Free TON

Contest: Airdrop Mechanics [Finished]

Just to add some extra points, as I seen the beta ton.surf application.

  • It will be much easier to implement this mechanism using bots in ton.surf.

  • We just need to maintain one single database with entries : telegram username; first 6 digits of alphanumeric coupon code; last 6 digits of alphanumeric coupon code

  • As the user get both 12 digits of coupon code through signing DOD and joining group.

  • That code can be redeemed with the help of bots like “Chain Rider” in ton.surf , where we give the 12 digit coupon code and the bot is connected to the database, it verifies the coupon code and give out TON crystals.

I believe this is a very simple implementation, i don’t want to make it too complicated from both technical and user point. If we keep it simple with such coupon codes, it will be more helpful in bringing more people and quickly.

2 Likes

Yes I think if we keep it less complicated it will be easier to implement and can help spreading the network faster.

1 Like

My Proposal :

  1. While Filling DOD on freeton website use captcha, browser cache and other techniques to make it harder for some bot to fill the form.
  2. After Signing the DOD - A 12 digit alphanumeric coupon code is generated in the backend for the user, and store it along with telegram username or email in the freeton database
  3. Show first 6 digits to the user after they sign the DOD, so that he/she can copy it and keep it.
  4. Give remaining 6 digits in the group using bots or in a PDF on daily basis, like all users who signed DOD within 24 hours 1 pdf with all their usernames along with their remaining 6 digits codes will be shared in the groups.
  5. The person who joined the group and signed DOD can get full 12 digit coupon code and can redeem it for crystals.

Just to add some extra points, as I seen the beta ton.surf application.

  • It will be much easier to implement this mechanism using bots in ton.surf.

  • We just need to maintain one single database with entries : telegram username; first 6 digits of alphanumeric coupon code; last 6 digits of alphanumeric coupon code

  • As the user get both 12 digits of coupon code through signing DOD and joining group.

  • That code can be redeemed with the help of bots like “Chain Rider” in ton.surf , where we give the 12 digit coupon code and the bot is connected to the database, it verifies the coupon code and give out TON crystals.

I believe this is a very simple implementation, i don’t want to make it too complicated from both technical and user point. If we keep it simple with such coupon codes, it will be more helpful in bringing more people and quickly.

5 Likes

So what was finally decided?

3 Likes

I just like to say that the selected airdrop mechanics should be “simple” as much as possible. Pls consider. Many good proposals but very complicated!

5 Likes

Организаторы, пожалуйста разместите тут ссылку на итоги конкурса.

1 Like

Итоги еще не подвели, как будет, конечно опубликуем

1 Like

Всем привет. Сегодня на стриме услышал про спойлер для холодных кошельков. И хотел узнать, имеет ли моя идея о распределении токенов посредством обычных почтовых услуг, к этому отношение? :slight_smile:

1 Like

Ещё создать свою криптобиржу.
Also create your own cryptocurrency exchange.

1 Like

Token Distribution Plan: Phase 1

[TOC]

Token information

TOTAL SUPPLY = 4.25 Billion coins

STANDARD REWARD = 425 coins

Designed to maintain privacy and punish spammers

Requires only a valid Telegram ID and a ‘sponsor’

General information and disclaimers

  1. You will need to actually read the descriptions carefully to understand this. Sorry I did not have time to draw pretty pictures for everybody.

  2. I have already developed phase 1 smart contract, it’s complete, and I’m already progressing with stage 2 smart contract.

  3. I have already created the telegram bot described here, but it’s not finished yet.

  4. This can be done with any number of coins, not necessarily using the entire supply. I just gave examples so that the relative numbers of total supply (total planned to give away with this distribution mechanism) and the ‘standard reward’ are clear, because that ratio is important.

Anti-spam measures

A Telegram bot will verify the authenticity of each user by performing an advanced CAPTCHA and CAS anti-spam test.

The more legitimate public participation occurs, the less control would-be attackers will have over the network.

Phase 1 distribution is designed to jumpstart the network in the easiest and least risky way possible.

The distribution maintains the privacy of users. They do not need to provide so much as an IP address to the bot, and their Telegram ID is not shared on the blockchain.

The user who verifies their ‘identity’ through the telegram bot will need access to the private key of the account address they want to use.

A helper app (specifically one that I’ve already created most of) will be used to facilitate signing and connection of different users.

Unbreakable CAPTCHA

Royalty-free, short video clips will be catalogued with a list of questions to facilitate a video CAPTCHA. The users will watch the video clip (5-10 seconds) and then be asked 2 questions about the video clip, such as “Does the video contain the color blue? (yes/no)” and “Which object does not appear in the video? (block/shirt/dickbutt)”. The users will be given 5 seconds to reply to each question. If they fail, they will be given one additional opportunity to answer a different CAPTCHA video. After 2 failures, their telegram ID will be permanently disqualified.

Any attacker would need not only to create a new telegram ID (verifying a phone number in the process) or use a hacked telegram account to verify, but would also need to manually perform the work on each CAPTCHA, unless they have an AI system that can read videos and respond within 5 seconds to the abstract questions.

During the 2nd phase of distribution (weekly distribution with voting, see below) the users will need to pass a new CAPTCHA every week to register.

Privacy and usability

  • The contract never publishes any information about the users except for their account contract’s address.

  • Users do not need to expose even their IP address to anyone in order for the system to work. This is in stark contrast to all the entries which use web applications.

  • It’s as simple as solving the CAPTCHA which takes around 10 seconds and then sending the token generated by the bot to the sponsoring user. The whole process will take 30 seconds or less.

The bot is centralized, but that’s okay.

Of course there is a centralized element to anything like this. The bot never exposes its IP to anyone, so it’s not possible to attack it. The bot has a key and its signature is required for the contract to accept a new entry.

Further explanation below shows how the bot can make sure the contract has not been compromised and watchdog scripts can run that check to see if the bot itself has been compromised.

Lastly the bot only needs to be online for the duration of the distribution and it can easily be moved or changed since the contract and the bot are loosely coupled (only by the bot’s ed25519 key).

Technical notes/specification

New User Workflow

  1. New user verifies with the bot, gets a signature

  2. New user sends signature to sponsor

  3. Sponsor sends signature and GRAM sponsorship fee to contract

Telegram Verification Bot

  • Has a public key which is also stored in the distribution smart contrat

  • Each Telegram account (TID) can only be used once

  • Connects to CAS ban list

  • Signs the wallet account address and returns it to the user

  • Has Write-only access to database

  • Checks against a counter to make sure its pubkey isn’t compromised

Distribution smart contract

  • One internal OP, message from sponsor, structure is [downline_addr, downline_addr_sig,fee]

  • Checks that sponsor_addr (sending address) is a member, and downline_addr is not a member

  • Stores bot public keys, any one key can be invalidated by another key

  • Checks downline_addr and downline-addr-sig match bot pubkey

  • Adds downline_addr / sponsor_addr pair to dict

  • Sends GRAM rewards to new user and sponsor

  • On/off switch can pause and restart distribution in case of bot failure

Early Adopter Distribution: 1%: 1 million users

What about the other 99%?

While a comprehensive plan is already in place for distribution of the other 99% of the coins in the distribution, that information is displayed in another section of this document. Below is a simple summary:

A weekly stake-based distribution will occur until all coins have been distributed.

  • To register for the weekly distribution requires ‘staking’ coins.

  • Users need to register with the Telegram verification bot and the newly created distribution channel every week during a 1-day window.

  • New users join via a sponsor. They instantly become sponsors themselves and can begin to refer new users to their downline.

  • Users keep their existing downline when each new weekly distribution begins.

  • Users can vote to expel bad actors. If expelled, any downline gained during the weekly distribution is not carried over to the following weekly distribution. If expelled, a user will be able to appeal and the community at large will have an opportunity to overturn the original vote.

Early Adopter Rewards

  • Each registered sponsor will receive the ‘standard reward’ (variable and described at the top of this document).

  • Each referred user sponsored will result in an ~3.125% ‘bonus reward’ of additional coins.

  • As such, when ~32 users are referred, the total reward increases by 100%.

  • A maximum of 32 users can be referred by each sponsor.

  • To sponsor a user requires a tiny payment (used to combat spam) which will be rewarded to the referred user.

Get sponsored by an existing user to join

To join, users must download Telegram, chat with the Telegram verification bot, send sends its output to a sponsor.

Origin sponsor

It is necessary to hardcode an “origin sponsor” to onboard the first real sponsor. The origin sponsor does not receive any coins.

Anti-spam and Telegram ID verification

What defines a succesful anti-spam solution

  1. Cannot easily sign up for a lot of accounts

  2. Cannot sign someone else up for an account without their knowledge

  3. Cannot create a lot of dummy data/bloat in the blockchain

  4. Should not require unreasonable effort on the part of verifiers or users.

  5. Should uphold the privacy of its legitimate users.

Nothing is 100% spam proof. No. thing. is. 100%. spam. proof.

Why this solution works

  1. Telegram requires a valid SIM / phone number to register an account in the distribution. It is ‘free SIM verification’ and only the Telegram USER ID needs to be verified. This goes a long way towards defeating spammers.

  2. CAS.chat offers the CAS ban list up to the public which any good solution will almost certainly employ.

  3. The CAPTCHA used by this method presents a unique challenge to would-be spammers.

  • It is extremely difficult or even impossible to break this CAPTCHA with any bot that’s available today

  • Since it must occur inside the Telegram chat, does not use a third-party API, and requires that the person interacting with the bot sign a challenge with the private key corresponding to the recipient address, click-farms or ‘buy CAPTCHA solving’ services cannot be used efficiently.

Why other methods are not that great

  1. Pure SIM / cell phone number verification through a service such as Twilio or Nexos costs half of 1 cent 0.005 USD per verification. It exposes the entity running the verification service to financial risk, and makes it very difficult to later make the verification system more distributed/decentralized.

  2. While SIM cards are easy to come across, they DO cost money and any methods which verify phone numbers are generally extremely effective as a deterrent.

  3. Using IP-based verification exposes the bot’s IP address to attack, and violates the privacy of users. It also causes other problems, for example, if a maximum number of accounts per IP address is used, people who are on the same WiFi network cannot join even though they are legitimate users.

  4. Manual verification through video chats, or collecting and verifying any type of KYC information poses a logistics problem at scale and violates the privacy of users.

Weekly STAKING: ~99.99%: Unlimited Users and Referals

Please see the first section for more general information about this phase.

Time estimate given estimated demand, 18-36 months

  • If expelled, any downline gained during the weekly distribution is not carried over to the following weekly distribution (see below for expel rules).

  • Validators cannot stake the same coins in weekly distributions and validator elections at the same time.

Sponsoring new users

  • To sponsor a user requires a tiny payment (used to combat spam) which will be rewarded to the referred user.

Downline levels

  • 32 levels of ‘downline’ will be used. This means sponsors can refer someone, who refers someone else, and so on, up to 32 total levels, and sponsors can be rewarded for each of those 32 ‘downline levels’.

  • For each new user in their downline, sponsors will receive an additional reward based on the number of levels from which that new user is removed from them (e.g. level 1 rewards are higher than level 2 rewards).

  • Thus the rewards are limited only by a sponsor’s ability to refer new users, the ability of those people to refer new users, and the amount staked each week.

Weekly Rewards

  1. Base staking reward: 100% of the staked amount in a weekly distribution.

The “Standard Reward” is the maximum amount that can be staked by a user in a single week. To put it simply, you can double up your stake each week.

  1. Upline bonus:

The “Standard Reward” is the maximum amount that can be earned in the upline bonus, which is based on the amount staked by a sponsor in a user’s upline and which level of that sponsor’s downline a user is in.

All users will receive coins according to their downline level (1-32) and the stake of their ‘staking sponsors’, in a descending manner (i.e. if you are in the 5th level of a staking sponsor’s downline you will receive more than if you’re in the 10th level).

If a sponsor registers his own stake, they still receive coins based on any coins anyone in their upline has staked.

  1. Downline reward:

The “Standard Reward” is the maximum amount that can be earned in the downline bonus, which is

based on the size and depth of a sponsor’s downline and the sponsor’s staked amount.

It is important when being referred to select a sponsor with the highest possible stake, and sponsors can incentivize users to join their downline by staking higher amounts each week.

Expel bad actors and take their coins

The only way to effectively abuse the system is to create fake telegram accounts, register them with the Telegram verification bot one by one (manually), and then re-verify them each week.

  • Bad actors can be found through behavior analysis and expelled

  • Voting uses an algorithm to derive a 2/3 majority vote. Voting is based on stake; it is not a popular vote.

  • Because of the maximum stake limitation, even someone with 66% of all the coins can’t control 66% of a weekly vote without spamming.

  • Users risk losing their weekly stake (if any), all rewards that they would have received in a particular week, and any downline added during that week if they are expelled.

  • All orphaned users can continue to stake their own coins, and will automatically be assigned a new upline.

  • Thus it is important to carefully target the sponsors or accounts who are responsible for abuse.

  • The lost stake of bad actors is rewarded in equal parts to those who vote to expel them, including anyone in the expelled user’s downline who voted to expel someone in their own upline or downline.

  • Users who do not refer anyone during a weekly distribution are immune from being expelled, but are only rewarded the minimum 100% staking bonus.

  • If expelled, users can stake again during the next round with different coins.

Voting / Payouts

  • On day 6, new referals are closed so voting can take its course.

  • On day 7, the distribution channel is closed for new registrationg and voting, but remains open for appeals.

  • On day 7, a new channel is also opened for registration.

  • After syncing downline with the masterchain contract and distributing rewards, weekly distribution channels are closed and payments are sent ( except for Disputed Rewards, see below ).

  • Users can vote to expel any user at any time during the first 6 days, and voting results are published permanently.

Appeals for expelled users

  • During the 7th day of each weekly distribution, a new distribution channel is created, but the old channel remains in stasis so that users who feel they have wrongly expelled can file an appeal. So actually, each channel contract is overlapping with the others for one day, and each contract has some functionality for a total of 8 days.

  • Disputed rewards and downlines are not sync’d to the masterchain unless the appeal is later resolved in favor of the expelled user.

  • Accounts who are directly involved in appeals can still register different coins in the following weekly distribution, but any downline gained during the disputed week does not carry over.

3 Likes

I think my submission was too long/detailed, or otherwise could not be posted so I’m making another post to shorten.

I didn’t read ALL of the submissions, but this appears to be the only one that truly upholds privacy and simplicity.

A few comments on other submissions

Most of you don’t seem to understand anything technical that would actually go into doing this, it appears most of your ideas are just speculation on what will work, based on what… experience with previous airdrops?

Example of that, as you can see my submission talks about using signatures so that the bot can be identified by the distribution contract. I didn’t see any specific information really about how the other systems proposed would work in terms of security.

Some of these Turing tests and CAPTCHA ideas are noble and maybe coming from a good place, but keep in mind: Not only does it have to be a 5-10 second process for the user, it also has to be technically easy to achieve, we can’t be inventing new tech and taking 6 months to implement something.

A lot of these far-fetched ideas of making people ‘join telegram groups’ and other things not only present technical difficulties and it really is just asking too much of the user.

A whole other group of things like asking people to ‘link their social accounts’, well, guess what, it’s not free to keep those kind of servers… Who is going to pay the REAL money for implementing web servers?

Anything that implements a centralized web server which exposes its IP to the public (even a telegram bot that sends links that would let a user verify IP or browser fingerprint or social accounts) will not only require technical development that might be rejected by Facebook/etc, but it would cost a fortune to keep all of that data, destroys privacy, and would ABSOLUTELY get DDOS’d .

Face ID/Fingerprint rules out anybody who doesn’t have that technology or doesn’t want it on their phone, and it shares unnecessary information. Whether or not anybody thinks so, storing personal information of users in ANY WAY like this, is costly from a technical and business perspective. Plus, again, storing any of this information subjects the whole system to regulations because of the nature of the data GDPr etc… In short it’s a terrible idea.

Not to pile on, but, again with so many of these things… Who is going to maintain all of this? It’s one thing to have a centralized bot that runs for a while, doesn’t expose its IP, and can die when the distribution ends…But maintaining infrastructure such as Facebook apps (to log in with Facebook, god forbid we should EVER do this), storage of ANY user data, etc… It is just begging to be taken offline due to coding errors or DDOS

2 Likes

This is a good suggestion

Good way to Airdrop and to ensure that maximum publicity is obtained

Hi all.

Here is the link for my proposal for the Airdrop contest.

https://docs.google.com/document/d/1D6-TXPyn5nfsdy65CUVRSqyhAyDD1JYvndXIHHjnLpw/edit?usp=sharing

Here is my airdrop proposal link in English.
https://drive.google.com/file/d/1BpVMiypzij8BoP1qAdDGK93C1cQmNK2P/view?ths=true

link says : You need access
Ask for access, or switch to an account with access.

I propose 2 somewhat similar methods but with a slightly different approach for the airdrop-

Both these methods are based on the fact that instead of handing over TON Crystals straight away, we could assign specific points for each item of the airdrop, which could be converted to Crystals after the completion of the Airdrop Event.

The airdrop event is broken into different tasks and each task is assigned certain points based on the difficulty of the task.

After the airdrop event ends, and users using multiple accounts/ unfair means etc. are eliminated, the users could convert the accumulated points into Crystals.

METHOD 1
As per this method we could create a User Login (with a CAPTCHA of course) with a UserID and password to login to freeton.org and sign the Declaration of Decentralization.
The login would be used for not only signing DoD, but also For the ‘Airdrops’ page on the website(The same login could also be used for the forum, or any other future stuff on the website).

The user profile could include the users mainnet address as well so that he wont have to provide his address again and again in future.

This would prevent bots from joining the airdrop. And in order to prevent multiple accounts, the IP addresses of users while logging in to their freeTON account could be used

Airdrop 1
A new user Signs up and goes to the ‘Airdrop’ page or section where a list of tasks are present which the user needs to complete in order to get the airdrop.

Tasks Include Signing the DoD and joining the FreeTON Telegram channels. Inviting new users using his referral link etc. (In order to receive the Telegram group joining airdrop, a Telegram bot could be setup that would act as a bridge between a user’s freeton.org account and his telegram ID, which asks for some kind of captcha and the email id of the user which was used while Signing Up on Freeton.org so that the Telegram groups joining tasks could be considered as complete)

Each task could be assigned some Points. Eg- lets say 2 points each for joining the Telegram groups and 3 points for signing the Declaration.( Even 2 points each for connecting with facebook, instagram, Twitter etc.)

In order to further prevent multi accounts, some time slots could could be assigned where the airdrop Tasks open up for all the users. Eg- There could initially be a button to join the Airdrop that could open up at 12A.M, 6A.M, 9P.M, 12P.M UTC for all the users for a time period of ,say, 10-15 minutes. After the Airdrop button is clicked, the tasks would open up, which would remain accessible till they are completed.


Airdrop 2
Providing Airdrop JUST for joining the Telegram groups and signing declaration of independence provides NO ACTUAL benefit to the community in the long run.

In my opinion, in addition to the above mentioned airdrop, there could also be an airdrop that could run for say, a few weeks/a few months etc, in which the users that engage in constructive talks in the Telegram groups, provide significant opinion in the forum etc.(as decided by the modeators/admins through a decision among themselves) i.e engage actively with FreeTON and help in creating a robust community are rewarded Daily/ Weekly/ Monthly for their time and effort.
Eg- user ranked 1 in the weekly telegram ranking (based on his activity in the group throughout the week and as decided by admins) could get 100 points, user ranked 2 could get 50 points, rank 3 get 25 points etc.

It would be a good practice to provide significantly higher amount of points and crystals to people that actually engage and prove insights, as compared to those that join the groups for the sole purpose of earning airdrop.

Moreover this type of airdrop can more effectively help in preventing bots and multiple accounts, as neither bots, nor multiple accounts would assist in any way to earn higher rewards if the amount of rewards is directly related to effort


This method is effective in the long run, as the user will be able to participate in new events, airdrops, forums, etc. through a single login.



METHOD 2

This method is somewhat similar to the 1st method, but instead of focusing on the freeton.org website, it focuses more towards Telegram

A telegram bot is created which does most of the work that were performed on the website in Method I.

New user starts the FreeTON telegram bot. Initially The bot requires some kind of CAPTCHA or simple claculations(like typing solution to the question- What is 2+6? or something like that) which could somewhat prevent bots.

Then bot gives quests - Join both the FreeTON telegram groups and sign Declaration of Decentralization. And assigns same points points to each task as in method I.
(Checking the groups joined would not be a big issue for the bot, but as for checking whether the declaration is signed, the user provides the name and email ID used while signing the declaration to the bot so that it could fetch the info provided while signing DoD on the freeton.org website.)

The record of IP address of person signing the Declaration of Decentralization, would be kept and more than 1 person signing the DoD through same IP could be disqualified from the airdrop

Here, instead of the user login, the bot manages all the info including the points accumulated during the Airdrops 1 and 2 and stores the user’s mainnet address, so that the accumulated points can be automatically converted to Crystals sent to his wallet after the airdrop ends.



Keeping tab of IP Addresses for the purpose of airdrops could be quite effective, but not as effective as KYC and identity verification. But for the sake of protection of user’s anonymity while also keeping a check on person using unfair means, IP Address seems to be the most effective method. Although VPNs can be used to spoof IP Addresses, the country of person as declared in DoD and the Country of IP address will not match in most cases. Giving a fair idea if people trying to game the system.

1 Like

Airdrop contest entry: The King’s Breakfast Game

On behalf of TON Labs

The Queen took | The butter | And brought it to | His Majesty;
The King said, | “Butter, eh?”| And bounced out of bed.
“Nobody,” | he said,| As he kissed her | Tenderly,
“Nobody,” | he said,| As he slid down the banisters,
“Nobody, | My darling,| Could call me | A fussy man -
BUT | I do like a little bit of butter to my bread!”

— Alan Alexander Milne

Requirements:

Need to distribute tokens to many people

Need to avoid distribution to bots

Need to distribute only once to the same person

Need to encourage people or entities to invite others

Need to avoid asking for a full personal identity (KYC) details of each participant

Solution:

The King’s Breakfast Game smart contract (King) is deployed. It has a method to call a “Get Butter” function.

A Referrer is a person or entity wishes to participate in The King’s Breakfast Game by filling a Referrer Smart Contract Form. The King’s smart contract then deploy a Referrer Smart Contract (called Dairymaid) which address is calculated as a hash of referrer’s personal details and a Dairymaid code.

The King’s Breakfast Game is a referral game where a Referrer is inviting a first Participants to Free TON by sending a link to a form (called Cow Form). Participant is filling the form with some personal details and submits it. Personal details of Participant are hashed and a Participant Smart Contract (Cow) is deployed to the address which is calculated as a hash of participants details and a common key of King’s Breakfast Game. Cow is deployed from Dairymaid. Each new Cow deployed by Dairymaid will contain an address of a previous Cow. Dairymaid has a counter of all deployed Cows. It also has a “Milk” function. Once called, the “Milk” function will write a last Cow contract address into a Dairymaid and Dairymaid will stop accepting new Cows deployment calls and will send a message to call “GetButter” function of the King.

Once “GetButter” is activated the King’s smart contract will calculate a “Spread” for the Dairymaid according to the following parameters: total spread (number of Cows deployed), Cow price, and a number of Queen calls. The Cow price is a variable for each game to be decided before each Game start.

A Queen is a smart contract that performs random identity check called Butter Check of one random identity detail filled in a Cow form. A Queen is calling Cow smart contracts until a random Butter check needs to be performed. A special service or a list of services is called by Queen to perform Butter checks for a particular Cow and report results. The Butter check involves a real check of this particular detail by a special service (for example a KYC check of a family name or a login to a telegram account or a place of birth etc.)

Time frame is given for each Butter check to pass.

If a Butter check is successful in a given time frame, a reward is issued to the Cow which passed a check. This Reward is not revocable and will be given to a Cow contract regardless of the Game’s outcome.

If a Butter check is not successful all potential rewards of the previous Cows in a chain are nullified.

The total reward for a Dairymaid can be for example n^2 where n – number of Cows in a chain.

Half of the reward is distributed to a Dairymaid contract and half is to Cows contract.

The Game is played until total game stake is empty.

Result:

We have a system where people and organisations are motivated to refer real users to Free TON without a need to pass massive KYC. No user details are exposed. The Referral and users participating can win significant amounts of Tokens if they play fair. Unfair play is detectable and punished.

8 Likes

Edited the privacy.
Thanks.

2 Likes

Thank you, I will hope that this will be approximately!

1 Like