Dutch Auction Buyback & 99/1 Token Burn Mechanism

Traditional Web3 projects often rely on manual withdrawals from treasuries, manual swap executions on decentralized exchanges (DEXs), and transfers to burn addresses to buy back tokens. This approach lacks on-chain transparency and is vulnerable to trust crises due to human manipulation or delays.

DeSix introduces an industry-first decentralized, permissionless Dutch Auction buyback and automated burning system (DeSixDutchAuctionBuyback.sol). Powered entirely by market arbitrage forces, it runs token deflation purely via on-chain mathematical formulas.

---

1. Accumulation of Buyback Funds & Auction Triggers

1. Fee Slicing: Out of the 0.3% protocol fee collected on each bet, 15% is automatically routed in real-time to the DeSixDutchAuctionBuyback contract.
2. Auction Threshold: When the accumulated USDC in the contract reaches the starting threshold (Testnet 10.00 USDC / Mainnet 100.00 USDC), anyone can trigger or the system will automatically initiate a Dutch Auction.
3. Price Decay Curve:
   • Once the auction begins, the buyback price of $DESIX in terms of USDC starts at a high initial value (e.g., 2.0x the historical oracle price feed).
   • As block time advances, the buyback price decays linearly over a 6-hour window until it reaches a floor price (e.g., 0.5x the historical price).

---

2. Permissionless Arbitrage & the 99/1 Allocation

Since the buyback price decays linearly, it will inevitably cross the real market price on DEXs (like Uniswap V3) at some point, creating an "arbitrage spread":

Auction Price (USDC / DESIX)
  │
2.0x ──┐
  │    \
  │     \   [Arbitrage Spread] — Triggered by competing bots
  │      \       │
DEX Price ────────┼───────
  │        \     ▼
  │         \
0.5x ────────┴───────────
  │
  └──────────────────────── Time (6 Hours)

• MEV Arbitrage Execution: Global MEV searchers, arbitrage bots, and arbitrageurs monitor this spread constantly. Once the rate becomes profitable, they invoke the executeBuyback function, exchanging $DESIX for USDC stored in the contract.
• Share Allocation & Burning:
  • 99% Burn: 99% of the purchased $DESIX is automatically burned within the same transaction, permanently removing it from circulation.
  • 1% Bounty: The caller (bot) that triggers the execution automatically receives 1% of the purchased tokens as compensation for gas and risk premium.
  • Deflationary Loop: This ensures the protocol completes buyback and burn cycles with high efficiency using market competition, achieving constant deflation of token supply without any admin intervention.

---

3. P1-4 Arbitrary Call Vulnerability & Safety Hardening

During previous safety audits, a critical vulnerability (P1-4) was flagged in executeBuyback:

• Vulnerability Description: To support swap routers on different DEXs, the buyback contract used a low-level router.call(swapData) call. If swapData is controlled by the caller and the router address lacks validation, an attacker could craft malicious data to execute arbitrary transactions under the buyback contract's identity, draining all assets in the buyback reserve.
• Safety Hardening:
  • We introduced the allowedSwapSelectors (Swap Function Selector Whitelist) mechanism.
  • The contract decodes and validates the first four bytes (Function Selector) of swapData. Only pre-registered, trusted swap signatures (e.g., Uniswap V3's exactInputSingle / swapExactTokensForTokens) are permitted.
  • The transaction recipient is strictly validated and must be the buyback contract itself, completely blocking asset drain avenues.