Technical Whitepaper · Version 1.0 · March 2026
DUMPYC: A Protocol for Blockchain Hygiene
on Solana
A permissionless burn protocol that converts dead meme coins into a scarce, deflationary token governed by a Bitcoin-style halving schedule.
Table of Contents
Abstract
Solana's low transaction costs and permissionless token creation have made it the most active blockchain for retail token launches. This same accessibility has produced an ecosystem cluttered with hundreds of thousands of abandoned meme coins, failed project tokens, and zero-value assets occupying wallet space, inflating token account rent, and degrading the experience for legitimate participants.
DUMPYC is a permissionless burn protocol that converts this waste into a productive asset. Users burn unwanted SPL and Token-2022 tokens in exchange for DUMPYC — a fixed-supply, deflationary token governed by a Bitcoin-style halving schedule. The protocol requires no admin allowlist, supports any token with a Jupiter price feed, and enforces all safety guarantees at the smart contract level with oracle co-signing.
The result is a self-sustaining incentive loop: the more blockchain clutter that exists, the more valuable the cleanup mechanism becomes. Every DUMPYC token in existence is proof of cleanup work performed.
1. The Dust Problem
1.1 The Scale of Solana Wallet Clutter
Since 2021, Solana has hosted millions of token mints. The 2023–2025 meme coin supercycle alone produced hundreds of thousands of new tokens, the vast majority of which have since gone to zero. Wallet scanners routinely surface 50–200 distinct token accounts for active users — most of them holding assets worth fractions of a cent.
This is not merely an aesthetic problem. Each SPL token account on Solana requires a rent deposit of approximately 0.002 SOL (~$0.30 at current prices). A wallet with 100 dead token accounts has roughly $30 in capital locked in rent that cannot be recovered without explicitly closing each account. For retail users who accumulated tokens across multiple bull cycles, this locked capital sits silently idle.
Beyond rent, dust tokens impose cognitive load. Users must mentally filter noise from signal every time they open their wallet. They complicate portfolio tracking, confuse tax reporting, and serve as vectors for airdrop scam tokens — zero-value tokens designed to prompt unsuspecting users into interacting with malicious contracts.
1.2 Why Existing Solutions Fall Short
Existing approaches to wallet cleanup fall into two categories:
Manual close tools
Tools like sol-incinerator allow users to close token accounts and recover rent SOL. They destroy value — users receive only rent back, with no compensation for the economic value of the tokens being burned.
Project buyback-and-burn
Individual projects burn tokens for their own economy but do not address cross-ecosystem dust or create any incentive for users to clean up proactively.
Neither approach creates a sustainable, ecosystem-wide flywheel for blockchain hygiene.
1.3 The DUMPYC Thesis
DUMPYC's thesis is simple: burning should be rewarded. When a user destroys a low-value token, they are performing a service to the ecosystem — reducing noise, freeing rent, and acknowledging that the token has failed its promise. That service should have a market price.
By converting any burnable token into DUMPYC at a USD-denominated rate, the protocol:
2. Protocol Overview
2.1 The Burn Flow
The DUMPYC burn flow is four steps. Every step is either enforced on-chain or cryptographically committed to by the oracle's signature — the user cannot be given a worse rate than what they agreed to.
Evaluate
The user selects a token. The frontend fetches a signed price quote from the oracle, including TWAP validation and a liquidity discount based on actual on-chain routing depth.
Quote
The oracle returns a co-signed quote: the USD price per token unit, a validity timestamp (60 seconds), and any liquidity discount. The oracle's signature cryptographically binds the price to the exact transaction.
Sign
The user reviews the quote — amount received, fee split, slippage tolerance — and signs the transaction. The oracle has already partially signed; the user's signature is the second and final required signer.
Settle
The on-chain program atomically burns the input tokens, mints DUMPYC to the user, mints the treasury fee, and records burn credits. No intermediate custody — all in one instruction.
2.2 Permissionless Token Support
The protocol supports any SPL token or Token-2022 token that passes automated qualification criteria. There is no admin-curated allowlist. When a user attempts to burn a token, the oracle evaluates it in real time and creates a TokenConfig PDA on-chain if it qualifies — all within the same transaction.
Removing the allowlist is the most important design decision in the protocol. An admin-curated list is fundamentally at odds with a cleanup protocol — if an admin must approve tokens, the long tail of genuinely worthless tokens (the ones most in need of cleanup) will never get approved.
3. Tokenomics
3.1 Supply Model
DUMPYC has a hard cap of 420,000,000,069 tokens (approximately 420 billion, with 6 decimal places). The supply is not pre-minted. Every DUMPYC in existence was minted in exchange for burned tokens — there are no team allocations, investor rounds, or genesis distributions.
This mint-on-demand model has a critical implication: every DUMPYC represents real economic value destroyed. The circulating supply is a direct measure of the cleanup work the protocol has performed.
3.2 Halving Schedule
DUMPYC uses a Bitcoin-inspired halving schedule. The minting rate halves every 1,000,000,000 DUMPYC (1 billion tokens) minted. Early participants receive proportionally more DUMPYC per dollar burned than later participants, rewarding early adoption while preventing hyper-inflation from late-stage bulk burning.
Burns that cross epoch boundaries receive a blended rate, calculated precisely on-chain using integer arithmetic with u128 intermediates to avoid overflow.
Halving Schedule
Scroll to see all 42 epochs. At 420B+ supply, minting ceases permanently.
3.3 Protocol Fee
Every burn incurs a 5% protocol fee (configurable up to 10% maximum by admin). The fee splits into two streams with distinct purposes:
3% Treasury
Minted directly to the protocol treasury wallet as DUMPYC. Funds ongoing development, infrastructure, and liquidity operations.
2% Burn Credits
Stored as pending credits in the user's on-chain account — not yet minted. Only redeemable by closing a token account. Rewards the cleanup behavior the protocol is designed to incentivize.
Example: Burn $10.00 at Epoch 0
3.4 Burn Credits System
Burn credits are the protocol's mechanism for rewarding account closure — the most impactful form of cleanup. Credits accumulate with every burn but are only minted when the user redeems them by closing a token account.
This design means credits function as a deferred reward for wallet cleanup. A user who burns tokens but never closes accounts never receives their credits. A user who actively closes accounts receives bonus DUMPYC on top of their normal burn rewards. Even a token account with zero balance can be closed to unlock credits.
Burn tokens, earn credits
2% of each burn is stored as pending credits in your on-chain UserState PDA. Credits are NOT minted yet.
Close any token account
Call redeem_credits with any token account — even one with zero balance — that you want to close.
Receive DUMPYC + rent
The program burns remaining tokens in the account, closes it (rent SOL returned to you), and mints all accumulated credits as DUMPYC at 1:1.
3.5 Liquidity Discount
Not all tokens have equal liquidity. A user attempting to burn $100,000 of a thinly-traded token cannot realistically extract $100,000 of value from the market — the trade itself would move the price substantially. The protocol models this reality with a sliding liquidity discount applied by the oracle.
The oracle probes Jupiter's routing engine to measure expected price impact at the burn size. This discount is baked into the oracle's signed price, so the on-chain program enforces exactly what was agreed. The 10% floor ensures that no token — regardless of liquidity — is ever valued at absolute zero.
Liquidity Discount Examples
BONK ($50M liquidity)
Burn $100
0%
→ $95.00 DUMPYC
Meme coin ($500K liq)
Burn $10,000
~10%
→ $8,550 DUMPYC
Meme coin ($500K liq)
Burn $500,000
~90%
→ $4,750 DUMPYC
Dead token (no route)
Burn $50
90% floor
→ $0.47 DUMPYC
All amounts shown after 5% protocol fee. Discount is independent of tier.
4. Technical Architecture
4.1 On-Chain Program
The DUMPYC program is built with Anchor 0.32.1 on Solana. It uses three account types stored as PDAs (Program Derived Addresses), giving deterministic, trustless account resolution:
ProgramConfigPDA seeds: ["config"]· admin, oracle_authority, treasury, dumpyc_mint
· fee_bps (max 1000), credit_bps, rate_limit_secs
· total_dumpyc_minted, total_burns, total_fees_collected
· total_credits_issued, total_credits_redeemed
TokenConfigPDA seeds: ["token", mint]· mint, is_active
· max_price_usd_e6 (price ceiling)
· daily_burn_cap_usd_e6, daily_burned_usd_e6, daily_reset_ts
· total_burned
UserStatePDA seeds: ["user", user.key()]· authority, last_mint_ts
· total_dumpyc_received, burn_count
· burn_credits
4.2 Oracle Architecture
The oracle is a server-side service co-deployed with the Next.js frontend. It performs four functions: price sourcing from Jupiter's Price API, TWAP tracking with Redis persistence, liquidity assessment via Jupiter's Quote API, and transaction co-signing.
The oracle's private key never leaves the server. The on-chain program requires the oracle's Ed25519 signature on every burn_for_dumpyc call. A compromised user client cannot mint DUMPYC at an arbitrary price.
Oracle Validation Pipeline
4.3 Halving Algorithm
The halving calculation runs entirely on-chain. Burns crossing epoch boundaries receive precisely blended rates — the program iterates through epochs, filling each before moving to the next:
// Pseudocode — full Rust implementation on-chain
let divisor = 1 << epoch; // 2^epoch
let remaining_in_epoch = EPOCH_SIZE - (total_minted % EPOCH_SIZE);
let dumpyc_at_rate = remaining_usd / divisor;
if dumpyc_at_rate <= remaining_in_epoch {
// Whole burn fits in current epoch
total_out += dumpyc_at_rate; break;
} else {
// Fill epoch, carry USD remainder to next
total_out += remaining_in_epoch;
remaining_usd -= remaining_in_epoch * divisor;
}
// Hard cap enforcement
if new_total > MAX_SUPPLY { return Err(MaxSupplyReached); }
All arithmetic uses u128 intermediates with explicit overflow checks. The overflow-checks = true compiler flag in the release profile ensures arithmetic panics cleanly rather than silently wrapping.
4.4 Token Qualification
Every token is evaluated at quote time across five dimensions. Tokens are classified into tiers that affect daily burn caps but never block access entirely.
Established
· Jupiter-verified
· Mint authority renounced
· Freeze authority renounced
· ≥$50K liquidity
· ≥1,000 holders
· ≥30 days old
Cap: $10,000,000/day
Standard
· Not Jupiter-verified
· Mint authority renounced
· Freeze authority renounced
· ≥$5K liquidity
· ≥100 holders
· ≥7 days old
Cap: $1,000,000/day
Risky
· Active mint authority, or
· Active freeze authority, or
· <100 holders, or
· <7 days old
Cap: $100,000/day
5. Security Model
5.1 Attack Surface
Price manipulation
Attacker pumps a token's price, burns for inflated DUMPYC.
✓ TWAP divergence check rejects >15% spot-vs-TWAP deviation
✓ Per-token price ceiling (max_price_usd_e6)
✓ Daily burn caps limit extractable value per token
✓ 60-second quote validity limits execution window
Oracle key compromise
Compromised oracle signs arbitrary prices.
✓ Max quote age (300s) limits forward-dated exploitation
✓ Per-token price ceilings cap the damage
✓ Daily caps limit per-token exposure
✓ Oracle key is rotatable via admin instruction
Slippage exploitation
Attacker frontruns a burn to move the input token's price.
✓ User specifies min_dumpyc_out before signing
✓ On-chain program rejects if output < user's floor
Fake token + fake liquidity
Attacker creates a token, seeds fake liquidity, burns for DUMPYC.
✓ Liquidity discount: seeding $1K against a $100K burn gives ~90% penalty
✓ Daily caps: $100K/day for Tier 3 tokens
✓ TWAP requires 3+ price samples before quotes are issued
5.2 Trust Assumptions
DUMPYC makes two explicit trust assumptions in its MVP architecture:
Oracle trust
The oracle server is operated honestly. A malicious oracle could sign inflated prices up to each token's price ceiling. Per-token caps and daily burn limits bound worst-case damage. The oracle key is rotatable and can be replaced with a threshold-signature scheme post-launch.
Admin trust
The admin key can change the oracle, treasury, and fee parameters. Admin operations follow standard timelocked multisig best practices for mainnet. Governance can be transferred to a DAO post-launch.
6. Ecosystem Value
🧹
Solana state reduction
Every successful burn + account closure removes a token account from Solana's active state, freeing ~0.002 SOL in rent and reducing validator state size. At scale, a protocol processing millions of dust tokens is a meaningful contributor to network health.
📊
Price discovery for distressed assets
Most zero-value tokens have no market — their last trade was months ago. DUMPYC's liquidity discount model creates the first systematic, transparent pricing mechanism for distressed Solana tokens. Neither zero nor ATH: a fair exchange at actual liquidity depth.
📋
Permanent on-chain cleanup record
Each burn emits a BurnEvent containing: user, input token, amount, DUMPYC received, USD value, and current halving epoch. This creates an auditable ledger of cleanup activity — a measure of which tokens the market considers permanently done.
🔥
Incentive-aligned scarcity
Every DUMPYC that exists represents real economic value destroyed. The halving schedule ensures that as the ecosystem accumulates more dust and more cleanup happens, minting DUMPYC gets progressively harder — aligning scarcity with actual cleanup work done.
Every DUMPYC that exists is proof of work —
not computational work. Cleanup work.
The total supply is a ledger of the Solana ecosystem's junk,
permanently converted into something worth holding.
7. Roadmap
Phase 1–4
Complete· Anchor program: burn/halving/credits/Token-2022
· Next.js frontend with wallet integration
· Oracle with TWAP, liquidity discounts, tier qualification
· Metaplex metadata, Solana Actions/Blinks
· Monitoring, SEO, health check infrastructure
Phase 5
Mainnet Launch· Deploy program to mainnet-beta
· Set on-chain metadata with Arweave URI
· Create SOL/DUMPYC liquidity pool on Raydium
· Submit to Dexscreener, Birdeye, CoinGecko
Phase 6
Oracle Decentralization· Migrate to multi-party oracle using threshold signatures
· Add Pyth price feed integration as secondary source for Tier 1 tokens
· Price feed redundancy and automatic failover
Phase 7
Governance· Transfer admin key to timelocked multisig
· Community proposals for fee parameter changes
· DAO voting on tier thresholds and token policy
Phase 8
Cross-Chain· Wormhole bridge for cross-chain dust
· Support for EVM chain tokens bridged to Solana for burning
· Integration with EVM-native cleanup protocols
Appendix: Key Parameters
| Parameter | Value |
|---|---|
| Hard cap | 420,000,000,069 DUMPYC |
| Decimals | 6 |
| Epoch size | 1,000,000,000 DUMPYC |
| Protocol fee | 5% (500 bps) |
| Treasury allocation | 3% (300 bps) |
| Credit allocation | 2% (200 bps) |
| Max fee cap | 10% (1000 bps) |
| Rate limit | 3,600 seconds (1 hour) |
| Max quote age | 300 seconds |
| TWAP window | 300 seconds (5 min) |
| TWAP min samples | 3 |
| Price divergence limit | 15% |
| Liquidity discount floor | 10% |
| Tier 1 daily cap | $10,000,000 |
| Tier 2 daily cap | $1,000,000 |
| Tier 3 daily cap | $100,000 |
| Program ID | BKWmFSB3N2YFrPKnmofU4dcNW7cntaux8FU11KRbCcDo |
DUMPYC is experimental software. This document describes the protocol's design and is not financial advice. The oracle is centralized at launch; see Section 5.2 for trust assumptions.
Read the code. Program is fully open source.