Hash of this article (SHA 1): b366289db9b21c3e9b6668c274e4a179be57a463
No.: Lianyuan Security Knowledge No.008
In the past few years, the blockchain economy has experienced exponential growth, especially in 2022, when the locked value of the DeFi ecosystem reached a peak of $300 billion. Web3 has also seen a variety of attack methods and logical security vulnerabilities. Since 2017, the Maximum Extractable Value (MEV) has been at the forefront of the attack methods that cause losses on the ETH chain. The ChainSource Security Team has conducted relevant analysis and sorting on the basic principles and protection methods of MEV, hoping to help readers improve their protection. The ability to ensure the safety of ones own assets.
MEV Basic Principles
MEV, the full name of which is Maximum Extractable Value, was also called Miner Extractable Value in the POW era of Ethereum. After a large number of blockchains switched to POS, it was renamed Maximum Extractable Value. Because block producers are no longer the only ones who decide the order of transactions (currently, the two roles with these two permissions are miners and validators, but previously there were only miners).
MEV refers to a measure of the profit that participants such as validators or sequencers obtain by performing selective operations on transactions (including transactions, sorting transactions, and reordering transactions) within the blocks they produce.
Validators: Participants responsible for validating transactions and producing blocks;
Sequencer: The participant responsible for deciding the order of transactions;
Include transactions: select which transactions will be included in the block;
Exclude transactions: select which transactions will not be included in the block;
Reorder transactions: determine the order of transactions in a block;
Currently, hackers using MEV mainly target wallet addresses that have obtained airdrop snapshot qualifications and whose pledged tokens are about to be unlocked. The prerequisite for hackers to launch such attacks is to obtain the wallet private key, then turn on dynamic Gas monitoring, and wait for the users After the tokens or gas fees are received, a withdrawal transaction is sent in the same block or adjacent blocks, which is called a front-running transaction. We call this type of monitoring robot a Sweeper robot.
Protection methods (taking ETH as an example)
First of all, there are two ideas for this type of protection. Since the goal is to compete with hackers in terms of speed, the first approach is to increase the Gas price and the Nonce of transaction sorting.
Because Ethereums transaction fee = Gas (quantity) * Gas Price (unit price), and the Gas Limit capacity of each Ethereum block is fixed, whoever has a higher Gas Price will have their transaction packaged into the block first. Block confirmation, in addition, nonce in Ethereum represents the number of transactions. This concept should be combined with the fact that Ethereum itself is account-based, so each different account maintains its own nonce, and each transaction of each account in Ethereum Each transaction has a unique nonce, which can prevent replay attacks (the same transaction is processed multiple times) and allow the EVM virtual machine to clarify the order of transactions (for example, if the nonce of a transaction is 5, then in this transaction Before the transaction can be processed, the transaction with nonce 4 in the account must have been processed)
The second idea is to connect to nodes with faster confirmation speed and higher transaction obfuscation
If you want to change the connection node, the first recommended one is the TAICHI network node. This network is a privacy and security solution based on blockchains such as ETH and Solana. It achieves transaction obfuscation and privacy protection by introducing a series of relay nodes. The node is responsible for receiving the users transaction request and mixing it with other transactions to hide the source and purpose of the transaction.
Relay nodes: These nodes are the core of the TAICHI network and are responsible for receiving, mixing, and forwarding transactions;
Transaction mixing: By mixing multiple transactions together, relay nodes are able to effectively hide the source and purpose of individual transactions;
Privacy protection: This method can effectively prevent on-chain data analysis and tracking, protecting user privacy;
Sweeper works by monitoring transaction records in the public memory pool to preempt transactions, but the TAICHI node allows us to submit signed transactions directly to miners without broadcasting through the public memory pool, which means that Sweeper is likely to monitor If it is not available, there is a possibility of front-running Sweeper (the public memory pool refers to the collection of transactions that have been broadcast but not yet packaged into the block).
The second recommended node is FlashProtect. FlashProtect is a solution to the MEV problem in the Ethereum system provided by the FlashBots organization. It works by packaging the users transactions and sending them directly to the miners through Flashbots instead of through the public memory pool. To prevent malicious miners and robots from discovering and exploiting these transactions in the public memory pool to withdraw funds using MEV. Its disadvantage is that the transaction speed is very slow because it uses the Flashbots memory pool, which has far fewer validators than the public memory pool. .
結論
In general, various protection methods are also aimed at maintaining the sorting process of decentralized transactions and ensuring that smart contracts handle transactions in a fair manner, but the most fundamental solution must be to make adjustments from the perspective of miners and validators.
涾源科技是一家專注於區塊鏈安全的公司。我們的核心工作包括區塊鏈安全研究、鏈上資料分析以及資產和合約漏洞救援。我們已成功為個人和機構追回許多被盜的數位資產。同時,我們致力於為產業組織提供專案安全分析報告、鏈上溯源和技術諮詢/支援服務。
感謝您的閱讀。我們將持續關注並分享區塊鏈安全內容。
This article is sourced from the internet: Maximizing security: How to deal with MEV attacks in DeFi
Related: Circle founder: Why Im more optimistic about crypto than ever before
Original author: Jeremy Allair Original translation: TechFlow Im more bullish on crypto than Ive ever been. @Circle Ive been building for over 11 years and Ive never been more bullish. I also believe that the vast majority of people have an extremely narrow and limited understanding of whats going on. Thats also a reason to be bullish. This article explains why I am so optimistic. My perspective comes from close observation of the life cycle of Internet technology applications over the past 35 years or so. We have seen the emergence of open networks, open protocols, and open software, and the infrastructure on the Internet has emerged in an endless stream, deepening the Internets social and economic utility. Each wave has transformed major industries, improved peoples living standards, disrupted or…
繁體中文 
English 
简体中文 
Français 
Deutsch 
Русский 
Español 
日本語 
ไทย 
Tiếng Việt 
العربية 
한국어 
Bahasa Indonesia 
हिन्दी 
اردو 
Türkçe