DOI
10.34229/KCA2522-9664.24.6.4
UDC 621.391:519.2:519.7
1 Institute of Physics and Technology of the National Technical University “Igor Sikorsky Kyiv Polytechnic Institute;” G.E. Pukhov Institute for Modelling in Energy Engineering, National Academy of Sciences of Ukraine, Kyiv, Ukraine
lusi.kovalchuk@gmail.com
|
2 Institute of Physics and Technology of the National Technical University “Igor Sikorsky Kyiv Polytechnic Institute,” Kyiv, Ukraine
antonvykhlo@gmail.com
|
ASSESSMENT OF THE PROBABILITY OF SUCCESS OF A FRONTRUNNING
ATTACK ON SMART CONTRACTS
Abstract. A frontrunning attack is one of the most common attacks on smart contracts. Its essence lies in manipulating the order of transaction inclusion in a block to gain an advantage by altering the transaction processing sequence. This attack poses a particular threat to the conduct of p2p auctions for selling “green” electricity. In this paper, different types of such attacks are examined, analyzed, and formalized in step-by-step execution algorithms. Next, a model is proposed to assess the probability of success of such an attack. An explicit formula is derived for the probability of success of a displacement attack and an insertion attack, which are specific cases of a frontrunning attack. The probability of success is shown to depend on network parameters and the ratio between the transaction fees created by an honest user and a malicious user. Numerical examples of practical applications of the derived formula are provided, further confirming the correctness of the analytical results.
Keywords: blockchain, smart contracts, auctions, p2p sales of “green” electricity, frontrunning attack.
full text
REFERENCES
- 1. Gandal N., Hamrick J., Moore T., Oberman T. Price manipulation in the Bitcoin ecosystem. Journal of Monetary Economics. 2018. Vol. 95. P. 86–96. URL: https://doi.org/10.1016/j.jmoneco.2017.12.004 .
- 2. Paulaviсius R., Grigaitis S., Filatovas E. A systematic review and empirical analysis of blockchain simulators. IEEE. 2021. Vol. 9. P. 38010–38028, URL: https://doi.org/10.1109/ ACCESS.2021.3063324 .
- 3. Mohan V. Automated market makers and decentralized exchanges: A DeFi primer. Financial Innovation. 2022. Vol. 8. URL: https://doi.org/10.1186/s40854-021-00314-5 .
- 4. Leirvik T. Cryptocurrency returns and the volatility of liquidity. Finance Research Letters. 2022. Vol. 44. URL: https://doi.org/10.1016/j.frl.2021.102031 .
- 5. Liao Z., Song S., Zhu H., Luo X., He Z., Jiang R., Chen T., Zhang T., Zhang X. Large-scale empirical study of inline assembly on 7.6 million Ethereum smart contracts. IEEE Transactions on Software Engineering. 2023. Vol. 49. P. 777–801. URL: https://doi.org/10.1109/TSE.2022.3163614 .
- 6. Caldarelli G., Ellul J. The blockchain Oracle problem in decentralized finance — A multivocal approach. Applied Sciences. 2021. Vol. 11. URL: https://doi.org/10.3390/app11167572 .
- 7. Zhang W., Anand T. Ethereum architecture and overview. In: Blockchain and Ethereum Smart Contract Solution Development. Apress, Berkeley, CA, 2022. P. 209–244. URL: https://doi.org/ 10.1007/978-1-4842-8164-2_6 .
- 8. Carl D., Ewerhart C. Ethereum gas price statistics. University of Zurich, Department of Economics. Working Paper No. 373. 2020. URL: http://doi.org/10.2139/ssrn.3754217 .
- 9. Stucke Z., Constantinides T., Cartlidge J. Simulation of front-running attacks and privacy mitigations in Ethereum blockchain. Proc. of the 34th European Modeling & Simulation Symposium (EMSS 2022). 2022. URL: https://doi.org/10.46354/i3m.2022.emss.041 .
- 10. Tjiam K., Wang R., Chen H., Liang K. Your smart contracts are not secure: Investigating arbitrageurs and Oracle manipulators in Ethereum. CYSARM 21: Proc. of the 3rd Workshop on Cyber-Security Arms Race. 2021. P. 25–35. URL: https://doi.org/10.1145/3474374.3486916 .
- 11. Arulprakash M., Jebakumar R. Commit-reveal strategy to increase the transaction confidentiality in order to counter the issue of front running in blockchain. AIP Conf. Proc. 2022. Vol. 2460, Iss. 1. 020016. URL: https://doi.org/10.1063/5.0095700 .
- 12. Khan A., Rahulamathavn Y., Basutli B., Zheng G., Assadhan B., Lambotharan S. Blockchain-based distributive auction for relay-assisted secure communications. IEEE Access. 2019. Vol. 7. P. 95555–95568. URL: https://doi.org/10.1109/ACCESS.2019.2929136 .
- 13. Xue Y., Fu J., Su S., Bhuiyan Z., Qiu J., Lu H., Hu N., Tian Z. Preventing price manipulation attack by front-running. In: Advances in Artificial Intelligence and Security. ICAIS 2022. Communications in Computer and Information Science. Sun X., Zhang X., Xia, Z., Bertino E. (Eds.). Cham: Springer, 2022. Vol. 1588. P. 309–322. URL: https://doi.org/10.1007/978-3-031-06764-8_25 .