Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability
Metadata only
Author
Show all
Date
2020Type
- Conference Paper
Citations
Cited 16 times in
Web of Science
Cited 22 times in
Scopus
ETH Bibliography
yes
Altmetrics
Abstract
Blockchains, and specifically smart contracts, have promised to create fair and transparent trading ecosystems.Unfortunately, we show that this promise has not been met. We document and quantify the widespread and rising deployment of arbitrage bots in blockchain systems, specifically in decentralized exchanges (or "DEXes"). Like high-frequency traders on Wall Street, these bots exploit inefficiencies in DEXes, paying high transaction fees and optimizing network latency to frontrun, i.e., anticipate and exploit, ordinary users' DEX trades.We study the breadth of DEX arbitrage bots in a subset of transactions that yield quantifiable revenue to these bots. We also study bots' profit-making strategies, with a focus on blockchain-specific elements. We observe bots engage in what we call priority gas auctions (PGAs), competitively bidding up transaction fees in order to obtain priority ordering, i.e., early block position and execution, for their transactions. PGAs present an interesting and complex new continuous-time, partial-information, game-theoretic model that we formalize and study. We release an interactive web portal, frontrun.me, to provide the community with real-time data on PGAs.We additionally show that high fees paid for priority transaction ordering poses a systemic risk to consensus-layer security. We explain that such fees are just one form of a general phenomenon in DEXes and beyond - what we call miner extractable value (MEV) - that poses concrete, measurable, consensus-layer security risks. We show empirically that MEV poses a realistic threat to Ethereum today.Our work highlights the large, complex risks created by transaction-ordering dependencies in smart contracts and the ways in which traditional forms of financial-market exploitation are adapting to and penetrating blockchain economies. © 2020 IEEE. Show more
Publication status
publishedExternal links
Book title
2020 IEEE Symposium on Security and Privacy (SP)Pages / Article No.
Publisher
IEEEEvent
Notes
Due to the Coronavirus (COVID-19) the conference was conducted virtually.More
Show all metadata
Citations
Cited 16 times in
Web of Science
Cited 22 times in
Scopus
ETH Bibliography
yes
Altmetrics