High-Frequency Trading on Decentralized On-Chain Exchanges

Zhou, Liyi; Qin, Kaihua; Torres, Christof Ferreira; Le, Duc V.; Gervais, Arthur

doi:10.1109/sp40001.2021.00027

Cited by 108 publications

(56 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With enormous funds flowing into the decentralized finance (DeFi) applications, these scams become lucrative moneymaking opportunities for attackers. Previous research studied several different aspects of crypto-economic attacks, e.g., financial repercussions due to transaction reordering [60,62,73,83], flash loan abuse [74], arbitrage opportunities [82], pumpand-dump schemes [64,69,80], etc. Besides protocol attacks, there exists a substantial body of work on automated detection of smart contract vulnerabilities, e.g., reentrancy, transaction order dependence, integer overflows, and unhandled exceptions [16, 34, 56, 58, 63, 65-68, 71, 72, 77, 81].…”

Section: Introductionmentioning

confidence: 99%

Understanding Security Issues in the NFT Ecosystem

Das¹,

Bose²,

Ruaro³

et al. 2021

Preprint

View full text Add to dashboard Cite

Non-Fungible Tokens (NFTs) have emerged as a way to collect digital art as well as an investment vehicle. Despite having been popularized only recently, over the last year, NFT markets have witnessed several high-profile (and high-value) asset sales and a tremendous growth in trading volumes. However, these marketplaces have not yet received much scrutiny. Most academic researchers have analyzed decentralized finance (DeFi) protocols, studied attacks on those protocols, and developed automated techniques to detect smart contract vulnerabilities. To the best of our knowledge, we are the first to study the market dynamics and security issues of the multi-billion dollar NFT ecosystem.In this paper, we first present a systematic overview of how the NFT ecosystem works, and we identify three major actors: marketplaces, external entities, and users. We study the design of the underlying protocols of the top 8 marketplaces (ranked by transaction volume) and discover security, privacy, and usability issues. Many of these issues can lead to substantial financial losses. During our analysis, we reported 5 security bugs in 3 top marketplaces; all of them have been confirmed by the affected parties. Moreover, we provide insights on how the entities external to the blockchain are able to interfere with NFT markets, leading to serious consequences. We also collect a large amount of asset and event data pertaining to the NFTs being traded in the examined marketplaces, and we quantify malicious trading behaviors carried out by users under the cloak of anonymity. Finally, we studied the 15 most expensive NFT sales to date, and discovered discrepancies in at least half of these transactions.

show abstract

Section: Introductionmentioning

confidence: 99%

Understanding Security Issues in the NFT Ecosystem

Das¹,

Bose²,

Ruaro³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Zhou et al [35] formalize the sandwich attack problem on AMM exchanges. They study the problem analytically and empirically from the attackers' perspective and quantify when profitable attacks exist.…”

Section: Related Workmentioning

confidence: 99%

Eliminating Sandwich Attacks with the Help of Game Theory

Heimbach,

Wattenhofer

2022

Preprint

View full text Add to dashboard Cite

Predatory trading bots lurking in Ethereum's mempool present invisible taxation of traders on automated market makers (AMMs). AMM traders specify a slippage tolerance to indicate the maximum price movement they are willing to accept. This way, traders avoid automatic transaction failure in case of small price movements before their trade request executes. However, while a too-small slippage tolerance may lead to trade failures, a too-large slippage tolerance allows predatory trading bots to profit from sandwich attacks. These bots can extract the difference between the slippage tolerance and the actual price movement as profit.In this work, we introduce the sandwich game to analyze sandwich attacks analytically from both the attacker and victim perspectives. Moreover, we provide a simple and highly effective algorithm that traders can use to set the slippage tolerance. We unveil that most broadcasted transactions can avoid sandwich attacks while simultaneously only experiencing a low risk of transaction failure. Thereby, we demonstrate that a constant auto-slippage cannot adjust to varying trade sizes and pool characteristics. Our algorithm outperforms the constant auto-slippage suggested by the biggest AMM, Uniswap, in all performed tests. Specifically, our algorithm repeatedly demonstrates a cost reduction exceeding a factor of 100. CCS CONCEPTS• Security and privacy → Distributed systems security; • Theory of computation → Algorithmic game theory.

show abstract

“…In this section, we present a taxonomy of AMMs with a focus on the most common components that exist across major decentralized exchanges [1]. Certain protocol-specific components are out of scope and not discussed in this paper.…”

Section: Amm Preliminariesmentioning

confidence: 99%

“…We recognize that this behavior is present for all AMMs. Security risk in terms of attack vectors in high-frequency trading on DEX are discussed in [1] and [19], while flash loan attack vectors are described in [20] and [21]. [22] explores design weaknesses and volatility risks in Defi.…”

Section: Related Workmentioning

confidence: 99%

“…Among all the prominent DeFi applications, Automated Market Makers (AMM) based Decentralized Exchanges (DEXs) are on the ascendancy, with an aggregate value locked exceeding 15 billion USD at the time of writing. 1 Different from order-book based exchanges where the market price of an asset is determined by the last matched buy and sell orders, each AMM uses a socalled conservation function that determines asset price algorithmically, by only allowing the exchange rates to move along predefined trajectories. Specially, AMMs implement a peer-to-pool method, where liquidity providers contribute assets to liquidity pools while individual users exchange assets with a pool that contains both the input and the output assets.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SoK: Decentralized Exchanges (DEX) with Automated Market Maker (AMM) Protocols

Xu,

Paruch,

Cousaert

et al. 2021

Preprint

View full text Add to dashboard Cite

As an integral part of the Decentralized Finance (DeFi) ecosystem, Automated Market Maker (AMM) based Decentralized Exchanges (DEXs) have gained massive traction with the revived interest in blockchain and distributed ledger technology in general. Most prominently, the top six AMMs-Uniswap, Balancer, Curve, Dodo, Bancor and Sushiswap-hold in aggregate 15 billion USD worth of crypto-assets as of March 2021. Instead of matching the buy and sell sides, AMMs employ a peer-to-pool method and determine asset price algorithmically through a so-called conservation function. Compared to centralized exchanges, AMMs exhibit the apparent advantage of decentralization, automation and continuous liquidity. Nonetheless, AMMs typically feature drawbacks such as high slippage for traders and divergence loss for liquidity providers. In this work, we establish a general AMM framework describing the economics and formalizing the system's state-space representation. We employ our framework to systematically compare the mechanics of the top AMM protocols, deriving their slippage and divergence loss functions.

show abstract

High-Frequency Trading on Decentralized On-Chain Exchanges

Cited by 108 publications

References 23 publications

Understanding Security Issues in the NFT Ecosystem

Understanding Security Issues in the NFT Ecosystem

Eliminating Sandwich Attacks with the Help of Game Theory

SoK: Decentralized Exchanges (DEX) with Automated Market Maker (AMM) Protocols

Contact Info

Product

Resources

About