Last week, I showed how YAM is basically Ampleforth but with a fair launch. It turns out that investors really value that concept of a fair launch, which we can define as having the following attributes

  • There is no free lunch – everyone has to work for acquiring the tokens
  • The work performed is provably costly to prevent Sybil attacks
  • Participation in the launch is permissionless and transparent
  • Most importantly, there is no premine or founder allocation, and no early access. The founders are playing along with everyone else(1).

DeFi projects have invented their own version of their fair launch, as market participants have to perform proofs of work (PoW) to earn tokens, and nothing is given for free.

The type of PoW can look different for each project: In some cases, rewards are given for providing liquidity (liquidity mining) to lending protocols like Compound, or exchanges such as Curve or Uniswap.

In others, the point isn’t even to create value for others (and that’s where it gets very similar to traditional PoW) but merely to prove that a certain resource has been burned.

That’s what YAM did in wave one of their coin distribution: users simply had to lock up tokens in staking contracts where they sat unproductively, thereby incurring a provable opportunity cost.

We also touched on another, less intuitive form of PoW used in DeFi: the one of having to self-audit smart contracts. Many projects, such as YAM and Yearn Finance, launched their respective initiatives without any third-party code audits. this was partially due to lack of funding – when you don’t take a premine, how can you front up $50-100k for an audit?

As a result, users had to either incur additional work by auditing the contracts themselves OR additional risk by crossing their fingers and rushing in blind. This creates a form of multivariate PoW where the ability to audit contracts yourself becomes another viable form of work.

In this post, I want to leverage some of the stuff we know about the extensive history of altcoin launches to learn about the different ways launches can LOOK fair, while deliberately breaking some of the axioms we asserted above.

Who controls the work wins

If a particular existing asset is required to mine the new token, there is a lot of hidden value in getting to choose what that asset will be. This is always the case with DeFi fair launches since tokens tend to be distributed to liquidity pools or staking pools that require specific combinations of other assets.

Maybe the biggest historic example of that kind is the launch of Bitcoin Private (BTCP), a 2018 fork of Bitcoin that was airdropped to both holders of BTC and the much smaller ZClassic (ZCL). Between the announcement and launch, ZCL appreciated from a market cap of $3m to a temporary high of over $600m.

This shows how launches can push up the entire market for the assets required to perform the work in the first place (in this case, to hold it at the snapshot date). The creators of the coin can exploit this information asymmetry by selecting assets that they themselves own, or they can load up on the asset ahead of the launch. Then when the coin goes live, they can either use the assets to mine a disproportionate share of the new coin or simply sell the asset at an elevated market price.

For a more current example, one needs to look no further than Ethereum, where the choice of the hashing function (and therefore access to the several-billion-dollars-per-year block reward) has become highly politicized.

When YAM itself launched on Ethereum, there was a similar effect on the assets that could be used for farming the YAM tokens. Within the first three days, COMP temporarily traded at almost +47%, LINK at +34%, MKR at +31%, and SNX at +23%, showing how much potential value there is in the power to select what tokens can be used.

To spell it out clearly, given how strong the demand effect on the supported token is, we should expect future projects to create synthetic premines by selecting tokens that they themselves own.

More types of hidden premines

While the founders can select the type of work to give themselves an unfair advantage, they can also cheat by breaking one of the important elements of fair proof-of-work: That it be puzzle-friendly.

This property has been defined in the Princeton Bitcoin book as the condition that there are no shortcuts (such as ones that are known only to insiders) to the work that is required. In Bitcoin’s case, solving a hash puzzle, therefore the name.

This condition is satisfied in PoW mining since the solution to the latest hash puzzle requires knowing the solution to the previous hash puzzle. This ensures that all miners can start working on each puzzle at the same time.

But some projects have also secretly broken this property using a scheme called “fast mine” or “cripple mine”. The main idea is that for the launch of a new PoW coin, it’s usually the founding team that releases the first client, and then everyone mines using that client. In a cripple mine, the founding team manipulates – or cripples – the public version of that mining software to make it slower and less efficient, while they secretly operate the uncrippled version of the same client. It is clear that a cripple mine was used in both Bytecoin and (to a smaller degree) Monero, but intent on behalf of the development team is hard to prove. Meanwhile, Dash had problems with its difficulty adjustment algorithm, leading to ~10-15% of the total supply being issued within the first two days – a fast mine that disproportionally rewarded the insiders and early adopters.

In DeFi, similar vulnerabilities can be seen in the idea of multivariate proof of work. Whoever wrote the smart contract plus their friends and family can audit the smart contracts much sooner than anyone else, and hence gain an unfair advantage. This problem will always exist with audits-as-PoW and the only way to remove it is to remove the requirement to audit the code in the first place, by getting professional audits before launch.

An awesome initiative in this regard is Fair Launch Capital, a group that wants to pay for audits ahead of launch and then initiate a governance vote later to recoup their grant from the community.

An even more obscure version of hidden premine could be observed at the launch of Curve’s CRV token, which was allegedly launched by a third party ahead of schedule. Curve initially cautioned users not to interact with it, but later legitimized the launch as official. While anyone could have mined during that time, it stands to reason that many potential miners stayed away from the project because they trusted the communication put out by the Curve team.


Finally, it should be said that not every launch wants to be a fair launch. In some cases, protocol designers can try to get the coin into the hands of very specific parties(2) at the expense of disadvantaging others, and that is okay. A fair launch might not be a one-size-fits-all recipe.

But in other cases where a fair launch is a core feature of the coin, I hope investors can watch out for the exploits described today and hold designers to a higher standard.

(1) Launches can also happen on a sliding scale, such as with Compound where some of the tokens are issued to founders and early backers, while the rest are distributed to the market.
(2) Such as users experienced in active governance and tokenomics


Hasu Hasu

Crypto researcher writing w/@zhusu for @DeribitInsights and, podcast: