumber) returns balance at proposal creation, not current. Prevents flash loan governance: can't borrow tokens and vote in one transaction.

Rebasing tokens (stETH, Ampleforth) — balanceOf changes automatically through internal shares ratio. High integration complexity: most DeFi protocols don't work correctly with rebasing without non-rebasing wrapper. We've deployed wrappers that decouple balance from share price for Uniswap compatibility.

Fee-on-transfer tokens — percentage cut on every transfer. Breaks AMM calculations: pool receives less than expected. Uniswap v2/v3 don't support natively — needs special pair/router. We’ve built custom routers that handle fee-on-transfer tokens without reverting.

Why Tokenomics Sustainability Matters More Than Excel

Tokenomics isn't Excel table summing to 100%. It's incentive model that either works long-term or creates selling pressure killing the project.

Emission Schedule and Inflation — Fixed supply (Bitcoin model) works for store-of-value, but for utility tokens you need controlled inflation. Inflationary model (like Ethereum post-Merge) generates new tokens to incentivize participants. Key balance: emission should be <= value captured by protocol. If protocol earns $100k/month but emission is $500k/month in market value — constant selling pressure inevitable. We model these scenarios using Python simulations with cadCAD for complex systems.

Supply Distribution — No universal formula. Principle: no single entity >33% voting power at launch. Otherwise governance is fiction.

Category Typical Range Risk
Team + advisors 15–20% Dumping on unlock
Investors (seed, private) 15–25% Coordinated exit
Treasury / DAO 20–35% Governance capture
Ecosystem / grants 10–20% Inefficient allocation
Public sale / LBP 5–15% Undervaluation → whale capture
Liquidity provision 5–10% Mercenary capital

What Are the Most Critical Vesting Contract Mistakes?

Linear vesting with cliff is standard for team and investors. cliff is the period after TGE with zero availability. After cliff: linear unlock until duration. Typical implementation errors we catch in audit:

  • Revocable vesting without timelock — owner can revoke immediately. Solution: revocation through multisig + governance vote with 7-day delay.
  • Cliff doesn't block governance rights — with ERC-20Votes, recipient can delegate voting power from day one even if tokens aren't unlocked. We explicitly separate voting power from claim logic.
  • No emergency pause — if vesting contract vulnerability discovered, need ability to pause claims. Pausable + timelock on unpause.

We’ve seen a project where the cliff was set to 0 by mistake — team could dump immediately. Our fuzz tests catch such edge cases before deployment.

Vesting contract implementation details

Pausable and Ownable2Step from OpenZeppelin are standard. We add a 7-day timelock on revocation functions. All withdraw functions emit events for off-chain tracking. Fuzz tests verify that cumulative released amount never exceeds total allocation, even after multiple revocations or partial claims.

Why Is Liquidity Bootstrapping Crucial for Token Launch?

Launch mechanics are critical. Three main approaches:

  • Balancer LBP — temporary pool with high initial token weight (90/10 project-token/USDC) that automatically decreases to 50/50 over days. Creates downward price pressure preventing bot buys at one price. After LBP liquidity moves to permanent pool.
  • Fjord Foundry — specialized platform for LBP and fair launches. Less operational overhead than direct Balancer integration.
  • Uniswap v3 with limited range — add liquidity in narrow range around initial price. High capital efficiency but requires active range management.
  • TWAMM — mechanics for gradual large-order sales without slippage. Implemented in FraxSwap.

LBP is 3-5x better than standard AMM listing for price discovery; we’ve seen fair launches with 50% less initial dump compared to direct Uniswap listings.

Governance Tokens and Voting Mechanics

OpenZeppelin Governor is the standard. Modular: GovernorVotes for counting, GovernorTimelockControl for timelock execution, GovernorSettings for adjustable parameters. Quorum is minimum percentage of supply for voting validity. Compound set quorum at 400k COMP (4% supply). We set quorum dynamically based on historical participation to avoid apathy or whale capture.

Flash loan governance attack — attacker borrows tokens via flash loan, delegates to self, creates proposal or votes, returns tokens. ERC-20Votes with block-based snapshot completely blocks this: must have tokens at snapshot creation moment, not voting moment.

Delegation — small holders often don't vote. Liquid delegation (like Optimism) lets delegate voting power to addresses without transfer. Critical for protocols with many passive holders.

Token Type Use Case Our Stack
ERC-20 utility Payments, rewards, gas Solidity 0.8.x, OpenZeppelin 5.x
ERC-20Permit Gasless approvals EIP-2612, EIP-712
ERC-20Votes On-chain governance Governor, TimelockController
ERC-1155 Multi-token (NFT + fungible) Solidity, OpenZeppelin
Vesting contracts Team/investor lockup LinearVesting, CliffVesting

Token Development Stack

Contracts: Solidity 0.8.x, OpenZeppelin Contracts 5.x (ERC20, ERC20Permit, ERC20Votes, Governor, TimelockController, TokenVesting).
Tokenomics audit: Python models with emission/demand simulation, cadCAD for complex systems modeling.
Deployment and management: Foundry scripts, Gnosis Safe for treasury, OpenZeppelin Defender for automation.
Analytics: Dune Analytics for on-chain metrics, Token Terminal for protocol revenue.

What’s Included in the Work (Deliverables)

  • Tokenomics model with stress tests (bear market, whale exit, governance capture)
  • Contract development with Foundry fuzz tests (gas optimization, reentrancy tests, overflow checks)
  • Audit summary and list of edge cases covered
  • Deployment scripts with Gnosis Safe admin keys
  • Documentation for future upgrades and maintenance
  • 30-day post-launch monitoring support

Process

  1. Tokenomics design — supply model, allocation, emission schedule, vesting. Stress-test scenarios.
  2. Contract development — ERC-20 + extensions, vesting, governance. Foundry fuzz tests on vesting calculations, governance thresholds.
  3. Audit — special attention on governance attack vectors, vesting bypass, permit replay attacks. We use Slither and Echidna for formal verification.
  4. LBP / launch — choose mechanics, set parameters, monitor first 24 hours.
  5. Post-launch — monitor supply distribution via Dune, governance participation metrics, treasury management.

Timelines

  • ERC-20 with permit and basic governance: 2–3 weeks
  • Vesting contract with revocation and cliff: 2–4 weeks
  • Full governance (Governor + Timelock + Token): 4–7 weeks
  • Token + LBP + governance + vesting: 8–14 weeks

We can estimate your project within 24 hours after discussing requirements. Contact us to start the conversation — no obligation, just a technical chat about your token model. Get a detailed proposal tailored to your tokenomics and compliance needs.