Our empirical results show that an adversary can achieve an average daily revenue of 3,414 USD.
However, AMM DEXs also exacerbate malpractices by quoting asset prices in a fully deterministic way, providing relative certainty over the expected price impact of a trade. This enables a frontrunning adversary to perform attacks with predictable outcomes.
The fundamental intuition is that the delay in the time taken for a transaction to execute allows an adversary to profit by exploiting the knowledge of the direction of a price change. The attacks are called sandwich attacks because a victim transaction is sandwiched between adversarial transactions.
A liquidity provider targets a victim liquidity taker transaction:
Upon observing the victim transaction, the adversary emits three transactions:
- RemoveLiquidity (increases victim’s slippage)
- AddLiquidity (restores pool liquidity)
- TransactY forX (restores asset balance of X)
The (i) front-running RemoveLiquidity transaction reduces the market liquidity of the AMM DEX and increases the victim’s unexpected slippage. The (ii) back-running AddLiquidity transaction restores the percentage of liquidity A holds before the attack. Finally, (iii) the backrunning transaction TransactY forX equilibrates the adversary’s balance of asset X to the state before the attack.
We observe that the greater the amount of ETH transacted by the victim, the greater is the adversarial revenue.
Our empirical results suggest that both an adversarial liquidity taker and provider can again profit by undertaking a sandwich attack, where the victim trades with the Uniswap default slippage protection strategy at the time of writing this paper (0.5% total slippage).
We find that most miners (c. 79%) order transactions based on the gas price. The dominance of this transaction order aids an adversary because it makes it more likely for an adversary that they can control the placement of their transactions in a block by tweaking the gas price they offer for each transaction.
PS: The transaction gas price, together with the degree of blockchain transaction congestion (i.e. competing transactions that seek to be mined), influences the pace at which a transaction is mined.
For instance, our simulation suggests that the sandwich attack is not profitable after the victim transaction remained pending on the P2P network for 27.7, 20.3, 16.3 seconds, given 2, 5 and 10 adversaries respectively, when the victim V transacts 20 ETH for DAI
Our results suggest that having multiple attackers does, in expectation, divide the total revenue among the adversaries, minus the transaction fee overhead. Specifically, we find that the presence of 2, 5 and 10 attackers respectively reduce the expected profitability of the attack by 51.0%, 81.4% and 91.5% (given the victim transacts 20 ETH to DAI on Uniswap with a transaction pending on the P2P layer for 10 seconds before being mined).
This protection solution moreover is not scalable in terms of trades per second, as it would limit the number of trades an AMM DEX can execute to 1 transaction per blockchain block
One of the limitations of commit-and-reveal protocol is its usability, as it requires participants to be aware of both rounds of the protocol to complete their actions.
Attacker is still able to probabilistically perform a sandwich attack
Because the committing round is transparent, the adversary can see other traders’ commitments and commits several transactions before and after the commitments of honest traders. S/he can reveal only those transactions that are profitable.
Link: High-Frequency Trading on Decentralized On-chain Exchanges