Masking and randomizing Sorbetto buybacks, providing audits

One of the enticing aspects of Popsicle (henceforth referred to as its token ICE) is how the Sorbetto system can reduce the supply of ICE via perpetual buybacks and staking it, claimable proportionately by the ICE holders who have staked ICE and received a receipt called nICE. nICE itself being a bearer share.

Out of all of the supply of ICE:

X% is staked already as nICE, and is unavailable for sell or purchase while staked.

Y% is available for purchase within liquidity pools

Z% is on exchanges or just within people’s own wallets

Sorbetto only purchases from Y, from liquidity pools, therefore Y = Total Supply - X - Z.

As of time of writing, 85% of the supply is staked as nICE already. X = 85%

Without knowing the other values, it is clear that a very small single digit percentage is available as Y to purchase by Sorbetto, and this can be further constrained, as long as nICE stakers do not unstake and sell after any buyback. There would naturally be some market participants content with trying to arbitrage, who are already staking and wait for a Sorbetto buyback and stake, and unstake to collect the small amount of additional ICE they received and sell that, which could offset the supply constraints benefits that Sorbetto accomplished.

We can mitigate this by randomizing Sorbetto’s buyback and stake behavior.

Right now, Sorbetto buybacks are a centralized process, someone on the team controls the address that collects all the fees earned by Sorbetto and arbitrarily market purchases ICE. So far this has been in differing intervals (weekly, biweekly) etc. The purchases are called “Valhalla Candles” as they are relatively large market buy orders compared to other market participants in this community. They make large upwards candles on trading charts.

In this proposal, Sorbetto buybacks remain a centralized process, but masking which address buys and altering when they stake. It is more beneficial to make Sorbetto look like a normal market participant. So the new process would be to collect Sorbetto funds in a single address, and deposit the funds into multiple times, in exchange for multiple notes. Days later the notes can be withdrawn separately to never before seen addresses. Days after that some of the addresses buy ICE. Days after that some of the addresses stake the ICE for the nICE stakers. At the end of the quarter, a third party can audit the Sorbetto fees and notes to provide the community with a report on the accounting to give assurances that it matches up and that there were no improprieties. Most privacy technologies in crypto provide optional transparency for auditors and we can use this here. It also ensures that there is a completely benign and legitimate use of privacy technology in a professional context, which comes with the additional benefit of making it easier for the rest of us to use privacy technologies.

The goal is to make Sorbetto indistinguishable from a normal buyer. To that end, a stretch goal could be for the new addresses to initially interact with a variety of other tokens and DeFi projects who eventually buys ICE. At the value amounts we are expecting, this will have a negligible and mostly fixed cost to do (in funds used and network gas) and will not materially impact the earnings from Sorbetto or the amounts of ICE bought back.

On the implementation front, this can be made seamless using the “master publickey” technology available in the Ethereum concept, available on all EVMs (Ethereum Virtual Machines, like Ethereum, Fantom, Binance Smart Chain etc), and is also core to the Hierarchical Deterministic Path concept behind the “seed phrase” or “wallet recovery phrase” which is completely chain agnostic. Behind every seed phrase there are infinite addresses on infinite branches. (For ease of use, wallets typically reveal the first address on a predetermined branch, but any wallet, such as metamask, allows for infinite additional addresses to be made under their “create account” option, but even metamask is only sticking to one predetermined branch out of infinite possible branches). The Master PublicKey allows for generating the public keys without showing the private keys. This is useful for oracles and servers and auditors and communities to see and use, without needing the seed phrase that the signer actually uses to access the private keys.

This follows a variety of the best practices in the crypto space around privacy and never re-using addresses. We can don’t have to NEVER reuse addresses, but there is no reason not to either.

Goal: make Sorbetto look like indistinguishable from a normal purchaser, reveal which ones were Sorbetto quarterly or at least show an audit that ensures the funds are distributed properly


I think this problem could be solved more simply, with more frequent and smaller buybacks which wont increase the price as much as they do now.
The problem with this method is that the gas prices of transactions quickly start eating away at the gains.We should aim to lose as little of the fee’s as possible that’s why i wouldnt complicate things with tornado cash.

We should probably also calculate how much are we willing to spend on preventing this from happening and how harmfull it really is.
Would love to see some statisics about it.

1 Like

I believe this proposal should only be passed and consume development time right now if we can demonstrate any large issues with the current process


@keksimir and @Charon and others, what I’m gathering so far is that people want to see proof this is occuring, so the committee study proposal before the action proposal. okay.

Okay it is something we can watch for. The transactions right after Sorbetto purchases will be easy to watch. If there are, sells, bridge activity and unstaking right after, you can log that and show it. Right now we don’t know how often Sorbetto will buyback to determine how long to analyze the dataset.

The other side of this is that I don’t believe it would be expensive to development, and I don’t believe it the activity would cut into earning more than 1%, which I think seems to be other people’s assumption that it is more effort and expense than reality.

But I agree that we shouldn’t haphazardly do random convoluted things.


I do remember someone in the discord claiming to have bought ~ 200 or 300k worth of ICE prior to the 13th buy back and selling immediately after at significant profit. By timing the buyback he was essentially able to extract the monetary value from nICE holders. At some point it’d be worth looking on chain.

With buybacks being inevitable (and becoming more significant) a cycle of selling following a buyback and buying the longer it is from the most recent buy would be profitable.

I’m supportive of the “intent of this policy” as it should prevent extraction of value from nICE holders.


I think for now, we arent seeing massive issues with it. We are also using flashbots rpc to make the repurchases.

I think what we can do in the future when buybacks really get big in comparison to liquidity is just do incremental daily buybacks.

1 Like