Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

In the world of cryptocurrency, there are many bots who are attempting to make money on the eco-system. If a bot sees an arbitrage opportunity or a sandwich, it will see it and try to make money from it. However, as the space got more and more crowded, problems arose. In particular, to front-run you either collude with a miner or pay a higher gas fee. Since many bots exist and keep doing this, the price kept going up and up.

This behavior is bad because it was clogging up the network with a bunch of bad and failing transactions. Additionally, the gas price was skyrocketing because of the frontrunning attacks. A solution to this? Flashbots! This is a market place that connects block makers, bot operators (aka block builders) and others to only have a handful of these opportunities pop up. This makes less congestion on chain happen.

The service uses a first price sealed-bid auction in order to make sure only valid transactions are added (no more frontrunning the frontrunner). Each block builder will propose a price they are willing to pay; the highest bidder wins. On top of this, there is the new proposer user. This player can give the builders the proposed blocks for a price. With Flashbots, this is called MEV-Boost.

On April 3rd 2023, an issue with part of the MEV-Boost stack was found. MEV-Boost works through a commit and reveal scheme. This is so that builders cannot see the contents of the proposed block but can see how much value it would bring; if they could see the block, they would be able to use the knowledge immediately. This is done via a relayer.

This whole system relies on the relayer securely handling the proposed block. In particular, the builder will sign block headers. However, the relayer did NOT validate the block header for accuracy. If the block header was invalid, it would attempt to publish the block to the chain and get rejected. Regardless, the relayer would reveal the body to the proposer. Since the proposer had the block body, they could use the knowledge of the block ordering themselves to make a profit with sandwiches and arbitrage opportunities.

An additional issue was found after evaluating the security of this system. A malicious proposer with two slots in a row could ask a relay for a block too late in the slot. If this is done, the proposer would miss their slot but the block body would be sent over. With this knowledge, they are able to build the block with optimal settings with the second slot.

The attack steps are super interesting:

1. The attacker sends multiple transactions to the public mempool with large swaps and infinite slippage. This was a bait to the sandwich bots.
2. The bots pick up the mempool transactions with a profitable sandwich. The block is sent to a relayer.
3. The attacker requests a block header then gives a poorly signed block header for the previously constructed block.
4. The ultrasound relay attempts to publish this but has a bad block header. Prior to sending this, the full block is sent to the attacker.
5. The attacker constructs a block that drains the sandwich bots! This isn't elaborated on very much but it's assumed that they added in transactions around the sandwich bot to make their transactions lose money instead of gain money.

To fix this vulnerability, MEV-Boost relays no longer return the block body if the publishing fails. To fix the second problem (race condition), there is a cut off point of 3 seconds. Overall, an awesome and crazy view into the world of bots in cryptocurrency.