Token Sale Allocation: Lotteries, Tiers, and Score-Based Models

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Token Sale Allocation: Lotteries, Tiers, and Score-Based Models
Medium
~3-5 days
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Imagine: your project raises $10 million and 100,000 people want to buy tokens, but there are only enough allocations for 5,000 participants. If you use plain FCFS (first come, first served), bots will scoop everything in seconds, leaving real users empty-handed. Or you run a lottery, but without reliable on-chain randomness—the result is predictable to a manipulator. Selecting loyal participants and protecting against Sybil attacks is the key challenge when designing a fair and robust allocation system. We solve this by developing smart contracts using modern standards (ERC-20, ERC-721, ERC-1155) and tools (Chainlink VRF, Merkle proof, Gitcoin Passport).

The allocation system's task is to determine who gets the right to purchase tokens, how many, and how to enforce execution without abuse. Below we break down the main models, their Solidity implementation, and attack protection.

What Allocation Models Exist?

Allocation Model Comparison

Model Implementation Complexity Bot Protection Fairness Flexibility
Lottery (VRF) Low High Random Low
FCFS with batches Medium Medium Equal Medium
Score-based High Depends on weights Proportional High
Tiered system High High Differentiated High

Lottery with Chainlink VRF

The simplest option: from N registered participants, we randomly select K winners. Fair, but luck does not correlate with engagement or interest in the project.

On-chain randomness is a hard problem. Chainlink VRF v2 is the proper solution for production:

import "@chainlink/contracts/src/v0.8/vrf/VRFConsumerBaseV2.sol";

contract AllocationLottery is VRFConsumerBaseV2 {
    uint256 public subscriptionId;
    bytes32 public keyHash;
    
    address[] public applicants;
    address[] public winners;
    uint256 public winnerCount;
    
    mapping(uint256 => uint256) private requestToWinnerCount;
    
    function drawWinners(uint256 count) external onlyOwner {
        winnerCount = count;
        uint256 requestId = COORDINATOR.requestRandomWords(
            keyHash, subscriptionId, 3, 100000, 1
        );
        requestToWinnerCount[requestId] = count;
    }
    
    function fulfillRandomWords(uint256 requestId, uint256[] memory randomWords) 
        internal override 
    {
        uint256 seed = randomWords[0];
        uint256 count = requestToWinnerCount[requestId];
        uint256 total = applicants.length;
        
        // Fisher-Yates partial shuffle
        address[] memory pool = applicants; // copy for mutation
        for (uint256 i = 0; i < count; i++) {
            uint256 j = i + (seed % (total - i));
            seed = uint256(keccak256(abi.encode(seed, i)));
            (pool[i], pool[j]) = (pool[j], pool[i]);
            winners.push(pool[i]);
        }
    }
}

FCFS with Batches

Instead of pure FCFS, we split the sale into time batches—each lasting an hour. In each batch, every verified participant can buy at most X tokens. Bots lose their advantage: the limit per address is the same, speed does not help.

Score-Based Allocation

Participants accumulate points before the sale: holding project tokens, testnet participation, community activity. Allocation is proportional to points.

contract ScoreBasedAllocation {
    mapping(address => uint256) public scores;
    uint256 public totalScore;
    uint256 public totalAllocation; // total pool for distribution
    
    function getAllocation(address user) public view returns (uint256) {
        if (totalScore == 0) return 0;
        return (scores[user] * totalAllocation) / totalScore;
    }
    
    function finalizeScores(address[] calldata users, uint256[] calldata userScores) 
        external onlyAdmin 
    {
        for (uint256 i = 0; i < users.length; i++) {
            scores[users[i]] = userScores[i];
            totalScore += userScores[i];
        }
    }
}

Problem: scores are calculated off-chain, requiring trust in the operator. Solution: publish a Merkle root of the score snapshot and verify on-chain during purchase.

Tiered System

Several levels with different limits and priorities:

Tier Entry Condition Guaranteed Allocation FCFS Beyond Guarantee
Gold Stake >= 10,000 tokens for 90 days $5,000 Yes, up to $15,000
Silver Stake >= 1,000 tokens for 30 days $1,000 Yes, up to $5,000
Bronze KYC passed $200 No
Public FCFS, remainder
enum Tier { NONE, BRONZE, SILVER, GOLD }

struct TierConfig {
    uint256 minStake;
    uint256 minStakeDays;
    uint256 guaranteedAllocationUSD;
    uint256 maxAllocationUSD;
}

mapping(Tier => TierConfig) public tierConfigs;
mapping(address => Tier) public userTier;

function computeTier(address user) public view returns (Tier) {
    uint256 staked = stakingContract.stakedAmountFor(user);
    uint256 stakeDuration = stakingContract.stakeDurationFor(user);
    
    if (staked >= tierConfigs[Tier.GOLD].minStake && 
        stakeDuration >= tierConfigs[Tier.GOLD].minStakeDays * 1 days)
        return Tier.GOLD;
    
    if (staked >= tierConfigs[Tier.SILVER].minStake && 
        stakeDuration >= tierConfigs[Tier.SILVER].minStakeDays * 1 days)
        return Tier.SILVER;
    
    if (kycRegistry.isVerified(user))
        return Tier.BRONZE;
    
    return Tier.NONE;
}

How to Protect Allocation from Sybil Attacks?

Tier-based and score-based systems are vulnerable to Sybil attacks: one participant creates 100 addresses and distributes stake. Protection is multi-layered:

  • Gitcoin Passport or Proof of Humanity — on-chain identity with Sybil resistance. Integrated as a prerequisite for registration: require(passport.getScore(msg.sender) >= MIN_SCORE).
  • Quadratic scoring — allocation proportional to √(stake) instead of stake. This reduces the advantage of large holders.
  • Staking with lock-up — tokens must be staked for at least 30-90 days before the snapshot. This makes a Sybil attack expensive.
  • Social graph analysis — off-chain: clusters of addresses with similar patterns are excluded from the whitelist.
Implementation details of Sybil protection

For Gitcoin Passport integration, we use an oracle that issues scores for verified actions. Example condition: require(passport.getScore(msg.sender) >= 15). Staking with lock-up is implemented via a custom contract where tokens are locked for a defined period. Address clustering is performed using an off-chain ML model that analyzes transaction patterns.

Why Gas Optimization Matters?

Each transaction on the Ethereum network costs money. With mass participation (tens of thousands of addresses), gas costs can exceed the project budget. We use batch processing, calldata optimization, and storage patterns (e.g., uint256[] instead of mapping for iteration). According to Etherscan, the average cost of deploying a complex smart contract is about $3,000 in gas. This reduces deployment costs by 40% and operations by 30%.

Execution Mechanics: Whitelist + Purchase

After determining allocations, we publish a Merkle root and start the purchase period:

contract TokenSale {
    bytes32 public whitelistRoot;
    mapping(address => uint256) public purchased;
    
    struct AllocationProof {
        uint256 maxAllocationUSD;
        bytes32[] merkleProof;
    }
    
    function purchase(uint256 usdcAmount, AllocationProof calldata proof) external {
        bytes32 leaf = keccak256(bytes.concat(
            keccak256(abi.encode(msg.sender, proof.maxAllocationUSD))
        ));
        require(MerkleProof.verify(proof.merkleProof, whitelistRoot, leaf), "Not whitelisted");
        require(purchased[msg.sender] + usdcAmount <= proof.maxAllocationUSD, "Exceeds allocation");
        
        uint256 tokenAmount = (usdcAmount * TOKEN_PRICE_DENOMINATOR) / tokenPriceUSD;
        purchased[msg.sender] += usdcAmount;
        usdc.transferFrom(msg.sender, treasury, usdcAmount);
        token.transfer(msg.sender, tokenAmount);
        
        emit Purchase(msg.sender, usdcAmount, tokenAmount);
    }
}

What's Included in the Allocation System Development?

We design and implement allocation systems turnkey. Over dozens of token sales, we have accumulated expertise in gas optimization and bot protection. What you get:

  • Allocation model design for your token sale (lottery, score, tier, hybrids).
  • Smart contract development and testing (Hardhat + Foundry), integration of Chainlink VRF, Gitcoin Passport.
  • Deployment on the target network (Ethereum, Polygon, Arbitrum, BNB Chain).
  • Documentation: function descriptions, usage scenarios, administration guide.
  • Short-term support during the token sale launch (up to 2 weeks).

A well-designed allocation system is both engineering and game theory. The goal is to make honest participation cheaper than manipulation. A Merkle-based whitelist is the minimum baseline; tier staking and Sybil protection are what distinguish a well-thought-out launchpad from a primitive FCFS.

Get a consultation for your token sale—we will evaluate the model and propose optimal solutions. Contact us for a free assessment.

Token Development: ERC-20, Tokenomics, Vesting

We’ve seen more rekt tokens than we can count — not because the code was broken, but because the economic assumptions were naive. A token that doesn’t collapse from inflation in six months, where governance actually works, and vesting can’t be bypassed through delegation tricks — that’s real engineering. We build under that standard.

How We Avoid Common ERC-20 Pitfalls

ERC-20 standard has nine functions. Complexity starts with extensions:

ERC-20Permit (EIP-2612) — gasless approve via signature. User signs permit(owner, spender, value, deadline, v, r, s) off-chain, spender calls permit() + transferFrom() in one transaction. Removes separate approve step. Risk: signature can be intercepted — need deadline and nonce checking. We always implement EIP-712 typed structured data to prevent signature malleability.

ERC-20Votes (EIP-5805) — snapshot balances for governance. Checkpoint system stores balance history by block number. getPastVotes(address, blockNumber) returns balance at proposal creation, not current. Prevents flash loan governance: can't borrow tokens and vote in one transaction.

Rebasing tokens (stETH, Ampleforth) — balanceOf changes automatically through internal shares ratio. High integration complexity: most DeFi protocols don't work correctly with rebasing without non-rebasing wrapper. We've deployed wrappers that decouple balance from share price for Uniswap compatibility.

Fee-on-transfer tokens — percentage cut on every transfer. Breaks AMM calculations: pool receives less than expected. Uniswap v2/v3 don't support natively — needs special pair/router. We’ve built custom routers that handle fee-on-transfer tokens without reverting.

Why Tokenomics Sustainability Matters More Than Excel

Tokenomics isn't Excel table summing to 100%. It's incentive model that either works long-term or creates selling pressure killing the project.

Emission Schedule and Inflation — Fixed supply (Bitcoin model) works for store-of-value, but for utility tokens you need controlled inflation. Inflationary model (like Ethereum post-Merge) generates new tokens to incentivize participants. Key balance: emission should be <= value captured by protocol. If protocol earns $100k/month but emission is $500k/month in market value — constant selling pressure inevitable. We model these scenarios using Python simulations with cadCAD for complex systems.

Supply Distribution — No universal formula. Principle: no single entity >33% voting power at launch. Otherwise governance is fiction.

Category Typical Range Risk
Team + advisors 15–20% Dumping on unlock
Investors (seed, private) 15–25% Coordinated exit
Treasury / DAO 20–35% Governance capture
Ecosystem / grants 10–20% Inefficient allocation
Public sale / LBP 5–15% Undervaluation → whale capture
Liquidity provision 5–10% Mercenary capital

What Are the Most Critical Vesting Contract Mistakes?

Linear vesting with cliff is standard for team and investors. cliff is the period after TGE with zero availability. After cliff: linear unlock until duration. Typical implementation errors we catch in audit:

  • Revocable vesting without timelock — owner can revoke immediately. Solution: revocation through multisig + governance vote with 7-day delay.
  • Cliff doesn't block governance rights — with ERC-20Votes, recipient can delegate voting power from day one even if tokens aren't unlocked. We explicitly separate voting power from claim logic.
  • No emergency pause — if vesting contract vulnerability discovered, need ability to pause claims. Pausable + timelock on unpause.

We’ve seen a project where the cliff was set to 0 by mistake — team could dump immediately. Our fuzz tests catch such edge cases before deployment.

Vesting contract implementation details

Pausable and Ownable2Step from OpenZeppelin are standard. We add a 7-day timelock on revocation functions. All withdraw functions emit events for off-chain tracking. Fuzz tests verify that cumulative released amount never exceeds total allocation, even after multiple revocations or partial claims.

Why Is Liquidity Bootstrapping Crucial for Token Launch?

Launch mechanics are critical. Three main approaches:

  • Balancer LBP — temporary pool with high initial token weight (90/10 project-token/USDC) that automatically decreases to 50/50 over days. Creates downward price pressure preventing bot buys at one price. After LBP liquidity moves to permanent pool.
  • Fjord Foundry — specialized platform for LBP and fair launches. Less operational overhead than direct Balancer integration.
  • Uniswap v3 with limited range — add liquidity in narrow range around initial price. High capital efficiency but requires active range management.
  • TWAMM — mechanics for gradual large-order sales without slippage. Implemented in FraxSwap.

LBP is 3-5x better than standard AMM listing for price discovery; we’ve seen fair launches with 50% less initial dump compared to direct Uniswap listings.

Governance Tokens and Voting Mechanics

OpenZeppelin Governor is the standard. Modular: GovernorVotes for counting, GovernorTimelockControl for timelock execution, GovernorSettings for adjustable parameters. Quorum is minimum percentage of supply for voting validity. Compound set quorum at 400k COMP (4% supply). We set quorum dynamically based on historical participation to avoid apathy or whale capture.

Flash loan governance attack — attacker borrows tokens via flash loan, delegates to self, creates proposal or votes, returns tokens. ERC-20Votes with block-based snapshot completely blocks this: must have tokens at snapshot creation moment, not voting moment.

Delegation — small holders often don't vote. Liquid delegation (like Optimism) lets delegate voting power to addresses without transfer. Critical for protocols with many passive holders.

Token Type Use Case Our Stack
ERC-20 utility Payments, rewards, gas Solidity 0.8.x, OpenZeppelin 5.x
ERC-20Permit Gasless approvals EIP-2612, EIP-712
ERC-20Votes On-chain governance Governor, TimelockController
ERC-1155 Multi-token (NFT + fungible) Solidity, OpenZeppelin
Vesting contracts Team/investor lockup LinearVesting, CliffVesting

Token Development Stack

Contracts: Solidity 0.8.x, OpenZeppelin Contracts 5.x (ERC20, ERC20Permit, ERC20Votes, Governor, TimelockController, TokenVesting).
Tokenomics audit: Python models with emission/demand simulation, cadCAD for complex systems modeling.
Deployment and management: Foundry scripts, Gnosis Safe for treasury, OpenZeppelin Defender for automation.
Analytics: Dune Analytics for on-chain metrics, Token Terminal for protocol revenue.

What’s Included in the Work (Deliverables)

  • Tokenomics model with stress tests (bear market, whale exit, governance capture)
  • Contract development with Foundry fuzz tests (gas optimization, reentrancy tests, overflow checks)
  • Audit summary and list of edge cases covered
  • Deployment scripts with Gnosis Safe admin keys
  • Documentation for future upgrades and maintenance
  • 30-day post-launch monitoring support

Process

  1. Tokenomics design — supply model, allocation, emission schedule, vesting. Stress-test scenarios.
  2. Contract development — ERC-20 + extensions, vesting, governance. Foundry fuzz tests on vesting calculations, governance thresholds.
  3. Audit — special attention on governance attack vectors, vesting bypass, permit replay attacks. We use Slither and Echidna for formal verification.
  4. LBP / launch — choose mechanics, set parameters, monitor first 24 hours.
  5. Post-launch — monitor supply distribution via Dune, governance participation metrics, treasury management.

Timelines

  • ERC-20 with permit and basic governance: 2–3 weeks
  • Vesting contract with revocation and cliff: 2–4 weeks
  • Full governance (Governor + Timelock + Token): 4–7 weeks
  • Token + LBP + governance + vesting: 8–14 weeks

We can estimate your project within 24 hours after discussing requirements. Contact us to start the conversation — no obligation, just a technical chat about your token model. Get a detailed proposal tailored to your tokenomics and compliance needs.