n-MVTL Attack: Optimal Transaction Reordering Attack on DeFi

Jianhuan Wang, Jichen Li, Zecheng Li, Xiaotie Deng, Bin Xiao

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

Abstract

Decentralized finance (DeFi) is a global and open financial system built on the blockchain technology, typically using Ethereum smart contracts. Decentralized exchanges (DEXs) are very important sectors in the DeFi ecosystem, with billions of USD trading volume daily. Unfortunately, the transparency of pending pools can be exploited by attackers and DEXs are vulnerable to transaction reordering attacks, allowing attackers to gain miner extracted value (MEV). Previous transaction reordering attacks aim at exploiting the vulnerability of a single victim transaction, such as sandwich attack and dagwood sandwich attack. In this paper, we propose a novel transaction reordering attack named n-multiple-victim-transaction-layer (n-MVTL) attack to exploit the overall vulnerability among multiple victim transactions. Such advanced design can significantly expand the victim transaction search space and bring more profits to attackers. Given a set of ordered victim transactions, we propose an optimal algorithm to identify the optimal solution for n-MVTL attacks, which aims to maximize the profit of the attack strategy. This algorithm supports a trade-off between time efficiency and attack profit, making the attack algorithm more practical. Our simulations show that the n-MVTL attack can yield an average extra daily profit of 940 USD from the top 2 most popular liquidity pools in Uniswap V2 from Mar. 2021 to Apr. 2023, compared with the sandwich attack.

Original languageEnglish
Title of host publicationComputer Security – ESORICS 2023 - 28th European Symposium on Research in Computer Security, 2023, Proceedings
EditorsGene Tsudik, Mauro Conti, Kaitai Liang, Georgios Smaragdakis
PublisherSpringer Science and Business Media Deutschland GmbH
Pages367-386
Number of pages20
ISBN (Print)9783031514784
DOIs
Publication statusPublished - Sept 2023
Event28th European Symposium on Research in Computer Security, ESORICS 2023 - The Hague, Netherlands
Duration: 25 Sept 202329 Sept 2023

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14346 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference28th European Symposium on Research in Computer Security, ESORICS 2023
Country/TerritoryNetherlands
CityThe Hague
Period25/09/2329/09/23

Keywords

  • Blockchain
  • Decentralized Exchange (DEX)
  • Decentralized Finance (DeFi)
  • DeFi Attack
  • Miner Extractable Value (MEV)

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'n-MVTL Attack: Optimal Transaction Reordering Attack on DeFi'. Together they form a unique fingerprint.

Cite this